This is the mail archive of the cygwin-xfree@cygwin.com mailing list for the Cygwin XFree86 project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Question about remote X authorizations

From: Alexander Gottwald <alexander dot gottwald at s1999 dot tu-chemnitz dot de>
To: cygwin-xfree at cygwin dot com
Date: Thu, 24 Mar 2005 13:30:00 +0100 (MET)
Subject: Re: Question about remote X authorizations
References: <1111663869.4242a4fd3549b@mail.s44.at>
Reply-to: cygwin-xfree at cygwin dot com

On Thu, 24 Mar 2005, Marcus Frischherz wrote:

> well... I tried this as well, if I am correct, I have to do this on serverA? It
> had no effect. However, I am confused about the whole X11 authorization
> concept.  I am not sure whether the problem lies within the client or serverB
> or serverA. Anyway, on the cygwin shell (I start xwin from a local cygwin
> shell) I cannot do a xhost, I am told, that unable to open display "", and when
> I set the DISPLAY variable to client:0.0 the error message becomes: 
> AUDIT: client rejected from (local IP address)
> Xlib: connection to client:0.0 refused by server
> Xlib: No protocol specified

This is the actual authorization error. 

You have most likely started an XDMCP session with -query. This sets a kind of 
access password called cookie. This password is only known to XWin and the 
xsession on serverA. The clients on windows do not know this password and are
therefore rejected.

If you want to start x11 programs on other hosts than serverA (eg serverB and 
event the windows host) you have to set the password on these hosts:

serverA $ xauth list
client:0  MIT-MAGIC-COOKIE-1  3413185661096326671c706b2b53743f

serverB $ xauth add client:0  MIT-MAGIC-COOKIE-1  3413185661096326671c706b2b53743f

You may disable the whole access control for specific hosts with "xhost hostname"
or disable it at all with "xhost +". Specifying hosts in /etc/X0.hosts will disable
access control for these hosts on client startup. I have localhost in /etc/X0.hosts
so I can connect with local clients even to a XDCMP session. 

more information is available with man Xsecurity

About the problem with serverB: If you start "DISPLAY=client:0.0 xterm" and it does
not print the "Xlib: connection to client:0.0 refused by server" then there is a
general problem with network routing or name resolution. You might also try 

serverB $ DISPLAY=client_ip:0.0 xterm

This will at least rule out problems with wrongly assigned ip adresses and host names.

bye
	ago
-- 
 Alexander.Gottwald@s1999.tu-chemnitz.de 
 http://www.gotti.org           ICQ: 126018723

Follow-Ups:
- Re: Question about remote X authorizations
  - From: Marcus Frischherz

References:
- Re: Question about remote X authorizations
  - From: Marcus Frischherz

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]