X forwarding on SSH after `sudo -u -i` or `sudo su`

Posted: May 24th, 2010 | Author: | Filed under: Uncategorized | No Comments »

X authentication over SSH is based on magic cookies! The problem though is that when you change users via sudo the new user is not aware of these magic cookies.

Before you issue the su (but after having ssh’ed into the remote
system), request the cookie for the current DISPLAY that’s connecting
to your X server:


bart:~ jordan$ xauth list $DISPLAY

hostname.hq.calltitan.com:10 MIT-MAGIC-COOKIE-1
4d22408a71a55b41ccd1657d377923ae

Then, after having done su, tell the new user what the cookie is:

bart:~ root# xauth add hostname.hq.calltitan.com:10 MIT-MAGIC-COOKIE-1
4d22408a71a55b41ccd1657d377923ae

Just cut’n-paste the output of the above ‘xauth list’ onto ‘xauth add’
That’s it.



Leave a Reply