On Thu, 15 Feb 2007, Darren Tucker wrote:
> Marc Aurele La France wrote:
>> On Wed, 14 Feb 2007, Darren Tucker wrote:
>>> The wrinkle is that some xlibs (or xauths?) do special things with the
>>> string "localhost", eg map it to a Unix domain socket.
>> This isn't so, except perhaps for some proprietary X implementations. In
>> fact, display names of "localhost:<n>", instead of ":<n>" force the use of
>> TCP/IP. This is so for both XFree86 and X.Org.
> That's interesting, because it means there's something going on here
> that I don't understand.
> When X11UseLocalhost=yes, sshd adds a unix: cookie and sets DISPLAY to
> "localhost:n.0"
> So for example, on OpenBSD-current, when I logged in sshd ran this:
> xauth add unix:10.0 MIT-MAGIC-COOKIE-1 f270ce6e3b353e5ad8070b4ecab4c604
> and after I logged in I see this:
> $ echo $DISPLAY
> localhost:10.0
> $ xauth list
> quoll.dtucker.net/unix:10 MIT-MAGIC-COOKIE-1
> f270ce6e3b353e5ad8070b4ecab4c604
> So when I run "xterm" how does it find the right cookie given that
> $DISPLAY and the xauth data are not identical?
xauth data is used to authenticate with the server, and, as such, how the
connection with that server is made is irrelevant. Thus, the `xauth add`
told the server at localhost:10.0 to add an authorisation for unix:10.0,
which that server knows is itself.
Marc.
+----------------------------------+----------------------------------+
| Marc Aurele La France | work: 1-780-492-9310 |
| Academic Information and | fax: 1-780-492-1729 |
| Communications Technologies | email: tsi@ualberta.ca |
| 352 General Services Building +----------------------------------+
| University of Alberta | |
| Edmonton, Alberta | Standard disclaimers apply |
| T6G 2H1 | |
| CANADA | |
+----------------------------------+----------------------------------+
XFree86 developer and VP. ATI driver and X server internals.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
|