running Xvnc without xauth

Charles Hines chuck_hines "at" VNET.IBM.COM
Fri, 03 Apr 1998 15:38:01 +0000 

>>>>> "Karl" == Karl Hakimian <hakimian "at" aha.com> writes:

Karl> On Thu, Apr 02, 1998 at 05:12:22PM -0500, Charles Hines wrote:
>> Does anyone know if it's possible to run the Xvnc server without using
>> xauth?  Sometimes I'd like to use simple xhost style access (actually,
>> I'd rather just disable it entirely sometimes).

Karl> Put
Karl> xhost +
Karl> in your ~/.vnc/xstartup file.

Karl> Or if you want to be a bit safer

Karl> xhost +localhost

Perhaps I should have mentioned that I tried doing several variations
of this before I sent that question, but it seemed to have no effect.
Specifically, I get:

  access control disabled, clients can connect from any host
  1346-217 xhost:  must be on local machine to enable or disable access control

and another call to xhost to check the status reveals no effect:

  access control enabled, only authorized clients can connect

So, I tried another tactic:

Removing all of the xauth related items in the vncserver script (the
call to xauth and the -auth parameter to Xvnc) produces this in my
X.log:

  Xlib:  connection to "sstpok-11:1.0" refused by server
  Xlib:  Invalid MIT-MAGIC-COOKIE-1 key
  1356-200 xhost: unable to open display "sstpok-11:1"

so, I'm getting nothing displaying to Xvnc at all since every other
program trying to display to sstpok-11:1 bombs out that way too.

Try #3:

Removing just the system call to the xauth program but leaving in the
-auth paramter allows me to run xhost, but still gets:

  1346-217 xhost:  must be on local machine to enable or disable access control
  access control disabled, clients can connect from any host

which is again a lie.  Programs can display there, but it's from the
leftover entries in my .Xauthority file.  Trying to display things
there from other hosts doesn't work.

Try #4:

Pointing the Xvnc -auth parameter to, say, /dev/null produces the same
results as not having the parameter at all (i.e. nothing can connect).

So, is there some extra paramter I need to pass it, or leave off, or
what?  Any other ideas?  Mine are just about exhuasted.

Thanks,
Chuck

--
*******************************************************************************
Charles K. Hines <chuck_hines "at" vnet.ibm.com>
IBM Logic Synthesis Developer [BooleDozer (TM)]
Martial Arts Instructor [Modern Arnis, Presas Style Filipino Martial Arts]

         "Go back to sleep, Chuck.  You're just havin' a nightmare
             -- of course, we ARE still in Hell." (Gary Larson)
*******************************************************************************