xauth puzzle under Panther?
xauth puzzle under Panther?
- Subject: xauth puzzle under Panther?
- From: Sam Bayer <email@hidden>
- Date: Thu, 26 Feb 2004 19:10:11 -0500
All -
I've read the various exhortations on this list to use xauth and ssh,
which work for me without a problem. However, I have encountered a
little puzzle regarding xauth which someone here may have some
insight into.
Let's say I shut down X11 and delete my .Xauthority file, and then
restart X11. A new .Xauthority file is generated. It contains hashes
for my local UNIX connection, for localhost, and for the IP address
of my computer (this is at home, where I'm using the 192.168 set of
intranet addresses, and I don't have a DNS server; at work, we have a
DNS server, and the hostname appears instead of the IP address, but
the same behavior occurs). It looks like this:
% xauth
Using authority file /Users/sam/.Xauthority
xauth> list
Sams-Computer.local/unix:0 MIT-MAGIC-COOKIE-1
1f177ca2630edfda3e2f7121f0a29c77
192.168.1.100:0 MIT-MAGIC-COOKIE-1 1f177ca2630edfda3e2f7121f0a29c77
localhost:0 MIT-MAGIC-COOKIE-1 1f177ca2630edfda3e2f7121f0a29c77
Note that all the hashes are identical. The odd thing is, not all of
those host names allow me to create an xterm. My DISPLAY is :0.0. The
following three work:
% xterm
% xterm -display Sams-Computer.local/unix:0
% xterm -display localhost:0.0
The following does not:
% xterm -display 192.168.1.100:0.0
Why? I'm just stumped. A correspondent on a different list pointed
out that if you temporarily turn on xhost access, generate a new key
for the IP address, and then turn xhost access off again, displaying
to the IP address works just fine, as follows:
% xhost +192.168.1.100
192.168.1.100 being added to access control list
% xauth
Using authority file /Users/sam/.Xauthority
xauth> generate 192.168.1.100:0 .
authorization id is 94
xauth> Writing authority file /Users/sam/.Xauthority
% xhost -192.168.1.100
192.168.1.100 being removed from access control list
% xterm -display 192.168.1.100:0.0
Is there a bug lurking in this overall behavior? Or is it something
important about X security I just don't get?
Thanks to all in advance -
Sam Bayer
_______________________________________________
x11-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/x11-users
Do not post admin requests to the list. They will be ignored.