LinuxCommandLibrary

mcookie

Create magic cookies for X authentication

TLDR

Generate a random number

$ mcookie
copy

Generate a random number, using the contents of a file as a seed for the randomness
$ mcookie [[-f|--file]] [path/to/file]
copy

Generate a random number, using a specific number of bytes from a file as a seed for the randomness
$ mcookie [[-f|--file]] [path/to/file] [[-m|--max-size]] [number_of_bytes]
copy

Print the details of the randomness used, such as the origin and seed for each source
$ mcookie [[-v|--verbose]]
copy

SYNOPSIS

mcookie

DESCRIPTION

The mcookie command generates a random 128-bit hexadecimal value, which is then used as an authentication cookie for the X Window System. This cookie is essential for securely connecting to an X server. It is typically used in conjunction with xauth to manage authorization entries, allowing specific clients to connect. The generated cookie is designed to be difficult to guess, thus mitigating unauthorized access to the X server. The command creates a string of 32 hexadecimal characters. When an X server starts it has no connections allowed. Using xauth a connection can be created using the magic cookie which is then added to a users .Xauthority file.

The utility is commonly used in scripts and by system administrators to automate the setup of X authentication, particularly in scenarios where secure remote access to graphical applications is required. The command itself is very simple and it just creates a randomized Hexadecimal key used to authenticate an X-server connection for a client.

CAVEATS

The output of mcookie must be securely transmitted and stored, as anyone with access to the cookie can connect to the X server with the same privileges. If the cookie is compromised, new ones should be generated immediately.

USAGE EXAMPLE

To generate a cookie and add it to .Xauthority file, use the following sequence of commands:

COOKIE=$(mcookie)
xauth add $(hostname)/unix:0 . $COOKIE

HISTORY

mcookie has been part of the X Window System from early versions. It provides a simple and straightforward mechanism for generating secure authentication cookies. Its core functionality has remained largely unchanged over time, indicating its effectiveness for the intended purpose. It's development was intertwined with the development of the X Window System.

SEE ALSO

xauth(1), X(7), startx(1)

Copied to clipboard