'''Purpose:''' Help with the error message:

    X server insecure (must use xauth-style authorization)

for those users who are launching X themselves and need either a display manager or some good means of generating session keys.

----

'''Does anyone who uses the console use non-X11 graphic applications?''' (Using the console as a dumb terminal doesn't count.)

Yes.

   * You have to arrange for multiple window systems on the console. It's difficult to get this to interoperate with a display manager. If you're not braver than I am, go to [X server insecure: can't manage the local console] to see how to get authorization enabled.

No.

   * You have an unmanaged local console, but you could get it managed. Go to [X server insecure: setting up xdm].


----

'''You use ''startx'', ''x11start'' or ''xinit'' and don't want to use ''xdm''

to secure your X server you need to do two things. First you need a pair of  unique and reasonably unguessable ''cookies'' in your Xauthorisation file. The cookies themselves are just 32 hex digit numbers. You can generate a reasonable one using 'date +%s%s%s%s | cut -c-32' or you can get the mitcookie program from http://www.zsplat.freeserve.co.uk/progs/mitcookie.c

You need to issue
  cookie=`mitcookie` or cookie=`date +%s%s%s%s|cut -c-32` 
  xauth add unix:0.0          MIT-MAGIC-COOKIE-1 $cookie
  xauth add `hostname -f`:0.0 MIT-MAGIC-COOKIE-1 $cookie

assuming hostname -f gives you your fully wualified domain name.
These commands set up your X authorisation file. Now you need to start your X server and have it use these values. This is done by causing X to be run with -auth ${HOME}/.Xauthority.

There are a number of ways to do this depending on how you begin your X session. One would be
  xinit /usr/X11R6/bin/twm -- /usr/X11R6/bin/X :0.0 -auth ~/.Xauthority
but a more normal method is to execute the ''startx'' script. You should add the -auth parameters to the $serverargs variable and place the xauth commands just before the invocation of xinit to get everything working.

Once the above has been done then xhost should tell you that no-one is permitted to connect and that X authorisation is in use. Of course you now have to pass this cookie to your X client's machine. One way is to use ssh as it'll handle this transparently. So 
  ssh -f unixbox 'xterm -dispay workstation:0.0'
should run xterm for you.

Another way using rsh would be:
  xauth extract - $HOSTNAME:0.0 | rsh unixbox '/usr/X11R6/bin/xauth merge -'
although this is pretty insecure.

Another way would be to use a terminal session and paste the cookie value obtained by the xauth list command into the remote session.

----