Date: Wed, 03 Jan 2001 21:50:59 +0100 From: Christoph Sold <christoph.sold@server.i-clue.de> To: Ernst de Haan <ernst@jollem.com> Cc: FreeBSD Questions mailing list <freebsd-questions@FreeBSD.ORG> Subject: Re: Invalid MIT-MAGIC-COOKIE-1 key Message-ID: <3A5390B3.B531EC19@i-clue.de> References: <20010103115713.A1027@c187104187.telekabel.chello.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
Ernst de Haan schrieb:
>
> I have started X as a normal user. I opened a terminal window, and executed:
>
> bash-2.04$ su -
> Password:
> # bash
> bash-2.04# export DISPLAY=0:0
> bash-2.04# xterm &
> bash-2.04# Xlib: connection to "0:0.0" refused by server
> Xlib: Invalid MIT-MAGIC-COOKIE-1 key
> Warning: This program is an suid-root program or is being run by the root
> user.
> The full text of the error or warning message cannot be safely formatted
> in this environment. You may get a more descriptive message by running the
> program as a non-root user or by removing the suid bit on the executable.
> xterm Xt error: Can't open display: %s
>
> [1]+ Exit 1 xterm
>
> What's a MIT-MAGIC-COOKIE-1 key, and why do I have an invalid one? I guess
> this has something to do with PAM ?
>
> Any pointers to documentation would be greatly appreciated.
No pointers, the whole (short) story follows.
Your X server accepts per default only connections from its own machine
and user. You may either do
1) Display your xauth line on your standard account:
bash-2.04$ xauth list
automatix.here.org/unix.0 MIT-MAGIC-COOKIE-1
SoMeGRblEdaNdCryptICString1234567890
2) su to another user:
bash-2.04& su -
Password:
# exec bash
3) Store the auth string of your first session into roots auth file:
- copy the auth line from 1) above
- type xauth add (do NOT type return here!)
- paste the auth line, NOW type return
(Note: That's one line below, mail cuts it into pieces)
bash-2.04# xauth add automatix.here.org/unix.0 MIT-MAGIC-COOKIE-1
SoMeGRblEdaNdCryptICString1234567890
4) Set your DISPLAY variable:
bash-2.04# export DISPLAY=localhost:0.0
5) Use X apps as usual:
bash-2.04# xterm &
That's the secure way to do it. Alternatively,
1) Disable access control completely:
bash-2.04$ xhost +
WARNING: This allows ANYONE to connect to your machine from ANY
place. This includes crackers, WaReZ DooDz, and other evildoers. You
have been warned.
2) su to another user:
bash-2.04& su -
Password:
# exec bash
3) Set your DISPLAY variable:
bash-2.04# export DISPLAY=localhost:0.0
4) Use X apps as usual:
bash-2.04# xterm &
WARNING: The second method is UNSAFE.
HTH
-Christoph Sold
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A5390B3.B531EC19>