# Untrusted, 60 second timeout.
$ xauth generate blue:2 . trusted timeout 300 # Trusted, 5 minute timeout
$ xauth generate blue:2 . timeout 0 # Untrusted, no timeout
The simplest way to use SECURITY is to leave the original, trusted magic cookie in
place for local connections, and to generate a nonexpiring, untrusted key for remote
TCP/IP connections. Running this command on the local display will set up the
token for remote clients:
$ xauth generate "$(hostname -f):$DISPLAY" . untrusted timeout 0
13.11
13.11 Low-Bandwidth X (LBX) 187
Some versions of hostname don??™t accept the -f (fully qualified domain
name) option.
Xauth will place the new magic cookie into the ~/.Xauthority file, leaving the local
token unchanged.
One problem with the generate command is that it replaces any existing token (for
the given display) with the newly generated value; therefore, the xauth list command
will show only the most recently generated token for each displayspec.
To get around this problem, you can use the -f option to xauth, which enables you
to specify an alternate authority file. To generate two untrusted keys and place them
in separate files, you could use:
$ xauth -f ~/.Xauthority1 generate blue:2 .
Pages:
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290