I need to run an X server for use by my entire group. I trust the network so dont need to encrypt the traffic. I don't however want to use xhost and either disable acls or add every IP that would need to connect.
xauth meets my requirements in that it allows me to set things up such that only clients that present a valid MIT magic cookie can connect.
However, I am running into the problem where everytime X(using Xvnc here) is started it seems to generate a new magic cookie which I then have to distribute to all clients again. This presents some automation challenges.
I'd much rather generate a cookie once and distribute it to all legit clients and be done with that. Is this doable?
I tried to accomplish this by placing a pre-cooked Xauthority (not modifyable by user running server or client) file on an nfs share and setting XAUTHORITY var but this has the annoying side affect that every time i launch an xclient it logs "xauth: not writable. changes will be ignored". How can I shut up the client about this? Note that I am not explicitly calling xauth when i see this. Something is calling xauth behind the scene when I launch xterm, for example.
Hope I explained the issue well enough to get some help. I can provide any additional info if needed.
The 'xauth: not writable' error is pretty harmless but to try and shut it up, for the accounts that will be using the shared Xauthority I would try creating an alias: