Problem using xauth

09/10/2008 - 21:23 von Wolfgang Meiners | Report spam
Hi there,

i think i basically understand the principle of MIT-Magic-Cookie, but i
have got one problem with xauth. What i did is the following: I have two
boxes A (OS X 10.4.11) and B (ubuntu 8.04)

A:~$ ssh -CX B
B:~$ xauth -f test generate $DISPLAY . trusted
xauth: creating new authority file test
xauth: (argv):1: couldn't query Security extension on display
"localhost:10.0"
ls test
ls: cannot access test: No such file or directory
B:~$

The first time I did this, there was no errormessage and a file test was
generated by xauth. With this file I could do


B:~$ chmod a+r test
B:~$ su other_user
other_user@B:~ XAUTHORITY=/home/user/test xeyes

This gave me xeyes on the screen of A as expected. There are two questions:
1. what is the reason for the xauth errormessage and how can i prevent this?
2. what is the recommended way to run programs like above?

Thank you for any information

Wolfgang
 

Lesen sie die antworten

#1 Wolfgang Meiners
10/10/2008 - 12:18 | Warnen spam
Ok. I found the way it works.

Wolfgang Meiners schrieb:
Hi there,

i think i basically understand the principle of MIT-Magic-Cookie, but i
have got one problem with xauth. What i did is the following: I have two
boxes A (OS X 10.4.11) and B (ubuntu 8.04)

A:~$ ssh -CX B
B:~$ xauth -f test generate $DISPLAY . trusted



I think, this can not work.

xauth: creating new authority file test
xauth: (argv):1: couldn't query Security extension on display
"localhost:10.0"
ls test
ls: cannot access test: No such file or directory
B:~$



And, as we see, it does not work.


The first time I did this, there was no errormessage and a file test was
generated by xauth. With this file I could do




I dont know, what i did the first time. But somehow i duplicated the
MIT-Magic-Cookie in .Xauthority.


B:~$ chmod a+r test
B:~$ su other_user
:~ XAUTHORITY=/home/user/test xeyes

This gave me xeyes on the screen of A as expected. There are two questions:
1. what is the reason for the xauth errormessage and how can i prevent this?
2. what is the recommended way to run programs like above?

Thank you for any information

Wolfgang



The way it really works, is as following:
pbook is A, ubuntu is B, wolfgang ist user at A and B, adminloc is
other_user at B.

pbook:~ wolfgang$ ssh -CX ubuntu
Last login: Fri Oct 10 11:43:52 2008 from pbook.lan
:~$ xauth list
ubuntu/unix:10 MIT-MAGIC-COOKIE-1 ea24d67061b61d34c96f42a40967d3e3
#So there is no MIT-MAGIC-COOKIE-1 related to $DISPLAY, which is
#localhost:10.0
:~$ xauth extract test ubuntu/unix:10
:~$ xauth -f test list
ubuntu/unix:10 MIT-MAGIC-COOKIE-1 ea24d67061b61d34c96f42a40967d3e3
#So the MIT-MAGIC-COOKIE-1 has been extracted to test
:~$ chmod a+r test
#Now, all users can access /home/wolfgang/test
:~$ su adminloc
Password:
:/home/wolfgang$ xeyes &
#This cant work because there is no matching Cookie in
#/home/adminloc/.Xauthority
[1] 6213
:/home/wolfgang$ X11 connection rejected because of wrong
authentication.
Error: Can't open display: localhost:10.0
#and, as we see, it does not work
XAUTHORITY=/home/wolfgang/test xeyes &
#This does work as expected
[2] 6214
[1] Exit 1 xeyes
:/home/wolfgang$ exit
exit
:~$ exit
logout
Connection to ubuntu closed.
pbook:~ wolfgang$

ok. So far it works. But there are remaining questions:

1.: Why is $DISPLAY=localhost:10.0 but there is no matching
MIT-MAGIC-COOKIE in .Xauthrity?

2.: Can there be two (or more) different MIT-MAGIC-COOKIES for one Display?

3.: What is the recommended way for sharing MIT-MAGIC-COOKIES?

Thank you for information
Wolfgang

Ähnliche fragen