Date: 2004-06-24

Description: ssh uses fake authentication data for X11 forwarding.

Affects: OpenSSH

Summary: When ssh is unable to get Xauthority information for the
display, it makes up some fake authentication data and prints a
warning.

Symptoms: ssh prints "Warning: No xauth data; using fake
authentication data for X11 forwarding."

When ssh is unable to get Xauthority information for the display, it
makes up some fake authentication data and prints:

Warning: No xauth data; using fake authentication data for X11
forwarding.

This happens in particular if there is no entry for the local display
(of the form :D.S or of the form $HOTSNAME/unix:D.S) in ~/.Xauthority on
local host (the host where you issued ssh).  To see the list of display
names, run:

$ xauth list

To fix this problem, run the following command on the local host:

$ xauth add `echo "${DISPLAY}" | sed 's/.*\(:.*\)/\1/'` . `mcookie`

Make sure that the command xauth and mcookie on your PATH, otherwise
use the absolute pathname for these commands.

xauth is the program to manage the authorization information used in
connecting to the X server.

echo "${DISPLAY}" | sed 's/.*\(:.*\)/\1/' extracts the display and
screen numbers in the form :D.S (e.g., :10) from DISPLAY environment
variable of the form HOSTNAME:D.S (e.g., localhost:10).

. is an abbreviation for MIT-MAGIC-COOKIE-1 protocol name.

mcookie generates magic cookies for xauth.