>>>>> "Jon" == Jon Peatfield <J.S.Peatfield@amtp.cam.ac.uk> writes: Jon> Ident is not supposed to be used for authentication I hear Jon> people shout. However, X connections should really only be Jon> made from machines you trust as otherwise anyone with root Jon> access can steal the cookie or pretend to be that user anyway. Jon> I.e. using Ident for this is no worse than admitting that you Jon> must trust the remote host is ok anyway. Right; and it's also no better. But it _is_ more complicated. The magic cookie mechanism is pretty good; if it would allow mutiple cookies access to the server, or krb5 authentication, we'd have all the machanism we needed, fairly simply. -Rens