home *** CD-ROM | disk | FTP | other *** search
-
-
-
- XAUTH(1) XAUTH(1)
-
-
- NNAAMMEE
- xauth - X authority file utility
-
- SSYYNNOOPPSSIISS
- xxaauutthh [ --ff _a_u_t_h_f_i_l_e ] [ --vvqqiibb ] [ _c_o_m_m_a_n_d _a_r_g _._._. ]
-
- DDEESSCCRRIIPPTTIIOONN
- The _x_a_u_t_h program is used to edit and display the autho-
- rization information used in connecting to the X server.
- This program is usually used to extract authorization
- records from one machine and merge them in on another (as
- is the case when using remote logins or granting access to
- other users). Commands (described below) may be entered
- interactively, on the _x_a_u_t_h command line, or in scripts.
- Note that this program does nnoott contact the X server.
- Normally _x_a_u_t_h is not used to create the authority file
- entry in the first place; _x_d_m does that.
-
- OOPPTTIIOONNSS
- The following options may be used with _x_a_u_t_h. They may be
- given individually (e.g., _-_q _-_i) or may combined (e.g.,
- _-_q_i).
-
- --ff _a_u_t_h_f_i_l_e
- This option specifies the name of the authority
- file to use. By default, _x_a_u_t_h will use the file
- specified by the XAUTHORITY environment variable
- or _._X_a_u_t_h_o_r_i_t_y in the user's home directory.
-
- --qq This option indicates that _x_a_u_t_h should operate
- quietly and not print unsolicited status messages.
- This is the default if an _x_a_u_t_h command is is
- given on the command line or if the standard out-
- put is not directed to a terminal.
-
- --vv This option indicates that _x_a_u_t_h should operate
- verbosely and print status messages indicating the
- results of various operations (e.g., how many
- records have been read in or written out). This
- is the default if _x_a_u_t_h is reading commands from
- its standard input and its standard output is
- directed to a terminal.
-
- --ii This option indicates that _x_a_u_t_h should ignore any
- authority file locks. Normally, _x_a_u_t_h will refuse
- to read or edit any authority files that have been
- locked by other programs (usually _x_d_m or another
- _x_a_u_t_h).
-
- --bb This option indicates that _x_a_u_t_h should attempt to
- break any authority file locks before proceeding.
- Use this option only to clean up stale locks.
-
-
-
-
-
- X Version 11 Release 6.1 1
-
-
-
-
-
- XAUTH(1) XAUTH(1)
-
-
- CCOOMMMMAANNDDSS
- The following commands may be used to manipulate authority
- files:
-
- aadddd _d_i_s_p_l_a_y_n_a_m_e _p_r_o_t_o_c_o_l_n_a_m_e _h_e_x_k_e_y
- An authorization entry for the indicated display
- using the given protocol and key data is added to
- the authorization file. The data is specified as
- an even-lengthed string of hexadecimal digits,
- each pair representing one octet. The first digit
- of each pair gives the most significant 4 bits of
- the octet, and the second digit of the pair gives
- the least significant 4 bits. For example, a 32
- character hexkey would represent a 128-bit value.
- A protocol name consisting of just a single period
- is treated as an abbreviation for _M_I_T_-_M_A_G_I_C_-
- _C_O_O_K_I_E_-_1.
-
- [[nn]]eexxttrraacctt _f_i_l_e_n_a_m_e _d_i_s_p_l_a_y_n_a_m_e_._._.
- Authorization entries for each of the specified
- displays are written to the indicated file. If
- the _n_e_x_t_r_a_c_t command is used, the entries are
- written in a numeric format suitable for non-
- binary transmission (such as secure electronic
- mail). The extracted entries can be read back in
- using the _m_e_r_g_e and _n_m_e_r_g_e commands. If the file-
- name consists of just a single dash, the entries
- will be written to the standard output.
-
- [[nn]]lliisstt [_d_i_s_p_l_a_y_n_a_m_e...]
- Authorization entries for each of the specified
- displays (or all if no displays are named) are
- printed on the standard output. If the _n_l_i_s_t com-
- mand is used, entries will be shown in the numeric
- format used by the _n_e_x_t_r_a_c_t command; otherwise,
- they are shown in a textual format. Key data is
- always displayed in the hexadecimal format given
- in the description of the _a_d_d command.
