simple is better thanks does ssh destinguish between "ssh host1" and "ssh localhost"
On Sat, 27 Jul 2024, Greg Wooledge wrote: > On Sat, Jul 27, 2024 at 15:44:51 +0000, fxkl4...@protonmail.com wrote: >> i log in to x session as user1 on host1 >> from within a xterm i want to change to user2 on host1 and run x programs >> the current way i do this is ssh user2@host1 > > I'm assuming you mean "ssh -X", or that you've configured the ssh command > to use this option automatically. This is a perfectly good way to do it. > >> does using ssh on the same host use encryption > > Yes. > >> is there another way to do this > > Yes, but the other ways are *far* more complicated, especially when > neither user1 nor user2 is root. The issue is that in order to > authenticate yourself to the X server, you present a token, known as > a "magic cookie". Your magic cookie is stored in a file in your home > directory, which by default only you can read. All of the programs > that you run as yourself can read this file and therefore present > the magic cookie on demand. > > If user2 is root, you can set an environment variable so that root reads > your magic cookie file, because root can (typically) read every file on > the system. > > However, when user2 is *not* root, it has no way to read your magic > cookie. So you need to arrange for some means of conveying this token > to the second user account. None of them are simple. > > You're really better off just continuing to use ssh -X user2@localhost. > It does exactly what you want. >
