mcookie

Generate a random number

$ mcookie

$ mcookie [[-f|--file]] [path/to/file]

$ mcookie [[-f|--file]] [path/to/file] [[-m|--max-size]] [number_of_bytes]

$ mcookie [[-v|--verbose]]

mcookie

mcookie is a utility program designed to generate a 128-bit (16-byte) random hexadecimal string. This string is commonly referred to as an "Xauthority magic cookie."

The primary purpose of mcookie is to provide a simple and secure way to create unique identification tokens used by the X Window System's authorization mechanisms, specifically for xauth. By generating a random cookie, mcookie helps ensure that only authorized clients can connect to a specific X server. It reads random data from /dev/urandom (or /dev/random if /dev/urandom is not available) and prints the 32-character hexadecimal representation to standard output. It is typically used in shell scripts to set up X session security, often piped directly into the xauth command to add a new authorization entry. The command itself takes no arguments or options, making its usage straightforward and focused solely on random cookie generation.

• Randomness Source: The security of the generated cookie heavily relies on the quality of the random data provided by /dev/urandom or /dev/random. If the system's entropy source is compromised or insufficient, the "randomness" of the cookie may be weakened, potentially affecting X session security.
• Output Handling: mcookie prints the cookie directly to standard output. Care must be taken to pipe or redirect this output securely, especially when dealing with sensitive X authority files.
• Single Purpose: mcookie is solely for generating this specific type of cookie and offers no other functionality or customization regarding the output format or length.

mcookie is almost always used in conjunction with the xauth command to add a new authorization entry for the current display. For example, to add a cookie for display :0:

mcookie | xauth add :0 . $(hostname)/unix:0

This command generates a new 128-bit cookie and immediately adds it to the user's .Xauthority file for the specified display, using the current hostname/display number and the generated cookie. Note that $(hostname)/unix:0 might be replaced by just :0 or other display specifications depending on the setup.

The command always outputs a 32-character hexadecimal string, representing a 128-bit random value, followed by a newline character.
For example: abcdef1234567890abcdef1234567890

mcookie has been a long-standing component of the util-linux project, a collection of essential Linux utilities. Its purpose, providing a simple and secure way to generate X authority cookies, has remained consistent throughout its development. It emerged as a reliable method to create Xauthority magic cookies, integral to securing X sessions in a straightforward manner, especially in environments where automated setup of X clients or servers is required.

xauth(1), xdm(1), gdm(1), startx(1)