-
- [[nn]]mmeerrggee [_f_i_l_e_n_a_m_e...]
- Authorization entries are read from the specified
- files and are merged into the authorization
- database, superceding any matching existing
- entries. If the _n_m_e_r_g_e command is used, the
- numeric format given in the description of the
- _e_x_t_r_a_c_t command is used. If a filename consists
- of just a single dash, the standard input will be
- read if it hasn't been read before.
-
- rreemmoovvee _d_i_s_p_l_a_y_n_a_m_e...
- Authorization entries matching the specified dis-
- plays are removed from the authority file.
-
-
-
-
-
- X Version 11 Release 6.1 2
-
-
-
-
-
- XAUTH(1) XAUTH(1)
-
-
- ssoouurrccee _f_i_l_e_n_a_m_e
- The specified file is treated as a script contain-
- ing _x_a_u_t_h commands to execute. Blank lines and
- lines beginning with a sharp sign (#) are ignored.
- A single dash may be used to indicate the standard
- input, if it hasn't already been read.
-
- iinnffoo Information describing the authorization file,
- whether or not any changes have been made, and
- from where _x_a_u_t_h commands are being read is
- printed on the standard output.
-
- eexxiitt If any modifications have been made, the authority
- file is written out (if allowed), and the program
- exits. An end of file is treated as an implicit
- _e_x_i_t command.
-
- qquuiitt The program exits, ignoring any modifications.
- This may also be accomplished by pressing the
- interrupt character.
-
- hheellpp [[_s_t_r_i_n_g]]
- A description of all commands that begin with the
- given string (or all commands if no string is
- given) is printed on the standard output.
-
- ?? A short list of the valid commands is printed on
- the standard output.
-
- DDIISSPPLLAAYY NNAAMMEESS
- Display names for the _a_d_d, _[_n_]_e_x_t_r_a_c_t, _[_n_]_l_i_s_t, _[_n_]_m_e_r_g_e,
- and _r_e_m_o_v_e commands use the same format as the DISPLAY
- environment variable and the common _-_d_i_s_p_l_a_y command line
- argument. Display-specific information (such as the
- screen number) is unnecessary and will be ignored. Same-
- machine connections (such as local-host sockets, shared
- memory, and the Internet Protocol hostname _l_o_c_a_l_h_o_s_t) are
- referred to as _h_o_s_t_n_a_m_e/unix:_d_i_s_p_l_a_y_n_u_m_b_e_r so that local
- entries for different machines may be stored in one
- authority file.
-
- EEXXAAMMPPLLEE
- The most common use for _x_a_u_t_h is to extract the entry for
- the current display, copy it to another machine, and merge
- it into the user's authority file on the remote machine:
-
- % xauth extract - $DISPLAY | rsh otherhost xauth merge -
-
- EENNVVIIRROONNMMEENNTT
- This _x_a_u_t_h program uses the following environment vari-
- ables:
-
- XXAAUUTTHHOORRIITTYY
- to get the name of the authority file to use if
-
-
-
- X Version 11 Release 6.1 3
-
-
-
-
-
- XAUTH(1) XAUTH(1)
-
-
- the _-_f option isn't used.
-
- HHOOMMEE to get the user's home directory if XAUTHORITY
- isn't defined.
-
- FFIILLEESS
- _$_H_O_M_E_/_._X_a_u_t_h_o_r_i_t_y
- default authority file if XAUTHORITY isn't
- defined.
-
- BBUUGGSS
- Users that have unsecure networks should take care to use
- encrypted file transfer mechanisms to copy authorization
- entries between machines. Similarly, the _M_I_T_-_M_A_G_I_C_-
- _C_O_O_K_I_E_-_1 protocol is not very useful in unsecure environ-
- ments. Sites that are interested in additional security
- may need to use encrypted authorization mechanisms such as
- Kerberos.
-
- Spaces are currently not allowed in the protocol name.
- Quoting could be added for the truly perverse.
-
- AAUUTTHHOORR
- Jim Fulton, MIT X Consortium
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- X Version 11 Release 6.1 4
-
-
-