Name: ~parafin/linux/copy_xauth
Summary: copies X authority information using ssh
Author: parafin
Created: Tue, 18 Aug 2009 17:37:25 GMT
Last update: Wed, 19 Aug 2009 17:59:31 GMT by parafin
Atom feed
Modify access level: moderator


Purpose of this script is to make use of network nature of X Window System. While you can use x11-apps/xhost to grant full access from remote host to your screen, it's not really a good idea because of security implications. Also there is X forwarding feature in ssh (ssh -X), but due to encryption it's slower than bare X over network. So this variant is compromise between security and speed. Usage of this script is simple - if you ssh into remote host like this: ssh username@remotehost, then run ./copy_xauth username@remotehost. Then you can simply run any X program on remote host and window will appear on your local screen (of course if firewall doesn't intervene).


  • x11-apps/xauth

You have to add these lines to ~/.bashrc on remote host:

[[ -z $XAUTHORITY ]] && export XAUTHORITY=~/.Xauthority
#change local to the hostname of system with X server running
[[ -z $DISPLAY ]] && export DISPLAY=local:0

Also check if X server is running with -nolisten option (ps ax|grep X|grep nolisten). If it is, you'll have to remove it, how to do it depends on how do you start your X server. If you use login manager like x11-apps/xdm, kde-base/kdm, gnome-base/gdm or x11-misc/slim, then there should be parameter with options for X server in it's config. For example in case of x11-misc/slim it's xserver_arguments parameter in /etc/slim.conf. Otherwise, if you use startx or xinit, you should create file /etc/X11/xinit/xserverrc or ~/.xserverrc with following content:

exec X -br "$@"

And finally this script assumes, that DNS configuration on local host is correct. Meaning that hostname --fqdn returns resolvable on remote host name.

Code listing


ssh $1 xauth add $(xauth list|sed 's|/unix|.$(dnsdomainname)|')