OpenSSH 3.4p1 and XAUTHORITY handling

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hello newsgroup participants,

I have following situation:
OpenSSH 3.4p1 running on SunOS 5.8 and in this version
OpenSSH writes cookies directly to .Xauthority. This is fine.
The problem is what does it writes there, though.  It writes
only cookies of the form <hostname>/unix:<number> MIT-MAGIC-COOKIE-1 <number>,
so X server listens on unix domain socket and with this it is only locally
available, so it is of little use for remote applications trying to access
the host.
My question:
1) How can I adjust settings of OpenSSH so that cookies for remote
   coonections to the host are also written to the .Xauthority file, i.e.
   of the form <hostname>:D.S and X server respectively also listens on
   TCP port?

With Best Regards
Ariel Burbaickij

Re: OpenSSH 3.4p1 and XAUTHORITY handling writes:

Quoted text here. Click to load it

X11UseLocalhost yes

(goes in sshd_config)

Re: OpenSSH 3.4p1 and XAUTHORITY handling

Quoted text here. Click to load it

I think some xauths will translate "localhost:port" cookies into the Unix
domain cookies you describe.

Quoted text here. Click to load it

Try "X11UseLocalhost no" in sshd_config.  Note that sshd's fake $DISPLAY
*always* listens on a TCP port (either a wildcard bind or loopback only,
depending on the X11UseLocalhost setting) not a Unix domain socket
(try lsof'ing sshd some time), it's just that xauth mangles the cookies.

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Site Timeline