mkxauth(1x) Linux User’s Manual mkxauth(1x)
mkxauth - create and merge .Xauthority files
(1) mkxauth [ -q ] [ -u login ] -c [ host [ host ... ] ]
(2) mkxauth [ -q ] [ -u login ] -m login
(3) mkxauth [ -q ] [ -u login ] -f host
(4) mkxauth [ -q ] [ -u login ] -r host [ -l login ]
(5) mkxauth [ -q ] [ -u login ] -z host [ -l login ]
mkxauth aids in the creation and maintenance of X authentication
databases (.Xauthority files). Use it to create a ~/.Xauthority file
or merge keys from another local or remote .Xauthority file. Remote
.Xauthority files can be retrieved via FTP (using ncftp(1)) or via
rsh(1). For a slight measure of security, mkxauth does not create any
temporary files containing authentication keys (although anyone spying
on network packets can see the authentication key data as they pass
through the network; for secure network communications, use ssh(1)).
Creating and Adding to a .Xauthority File
To create a .Xauthority file, use mkxauth -c (see (1) above). mkxauth
creates a .Xauthority file in the user’s home directory (~/), contain-
ing a ‘key’ or ‘magic cookie’ for the host it was run on (the one
returned by hostname(1)). If a .Xauthority file already exists, the
keys are added to it. If keys for that host already exist, they are
To create or add to a .Xauthority file for another user, use mkxauth -u
login -c. mkxauth adds keys to ~login/.Xauthority (only the root user
is allowed to do this).
To add a key for more than one host, specify all hosts on the command
line: mkxauth -c daffy porky bugs. All hosts specified on the same
command line receive the same key. To create different keys for multi-
ple hosts, run mkxauth for each host in succession:
mkxauth -c daffy
mkxauth -c porky
mkxauth -c bugs
Merging Keys from Local .Xauthority Files
To merge keys from another local user’s .Xauthority file, use mkxauth
-m login (see (2) above). mkxauth adds the keys in ~login/.Xauthority
to ~/.Xauthority, replacing any keys which already exist. ~login/.Xau-
thority must be readable by the user running mkxauth (normally only the
root user can read other people’s .Xauthority files).
Merging Keys via FTP
To merge keys from a remote .Xauthority file via FTP, use mkxauth -f
host (see (3) above). mkxauth retrieves the remote .Xauthority from
host using ncftp(1) and adds those keys to ~/.Xauthority, replacing any
keys which already exist. [NOTE: you must have a ~/.netrc file set up
to automatically log you into host, otherwise the FTP login attempt
Merging Keys via rsh(1)
To merge keys from remote .Xauthority file via rsh(1), use mkxauth -r
host (see (4) above). mkxauth retrieves the remote .Xauthority from
host using rsh(1) and adds those keys to ~/.Xauthority, replacing any
keys which already exist. To login as a different user, use -l login.
[NOTE: you must have a .rhosts file set up properly for this to work,
otherwise the remote login attempt will fail].
Merging Keys via rsh(1) and gzip(1)
If your remote .Xauthority file is large, or to make it slightly less
obvious that you’re transferring authentication keys over the network,
mkxauth can gzip(1) your .Xauthority file before retrieving it via
rsh(1). To do this, use mkxauth -z host (see (5) above). mkxauth
retrieves the remote .Xauthority from host using rsh(1) and adds those
keys to ~/.Xauthority, replacing any keys which already exist. To
login as a different user, use -l login. [NOTE: you must have a
.rhosts file set up properly for this to work, otherwise the remote
login attempt will fail].
To make mkxauth operate quietly, use the -q option.
To add to ~login/.Xauthority, use the -u login option.
To use login for the remote login in mkxauth -f, mkxauth -r, and mkx-
auth -z, use the -l login option.
To get quick help about mkxauth, use mkxauth --help.
mkxauth is mostly useful for maintaining .Xauthority files in an envi-
ronment which uses startx(1x). xdm(1x) uses its own method of generat-
ing .Xauthority files. However, mkxauth is still useful for transfer-
ring .Xauthority information to remote login sessions so that the user
can display remote X clients on the local host without too much trou-
Note, however, that using rsh(1) is inherently insecure, and sites con-
cerned about security should use ssh(1) instead (see
http://www.cs.hut.fi/ssh/ for more information).
X(1x), Xsecurity(1x), gzip(1), mcookie(1), md5sum(1), ncftp(1), rsh(1),
startx(1x), xauth(1x), xdm(1x)
Does not respect the XAUTHORITY environment variable.
Conceived and written by Jim Knoble <email@example.com>. Copyright
1996 by Jim Knoble and Red Hat Software. Distributed under the GNU GPL
(General Public License); see ftp://prep.ai.mit.edu/pub/gnu/COPYING for
Red Hat Software 12-Dec-1996 mkxauth(1x)
Man(1) output converted with