Re: [OpenAFS] significant delay for afs user to login as root via su

[ematlis]

I created a file ~/.ssh/rc as per your suggestion in the machine that I am 
logging into ("aerogold" in this case).  Logging in gives me this:

[mat...@quadzilla ~]$ ssh -Y emat...@aerogold
emat...@aerogold's password: 
Last login: Thu Mar 18 14:24:37 2010 from quadzilla.aero.nd.edu
X11 connection rejected because of wrong authentication.
xauth:  creating new authority file /tmp/.ematlis/.Xauthority
xauth:  creating new authority file /tmp/.ematlis/.Xauthority
X11 connection rejected because of wrong authentication.
xhost:  unable to open display "localhost:10.0"
[emat...@aerogold ~]$ echo $XAUTHORITY
XAUTHORITY: Undefined variable.

Doesn't seemed like it worked...

thanks,
eric


--- On Thu, 3/18/10, David S. Goldberg <d...@mitre.org> wrote:

> From: David S. Goldberg <d...@mitre.org>
> Subject: Re: [OpenAFS] significant delay for afs user to login as root via su
> To: "Ken Hornstein" <k...@cmf.nrl.navy.mil>
> Cc: emat...@yahoo.com, openafs-info@openafs.org
> Date: Thursday, March 18, 2010, 12:01 PM
> > - Assuming you're using ssh (I
> am guessing that you are), convince sshd
> >   to write your Xauthority information
> somewhere else, like a file
> >   in /tmp (and make sure your
> XAUTHORITY environment variable is correct).
> >   I would guess this is possible, but I
> don't know if there's an easy
> >   way to do it.
> 
> I do this with the following code in ~/.ssh/rc:
> 
> if [ "$DISPLAY" = "" ]; then exit 0 ; fi
> if [ ! -d /tmp/.${USER} ]; then # I actually don't
> reference $USER -
>                
>               # just put
> your own ID there.
>     /bin/sh -c "umask 77 ; mkdir /tmp/.${USER}" ;
> 
>     XAUTHORITY=/tmp/.${USER}/.Xauthority;
>     export XAUTHORITY;
> fi;
> xauth remove $DISPLAY
> read xauthstuff
> xauth add $DISPLAY $xauthstuff
> 
> The second if statement is also in my shell profile to
> ensure
> XAUTHORITY is properly set on subsequent shells, but with
> some
> additional checks to ensure I don't interfere with any
> XAUTHORITY
> setting generated when doing a console login.
> 
> -- 
> Dave Goldberg
> Associate Department Head, G06A: Advanced Technical
> Computing Center
> The MITRE Corporation \ MS K331 \ 202 Burlington Rd. \
> Bedford, MA 01730
> d...@mitre.org \
> 781-271-3887 (W) \ 781-439-7875 (M)
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
> 



_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info