Aligning .Xauthority between GDM and SSH

Multi tool use
Multi tool use












0














I've run into a problem in that if I start Emacs in daemon mode on my remote system, then in my local system I run ssh remotehost emacsclient -c, it fails with X11 connection rejected because of wrong authentication. However, things like ssh remotehost xterm work fine, so it's nothing to do with ssh connections, X forwarding, etc.



Both systems in question are running Ubuntu 18.04 LTS.



The problem, as could be guessed, is xauth and in particular after much reading of issues filed back in 2010/2011, it seems to be due to the way GDM sets the XAUTHORITY environment variable to $XDG_RUNTIME_DIR/gdm/Xauthority (something like /run/user/1000/gdm/Xauthority), while incoming SSH connections do not set XAUTHORITY before the set up xauth cookies for the SSH session.



This means that ssh xauth cookies are added in the default $HOME/.Xauthority file. My Emacs daemon cannot see these cookies because it's using the GDM $XDG_RUNTIME_DIR/gdm/Xauthority file.



As I've said it seems like this disparity has been a known issue for 8+ years... has no one resolved it? Crazy. I have written a script that installs the cookie but having to do so is pretty gross.



Is there a way to get my ssh session to use the GDM Xauthority file? I've tried setting XAUTHORITY in my shell setup but apparently that is set too late, after the SSH daemon configures the new Xauth cookie, because it's still put into $HOME/.Xauthority.










share|improve this question



























    0














    I've run into a problem in that if I start Emacs in daemon mode on my remote system, then in my local system I run ssh remotehost emacsclient -c, it fails with X11 connection rejected because of wrong authentication. However, things like ssh remotehost xterm work fine, so it's nothing to do with ssh connections, X forwarding, etc.



    Both systems in question are running Ubuntu 18.04 LTS.



    The problem, as could be guessed, is xauth and in particular after much reading of issues filed back in 2010/2011, it seems to be due to the way GDM sets the XAUTHORITY environment variable to $XDG_RUNTIME_DIR/gdm/Xauthority (something like /run/user/1000/gdm/Xauthority), while incoming SSH connections do not set XAUTHORITY before the set up xauth cookies for the SSH session.



    This means that ssh xauth cookies are added in the default $HOME/.Xauthority file. My Emacs daemon cannot see these cookies because it's using the GDM $XDG_RUNTIME_DIR/gdm/Xauthority file.



    As I've said it seems like this disparity has been a known issue for 8+ years... has no one resolved it? Crazy. I have written a script that installs the cookie but having to do so is pretty gross.



    Is there a way to get my ssh session to use the GDM Xauthority file? I've tried setting XAUTHORITY in my shell setup but apparently that is set too late, after the SSH daemon configures the new Xauth cookie, because it's still put into $HOME/.Xauthority.










    share|improve this question

























      0












      0








      0







      I've run into a problem in that if I start Emacs in daemon mode on my remote system, then in my local system I run ssh remotehost emacsclient -c, it fails with X11 connection rejected because of wrong authentication. However, things like ssh remotehost xterm work fine, so it's nothing to do with ssh connections, X forwarding, etc.



      Both systems in question are running Ubuntu 18.04 LTS.



      The problem, as could be guessed, is xauth and in particular after much reading of issues filed back in 2010/2011, it seems to be due to the way GDM sets the XAUTHORITY environment variable to $XDG_RUNTIME_DIR/gdm/Xauthority (something like /run/user/1000/gdm/Xauthority), while incoming SSH connections do not set XAUTHORITY before the set up xauth cookies for the SSH session.



      This means that ssh xauth cookies are added in the default $HOME/.Xauthority file. My Emacs daemon cannot see these cookies because it's using the GDM $XDG_RUNTIME_DIR/gdm/Xauthority file.



      As I've said it seems like this disparity has been a known issue for 8+ years... has no one resolved it? Crazy. I have written a script that installs the cookie but having to do so is pretty gross.



      Is there a way to get my ssh session to use the GDM Xauthority file? I've tried setting XAUTHORITY in my shell setup but apparently that is set too late, after the SSH daemon configures the new Xauth cookie, because it's still put into $HOME/.Xauthority.










      share|improve this question













      I've run into a problem in that if I start Emacs in daemon mode on my remote system, then in my local system I run ssh remotehost emacsclient -c, it fails with X11 connection rejected because of wrong authentication. However, things like ssh remotehost xterm work fine, so it's nothing to do with ssh connections, X forwarding, etc.



      Both systems in question are running Ubuntu 18.04 LTS.



      The problem, as could be guessed, is xauth and in particular after much reading of issues filed back in 2010/2011, it seems to be due to the way GDM sets the XAUTHORITY environment variable to $XDG_RUNTIME_DIR/gdm/Xauthority (something like /run/user/1000/gdm/Xauthority), while incoming SSH connections do not set XAUTHORITY before the set up xauth cookies for the SSH session.



      This means that ssh xauth cookies are added in the default $HOME/.Xauthority file. My Emacs daemon cannot see these cookies because it's using the GDM $XDG_RUNTIME_DIR/gdm/Xauthority file.



      As I've said it seems like this disparity has been a known issue for 8+ years... has no one resolved it? Crazy. I have written a script that installs the cookie but having to do so is pretty gross.



      Is there a way to get my ssh session to use the GDM Xauthority file? I've tried setting XAUTHORITY in my shell setup but apparently that is set too late, after the SSH daemon configures the new Xauth cookie, because it's still put into $HOME/.Xauthority.







      ssh x11-forwarding gdm






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Dec 27 at 13:33









      MadScientist

      45.7k44865




      45.7k44865





























          active

          oldest

          votes











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53945954%2faligning-xauthority-between-gdm-and-ssh%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown






























          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53945954%2faligning-xauthority-between-gdm-and-ssh%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          CDZXXpR1JsqORhlwHyNE69I,n9yxd9LrIUOOr aJ5TxQtF1,05jNGZqddGyzF2UK7,vfeQ vbfL6i ovuaM3ymYWRm87O 5u13
          IDe2s G L2YpDg NlX,BX0do

          Popular posts from this blog

          Monofisismo

          Angular Downloading a file using contenturl with Basic Authentication

          Olmecas