Re: X connections refused between hosts (foo/unix:0 syntax)

To: David Wright <D.Wright@open.ac.uk>
Cc: debian-user@lists.debian.org
Subject: Re: X connections refused between hosts (foo/unix:0 syntax)
From: "Jens B. Jorgensen" <jjorgens@bdsinc.com>
Date: Thu, 18 Sep 1997 11:46:48 -0500
Message-id: <[🔎] 34215AF8.4EDF@bdsinc.com>
Reply-to: jjorgens@bdsinc.com
References: <[🔎] Pine.SOL.3.91.970918163058.21039B-100000@tyne.open.ac.uk>

David Wright wrote:
> 
> On Thu, 18 Sep 1997, George Bonser wrote:
> >
> > On 18-Sep-97 David Wright wrote:
> > >I've obviously missed something in the explanations of .Xauthority files
> > >and MIT cookies. I have two Debian 1.3 machines, foo and bar with
> > >essentially identical configurations, with few changes from how things
> > >install themselves. I start X as user myself on foo. Typing xauth list
> > >says foo/unix:0  MIT...1  a0b1... and so does xauth list :0 and xauth list
> > >unix:0 and xauth foo/unix:0 but not xauth foo:0 which says nothing.
> >
> > Assuming foo is your local machine, what happens if you do xhost +bar then
> > telnet to bar, export DISPLAY=foo:0.0 and then run an X program on bar?
> 
> Host-based access works fine, but I wanted to avoid that because the X
> display should not be accessible to some users of foo, let alone those on
> bar.
> 
> Looking at the books on this subject, e.g. Lui and Pearce page 79, Garfinkel
> and Spafford page 527, I see examples like this:
> 
> foo% xauth extract - $DISPLAY | rsh bar xauth merge -
> 
> All this does is to stick the foo/unix:0  MIT...1  a0b1... line into
> .Xauthority on bar. What I think I need is a command which massages
>     foo/unix:0  MIT...1  a0b1...
> into
>     foo:0  MIT...1  a0b1...
> so I can merge that into .Xauthority on bar.

Here's another problem. You aren't extracting the correct entry.
In addition to my message before, you need to specify the TCP/IP
entry to extract. You should say:

xauth extract - <fully qualified domain name>:0 | rsh bar auth merge -

> Is that what I should be doing? Is that what everyone else does? I can't
> help thinking I've missed something if none of the books/documentation
> mentions this wrinkle.

There's just no clean way to do it! Somebody should have added this
functionality to xon long ago.
 
> Copying .Xauthority from a user's home directory to /root so that you can
> start clients after suing to root must be a FAQ - it's even been asked on
> this list in the past week. Surely some of these people must hit my
> problem as soon as they run remote clients, or I've done something wrong?

As root, no need to copy. Just do 'export XAUTHORITY=~$USER/.Xauthority'.
Since root can read the file, you'll be ok. 

-- 
Jens B. Jorgensen
jjorgens@bdsinc.com


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- RE: X connections refused between hosts (foo/unix:0 syntax)
  - From: David Wright <D.Wright@open.ac.uk>

Prev by Date: Where is resolv.conf?
Next by Date: Re: Incoming PPP question - subnetting
Previous by thread: RE: X connections refused between hosts (foo/unix:0 syntax)
Next by thread: control-panel
Index(es):
- Date
- Thread