Re: xauth puzzle under Panther?
Re: xauth puzzle under Panther?
- Subject: Re: xauth puzzle under Panther?
- From: Rich Cook <email@hidden>
- Date: Thu, 26 Feb 2004 16:41:36 -0800
The only xterm display here that is going to the network is
198.168.1.100:0.0. :0.0 is a direct connection to your hardware,
/unix:0 is the same thing, and localhost:0.0 might also bypass the NIC,
I believe. So it makes sense that the last three always work.
The question: when you say it "does not work," what exactly happens?
You don't show any errors in your output. Do you get "connection
refused?" Also, can you find anything in the system.log files?
On Feb 26, 2004, at 4:10 PM, Sam Bayer wrote:
All -
I've read the various exhortations on this list to use xauth and ssh,
which work for me without a problem. However, I have encountered a
little puzzle regarding xauth which someone here may have some insight
into.
Let's say I shut down X11 and delete my .Xauthority file, and then
restart X11. A new .Xauthority file is generated. It contains hashes
for my local UNIX connection, for localhost, and for the IP address of
my computer (this is at home, where I'm using the 192.168 set of
intranet addresses, and I don't have a DNS server; at work, we have a
DNS server, and the hostname appears instead of the IP address, but
the same behavior occurs). It looks like this:
% xauth
Using authority file /Users/sam/.Xauthority
xauth> list
Sams-Computer.local/unix:0 MIT-MAGIC-COOKIE-1
1f177ca2630edfda3e2f7121f0a29c77
192.168.1.100:0 MIT-MAGIC-COOKIE-1 1f177ca2630edfda3e2f7121f0a29c77
localhost:0 MIT-MAGIC-COOKIE-1 1f177ca2630edfda3e2f7121f0a29c77
Note that all the hashes are identical. The odd thing is, not all of
those host names allow me to create an xterm. My DISPLAY is :0.0. The
following three work:
% xterm
% xterm -display Sams-Computer.local/unix:0
% xterm -display localhost:0.0
The following does not:
% xterm -display 192.168.1.100:0.0
Why? I'm just stumped. A correspondent on a different list pointed out
that if you temporarily turn on xhost access, generate a new key for
the IP address, and then turn xhost access off again, displaying to
the IP address works just fine, as follows:
% xhost +192.168.1.100
192.168.1.100 being added to access control list
% xauth
Using authority file /Users/sam/.Xauthority
xauth> generate 192.168.1.100:0 .
authorization id is 94
xauth> Writing authority file /Users/sam/.Xauthority
% xhost -192.168.1.100
192.168.1.100 being removed from access control list
% xterm -display 192.168.1.100:0.0
Is there a bug lurking in this overall behavior? Or is it something
important about X security I just don't get?
Thanks to all in advance -
Sam Bayer
_______________________________________________
x11-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/x11-users
Do not post admin requests to the list. They will be ignored.
--
Richard Cook
Lawrence Livermore National Laboratory
Bldg-451 Rm-2043, Mail Stop L-561
7000 East Avenue, Livermore, CA, 94550, USA
phone (925) 423-9605 (work) fax (925) 423-8704
---
Information Management & Graphics Grp., Services & Development Div.,
Integrated Computing & Communications Dept.
(opinions expressed herein are mine and not those of LLNL)
_______________________________________________
x11-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/x11-users
Do not post admin requests to the list. They will be ignored.