mcookie

Generate a random number

$ mcookie

$ mcookie [[-f|--file]] [path/to/file]

$ mcookie [[-f|--file]] [path/to/file] [[-m|--max-size]] [number_of_bytes]

$ mcookie [[-v|--verbose]]

mcookie

The mcookie command generates a random 128-bit hexadecimal value, which is then used as an authentication cookie for the X Window System. This cookie is essential for securely connecting to an X server. It is typically used in conjunction with xauth to manage authorization entries, allowing specific clients to connect. The generated cookie is designed to be difficult to guess, thus mitigating unauthorized access to the X server. The command creates a string of 32 hexadecimal characters. When an X server starts it has no connections allowed. Using xauth a connection can be created using the magic cookie which is then added to a users .Xauthority file.

The utility is commonly used in scripts and by system administrators to automate the setup of X authentication, particularly in scenarios where secure remote access to graphical applications is required. The command itself is very simple and it just creates a randomized Hexadecimal key used to authenticate an X-server connection for a client.

The output of mcookie must be securely transmitted and stored, as anyone with access to the cookie can connect to the X server with the same privileges. If the cookie is compromised, new ones should be generated immediately.

To generate a cookie and add it to .Xauthority file, use the following sequence of commands:

COOKIE=$(mcookie)
xauth add $(hostname)/unix:0 . $COOKIE

mcookie has been part of the X Window System from early versions. It provides a simple and straightforward mechanism for generating secure authentication cookies. Its core functionality has remained largely unchanged over time, indicating its effectiveness for the intended purpose. It's development was intertwined with the development of the X Window System.

xauth(1), X(7), startx(1)