This is the mail archive of the
cygwin-xfree@cygwin.com
mailing list for the Cygwin XFree86 project.
Re: startx and ssh
- From: "Dr.D.J.Picton" <dave at aps5 dot ph dot bham dot ac dot uk>
- To: cygwin-xfree at cygwin dot com, rouilj at ieee dot org
- Date: Sat, 16 Aug 2003 10:23:09 +0100 (BST)
- Subject: Re: startx and ssh
- Reply-to: cygwin-xfree at cygwin dot com
- Reply-to: "Dr.D.J.Picton" <dave at aps5 dot ph dot bham dot ac dot uk>
> Mail-Followup-To: cygwin-xfree@cygwin.com
> Delivered-To: mailing list cygwin-xfree@cygwin.com
> To: cygwin-xfree@cygwin.com
> Subject: Re: startx and ssh
> Date: Sat, 16 Aug 2003 03:39:02 -0400
> From: "John P. Rouillard" <rouilj@cs.umb.edu>
> x-scan-bham: no
> Even better, don't leave the X server wide open for everybody to screw
> with.
I'm puzzled by this assertion. The default is to allow access only from the
local machine, and in my view this is secure enough for most people!
The XFree-86 server includes the security extension (see
> xdpyinfo) so you should be able to generate a proper X authentication
> token for the display. Something like:
>
> xauth generate :0 .
>
> or
>
> xauth add $DISPLAY . `mcookie`
>
> added to the top of your ~/.xinitrc should do the trick.
I would like to add a note of caution here. For some reason, Magic Cookie
authorization only works for truly local connections i.e. :0, but the
server throws up a 'Protocol Not Specified' error for network displays,
e.g. 127.0.0.1:0. If you set up the server with Magic Cookie authorization
as the only means of access, you will have to make sure that DISPLAY is set
to :0, and change any scripts which specify -display 127.0.0.1:0.
>
> -- rouilj
> John Rouillard
> ===========================================================================
> My employers don't acknowledge my existence much less my opinions.