openssh & XEmacs gnuclient issue

Dug Song dugsong at
Sat Nov 27 12:43:22 EST 1999

On 26 Nov 1999, Chris Green wrote:

> The trouble is when the command is to make a new frame ( window ) on a
> different X display, it fails because the Xauth cookie is not in
> .Xauthority and the user's process on the remote machine is not.

it doesn't honor the XAUTHORITY environment variable? hrm. :-/

> What advantage is it to separate the ssh cookie into a separate file
> aside from making it easier to nuke cookies when closing a connection?

specifically, it protects the file's contents when the user's home
directory is in NFS, or AFS. by using a local file, it prevents passive
network sniffing of the Xauth credentials - see Ulrich Flegel's paper on
SSH X11 vulnerabilities for details:



More information about the openssh-unix-dev mailing list