mkxauth(1x) Linux User's Manual mkxauth(1x)
mkxauth - create and merge .Xauthority files
SYNOPSIS(1) mkxauth [ -q ] [ -u login ] -c [ host [ host ... ] ]
(2) mkxauth [ -q ] [ -u login ] -m login(3) mkxauth [ -q ] [ -u login ] -f host(4) mkxauth [ -q ] [ -u login ] -r host [ -l login ]
(5) mkxauth [ -q ] [ -u login ] -z host [ -l login ]
mkxauth aids in the creation and maintenance of X authentication databases (.Xauthority
files). Use it to create a ~/.Xauthority file or merge keys from another local or remote
.Xauthority file. Remote .Xauthority files can be retrieved via FTP (using ncftp(1)) or
via rsh(1). For a slight measure of security, mkxauth does not create any temporary files
containing authentication keys (although anyone spying on network packets can see the
authentication key data as they pass through the network; for secure network communica-
tions, use ssh(1)).
Creating and Adding to a .Xauthority File
To create a .Xauthority file, use mkxauth -c (see(1) above). mkxauth creates a .Xauthor-
ity file in the user's home directory (~/), containing a `key' or `magic cookie' for the
host it was run on (the one returned by hostname(1)). If a .Xauthority file already
exists, the keys are added to it. If keys for that host already exist, they are replaced.
To create or add to a .Xauthority file for another user, use mkxauth -u login -c. mkxauth
adds keys to ~login/.Xauthority (only the root user is allowed to do this).
To add a key for more than one host, specify all hosts on the command line: mkxauth -c
daffy porky bugs. All hosts specified on the same command line receive the same key. To
create different keys for multiple hosts, run mkxauth for each host in succession:
mkxauth -c daffy
mkxauth -c porky
mkxauth -c bugs
Merging Keys from Local .Xauthority Files
To merge keys from another local user's .Xauthority file, use mkxauth -m login (see(2)
above). mkxauth adds the keys in ~login/.Xauthority to ~/.Xauthority, replacing any keys
which already exist. ~login/.Xauthority must be readable by the user running mkxauth
(normally only the root user can read other people's .Xauthority files).
Merging Keys via FTP
To merge keys from a remote .Xauthority file via FTP, use mkxauth -f host (see(3) above).
mkxauth retrieves the remote .Xauthority from host using ncftp(1) and adds those keys to
~/.Xauthority, replacing any keys which already exist. [NOTE: you must have a ~/.netrc
file set up to automatically log you into host, otherwise the FTP login attempt will
Merging Keys via rsh(1)
To merge keys from remote .Xauthority file via rsh(1), use mkxauth -r host (see(4)
above). mkxauth retrieves the remote .Xauthority from host using rsh(1) and adds those
keys to ~/.Xauthority, replacing any keys which already exist. To login as a different
user, use -l login. [NOTE: you must have a .rhosts file set up properly for this to work,
otherwise the remote login attempt will fail].
Merging Keys via rsh(1) and gzip(1)
If your remote .Xauthority file is large, or to make it slightly less obvious that you're
transferring authentication keys over the network, mkxauth can gzip(1) your .Xauthority
file before retrieving it via rsh(1). To do this, use mkxauth -z host (see(5) above).
mkxauth retrieves the remote .Xauthority from host using rsh(1) and adds those keys to
~/.Xauthority, replacing any keys which already exist. To login as a different user, use
-l login. [NOTE: you must have a .rhosts file set up properly for this to work, otherwise
the remote login attempt will fail].
To make mkxauth operate quietly, use the -q option.
To add to ~login/.Xauthority, use the -u login option.
To use login for the remote login in mkxauth -f, mkxauth -r, and mkxauth -z, use the -l
To get quick help about mkxauth, use mkxauth --help.
mkxauth is mostly useful for maintaining .Xauthority files in an environment which uses
startx(1x). xdm(1x) uses its own method of generating .Xauthority files. However, mkx-
auth is still useful for transferring .Xauthority information to remote login sessions so
that the user can display remote X clients on the local host without too much trouble.
Note, however, that using rsh(1) is inherently insecure, and sites concerned about secu-
rity should use ssh(1) instead (see http://www.cs.hut.fi/ssh/ for more information).
X(1x), Xsecurity(1x), gzip(1), mcookie(1), md5sum(1), ncftp(1), rsh(1), startx(1x),
Does not respect the XAUTHORITY environment variable.
Conceived and written by Jim Knoble <firstname.lastname@example.org>. Copyright 1996 by Jim Knoble
and Red Hat Software. Distributed under the GNU GPL (General Public License); see
ftp://prep.ai.mit.edu/pub/gnu/COPYING for more information.
Red Hat Software 12-Dec-1996 mkxauth(1x)