This is the mail archive of the cygwin-xfree@cygwin.com mailing list for the Cygwin XFree86 project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Cygwin and XDM-AUTHENTICATION-1

From: Alexander Gottwald <alexander dot gottwald at s1999 dot tu-chemnitz dot de>
To: cygwin-xfree at cygwin dot com
Date: Wed, 10 Dec 2003 08:35:14 +0100 (MET)
Subject: Re: Cygwin and XDM-AUTHENTICATION-1
References: <3FD63179.1030009@victoria.tc.ca>
Reply-to: cygwin-xfree at cygwin dot com

On Tue, 9 Dec 2003, Terrence Branscombe wrote:

> Hi,
> 
> I'm brand new to Cygwin (and X in general) and would appreciate some 
> help understanding how to set up authentication with 
> XDM-AUTHENTICATION-1.  I'm running the latest Cygwin/XFree86 release and 
> connecting to an HP AlphaServer running OpenVMS.  The XDM for OpenVMS 
> supports the XDM-AUTHENTICATION-1 method, but the docs fail to mention 
> anything about how the keys are generated.  Does the sysadmin simply 
> make up some numbers, or is there a tool for generating a specific key 
> format?

man Xsecurity

The following is theoretical since I have never used it but may serve you 
as a startig point.

the program xauth can be used to generate the authentication data

$ xauth add displayname:0.0 XDM-AUTHORIZATION-1 [key]

the 56bit random key can be generated this way:

$ dd if=/dev/random count=1 | md5sum | cut -b1-14

You must tell the xserver to use the authentication data

$ xauth -f /tmp/xauth.data add displayname:0.0 XDM-AUTHORIZATION-1 [key]
$ XWin -auth /tmp/xauth.data [more options]

> First of all, does Cygwin support this method?  

strings XWin.exe revealed no string "XDM-AUTHORIZATION-1" but "MIT-MAGIC-COOKIE"
so I guess the XDM-AUTHORIZATION is not compiled in-

> If so, I guess the next 
> thing I need to know is how and where the key is supposed to be stored 
> on the system running Cygwin/XFree.  FInally, what command-line 
> parameters are available to pass the key value to the XDM?

man xdm

      DisplayManager.keyFile
              XDM-AUTHENTICATION-1  style  XDMCP   authentication
              requires  that  a private key be shared between xdm
              and the terminal.  This resource specifies the file
              containing  those  values.   Each entry in the file
              consists of a display name and the shared key.   By
              default,  xdm  does  not  include  support for XDM-
              AUTHENTICATION-1, as it requires DES which  is  not
              generally  distributable  because  of United States
              export restrictions.

       DisplayManager.DISPLAY.authName
              authorize  is  a  boolean  resource  which controls
              whether xdm generates and  uses  authorization  for
              the  local server connections.  If authorization is
              used, authName is a list  of  authorization  mecha
              nisms to use, separated by white space.  XDMCP con
              nections dynamically  specify  which  authorization
              mechanisms are supported, so authName is ignored in
              this case.  When authorize is set for a display and
              authorization   is   not  available,  the  user  is
              informed by having a different message displayed in
              the   login   widget.   By  default,  authorize  is
              ``true.''  authName is ``MIT-MAGIC-COOKIE-1,''  or,
              if      XDM-AUTHORIZATION-1      is      available,
              ``XDM-AUTHORIZATION-1 MIT-MAGIC-COOKIE-1.''

HTH
	ago
-- 
 Alexander.Gottwald@s1999.tu-chemnitz.de 
 http://www.gotti.org           ICQ: 126018723

Follow-Ups:
- Re: **Fwd: Re: Cygwin and XDM-AUTHENTICATION-1
  - From: Terrence Branscombe

References:
- Cygwin and XDM-AUTHENTICATION-1
  - From: Terrence Branscombe

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]