xauth issues

Erik Steffl steffl "at" bigfoot.com
Wed, 02 Jan 2002 15:54:01 +0000


Steve Blinkhorn wrote:
> 
> I'm having some difficulties accessing vnc servers running in my
> office from viewers on dialup machines elsewhere.   When the remote
> machine is running RedHat Linux 7.1, I frequently get an error message
> to the effect that the client is not permitted  thus:
> 
> Xlib: connection to ":0.0" refused by server
> Xlib: Client is not authorized to connect to Server
> Error: Can't open display: :0.0
> 
> I think this is mostly because my ISP assigns the remote machine an
> identity that is not represented in the .Xauthority file that was in
> place when the VNC server was started.   Is there a simple and
> dependable way around this (it doesn't help that what counts as a
> server and what counts as a client in the X and VNC worlds can
> occasionally leave one chasing one's tail).

  copy the authority file (~/.Xauthority) from the home directory of
user that started vnc server to some place where it's accessible to the
user that is trying to start a client (that tries to connect to vnc
server). then use xauth merge to merge this authority file...

  not sure if it's extirely clear so here's an example:

user vnc runs vncserver :1 on machine vnc-host

user joe on other-host wants to start client -display vnc-host:1

  there are two ways to do it, the insecure one and secure one

  insecure:

user vnc runs xhost -display vnc-host:1 +other-host

  that means that anybody from other-host can run programs that connect
to vnc-host:1 vncserver.

  secure:

user joe on other-host runs:

scp vnc "at" vnc-host:.Xauthority ~/vncXauthority
xauth merge ~/vncXauthority

  you can use any other command to copy the .Xauthority file...

  if this doesn't help try to explain your problem in terms of X server
and X clients, when you say 'remote machine' it doesn't mean anything
(all of those machines can be remote, it's irrelevant).

> On a separate matter, I use exmh as my mail viewer in the office, and
> would like to use it over a vnc link.    But when it tries to start,
> it looks for X resources (BACKGROUND_TEXT, or is it TEXT_BACKGROUND -
> not running at present because of the first problem) that are present
> on my office machine, but not on the Linux box.   Has anyone tackled
> this and fixed it?

  what x resources exactly are you talking about? the ones that you
normally set in ~/.Xdefaults or ~/.Xresources?

  you have to keep clear distinction between server side and client
side. The X server is the vnc server and that's where all X related
stuff needs to be (everything X server needs) - generally fonts (unless
you run font server), rgb.txt file so that you can use names of colors
(e.g. red instead of #ff0000) etc.

  the client related stuff needs to be wherever client is. If you have X
resource file (the one that's usually called .Xresources or .Xdefaults,
or file in same format) you can load the resources contained within
using xrdb command. If the exmh uses the resources that are in some file
on the same computer you would run xrdb on that same computer (with
display set to vnc server).

	erik

	erik
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------