# Some options in OpenSSH have different default values from those in SunSSH.

# To make the transition smoother from SunSSH to OpenSSH, we change default

# values for the following options to be as same as those in SunSSH.

# 

#   GSSAPIAuthentication (for both server and client)

#   X11Forwarding        (for server)

#   ForwardX11Trusted    (for client)

#

# This is for Solaris only, we will not contribute back these changes to the

# upstream.

+++ new/readconf.c	Tue Sep  9 17:33:50 2014

@@ -1575,7 +1575,11 @@

 	if (options->forward_x11 == -1)

 		options->forward_x11 = 0;

 	if (options->forward_x11_trusted == -1)

+#ifdef OPTION_DEFAULT_VALUE

+		options->forward_x11_trusted = 1;

+#else

 		options->forward_x11_trusted = 0;

+#endif

 	if (options->forward_x11_timeout == -1)

 		options->forward_x11_timeout = 1200;

 	if (options->exit_on_forward_failure == -1)

@@ -1593,7 +1597,11 @@

+++ new/servconf.c	Tue Sep  9 17:36:32 2014

@@ -208,7 +208,11 @@

 	if (options->print_lastlog == -1)

 		options->print_lastlog = 1;

 	if (options->x11_forwarding == -1)

+#ifdef OPTION_DEFAULT_VALUE

+		options->x11_forwarding = 1;

+#else

 		options->x11_forwarding = 0;

+#endif

 	if (options->x11_display_offset == -1)

 		options->x11_display_offset = 10;

 	if (options->x11_use_localhost == -1)

@@ -244,7 +248,11 @@

+++ new/ssh_config.5	Tue Sep  9 17:48:39 2014

@@ -643,8 +643,8 @@

 token used for the session will be set to expire after 20 minutes.

 Remote clients will be refused access after this time.

 .Pp

-The default is

-.Dq no .

+The default on Solaris is

+.Dq yes .

 .Pp

 See the X11 SECURITY extension specification for full details on

 the restrictions imposed on untrusted clients.

+++ new/sshd_config.5	Tue Sep  9 17:49:58 2014

@@ -1239,8 +1239,8 @@

 .Dq yes

 or

 .Dq no .

-The default is

-.Dq no .

+The default on Solaris is

+.Dq yes .

 .Pp

 When X11 forwarding is enabled, there may be additional exposure to

 the server and to client displays if the