This is the mail archive of the cygwin-xfree@cygwin.com mailing list for the Cygwin XFree86 project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Kind regards, Alder
man Xsecurity
The following is theoretical since I have never used it but may serve you as a startig point.
the program xauth can be used to generate the authentication data
$ xauth add displayname:0.0 XDM-AUTHORIZATION-1 [key]
the 56bit random key can be generated this way:
$ dd if=/dev/random count=1 | md5sum | cut -b1-14
You must tell the xserver to use the authentication data
$ xauth -f /tmp/xauth.data add displayname:0.0 XDM-AUTHORIZATION-1 [key] $ XWin -auth /tmp/xauth.data [more options]
First of all, does Cygwin support this method?
strings XWin.exe revealed no string "XDM-AUTHORIZATION-1" but "MIT-MAGIC-COOKIE" so I guess the XDM-AUTHORIZATION is not compiled in-
If so, I guess the next thing I need to know is how and where the key is supposed to be stored on the system running Cygwin/XFree. FInally, what command-line parameters are available to pass the key value to the XDM?
man xdm
DisplayManager.keyFile XDM-AUTHENTICATION-1 style XDMCP authentication requires that a private key be shared between xdm and the terminal. This resource specifies the file containing those values. Each entry in the file consists of a display name and the shared key. By default, xdm does not include support for XDM- AUTHENTICATION-1, as it requires DES which is not generally distributable because of United States export restrictions.
DisplayManager.DISPLAY.authName authorize is a boolean resource which controls whether xdm generates and uses authorization for the local server connections. If authorization is used, authName is a list of authorization mecha nisms to use, separated by white space. XDMCP con nections dynamically specify which authorization mechanisms are supported, so authName is ignored in this case. When authorize is set for a display and authorization is not available, the user is informed by having a different message displayed in the login widget. By default, authorize is ``true.'' authName is ``MIT-MAGIC-COOKIE-1,'' or, if XDM-AUTHORIZATION-1 is available, ``XDM-AUTHORIZATION-1 MIT-MAGIC-COOKIE-1.''
HTH
ago
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |