Remote X Apps mini-HOWTO Vincent Zweije (zweije@xs4all.nl) 11 July 2000 The Linux Japanese FAQ Project (JF@linux.or.jp) v0.6.3j1, 29 March 2001 ±Ì mini-HOWTO Í[g X AvP[VðÀs·éû@É¢Äà ¾µÜ·BÂÜèAX ÌvOðÀsµÄ¢éRs [^ÆÍÙÈéÆ ±ëÉ\¦ð³¹éû@Å·BtÉ¢¢Ü·ÆAX ÌvOð ȽªÎ ʵĢéRs [^ÅÍȢƱëÅÀs³¹éû@AÆÈèÜ·B±Ì mini-HOWTO ÌÅ_ÍZL eBÅ·B³çÉ X AvP[Vð[J ÅA½¾µÙÈÁ½[U ID ÅAÀs³¹éîñàÜñŢܷB ______________________________________________________________________ Ú 1. ͶßÉ 2. ÖAµ½Çݨ 3. zè·éóµ 4. ¿åÁƵ½_ 5. NCAgÉwè·é 6. T[oÉwè·é 6.1 xhost 6.2 xauth 6.2.1 NbL[ðìé 6.2.2 NbL[Ì] 6.2.2.1 z[fBNg̤L 6.2.2.2 [gVF rsh ðg¤ 6.2.2.3 Telnet ðg¢è®Ås¤ 6.2.2.4 Telnet Å©®És¤û@ 6.2.3 NbL[ðg¤ 6.3 SSH 7. ÊÌ[U ID ©çÌ X AvP[V 7.1 ¯êzXgãÌÙÈé[U 7.2 NCAg[Uª root 8. [gEBhE}l[WÌÀs 9. guV [eBO 10. ú{êóÉ墀 ______________________________________________________________________ 1. ͶßÉ ±Ì mini-HOWTO Í[g X AvP[V𵤽ßÌKChÅ·B ±êð¢½Rͽ³ñ èÜ·B 1. u[g X AvP[VðÀs·éÉÍHvÆ¢¤¿âª usenet Ž¢B 2. X Ú±ÌÂÉuxhost +hostname ðg¦vÆ©AÐÇ¢ÌÉÈéÆ uxhost + ðg¦vÆ¢¤æ¤ÈAhoCXð¤ñ´è·éÙÇÚÉ· éBxhost ÍrûàÈ¢ZL eBãÌâèª èAàÁÆæ¢û@ª éB 3. xhost ÈOÌàÁÆæ¢û@ðLqµ½ÈPȶðmçÈ¢BàµA¼ ÌÈPȶðmÁÄ¢éÈçÒ zweije@xs4all.nl ɳ¦Ä¾³ ¢B ±ÌhL gÍ UNIX CNÈVXeðÎÛÉ©êĢܷB[J ©[gÌÇ¿ç©ÌIy[eBOVXeª UNIX nÅÈÄàA ±Ì¶Å®ìÌdgÝð©Â¯çêé©àµêܹñBµ©µÈªçAáÆ µÄ¢½±ÆÍe©ÌVXeÉí¹ÄÏXµÈ¯êÎÈçÈ¢Åµå ¤B ±ÌhL gÌÅVÅÍ http://www.xs4all.nl/~zweije/xauth.html Å üèÅ«Ü·BܽuRemote X Apps mini-HOWTOvÆµÄ http://sunsite.unc.edu/LDP/HOWTO/mini/Remote-X-Apps ÅüèÅ«Ü ·BLinux (mini-)HOWTO Í sunsite.unc.edu ©ç http © ftp ÅüèÅ« Ü·B ±Ìo[WÍ 0.6.3 Å·BPÓÉæèöJ³êĨèA³ÛØÅ·Bñ ÄAACfBAAÇÁAð§Â|C^A(Å¿Ôá¢Ì)ù³ÈÇðåWµ ĢܷBÅàA±Ì¶ÍÈPÅÇÝÕ¢¶ÉÛÁĨ«½¢ÆvÁÄ¢ Ü·BÅàæ¢Ó¡ÅÌ HOWTO `®Å·ËB¢¿áàñÍ /dev/null ÖB àeÌÅIXVÍ 2000N0611ú É Vincent Zweije ªs¢Üµ½B 2. ÖAµ½Çݨ "What to do when Tk says that your display is insecure" Æ¢¤ÖAh L gª WWW ãÌ http://ce-toolkit.crd.ge.com/tkxauth/ (ú{êó) É èÜ·B Kevin Kenny ÉæÁÄ©ê½àÌÅ·B±ÌhL g (xauth) ÅÍ X FØÉ¢ı̶Ư¶æ¤Èðû@ðñÄµÄ¢Ü ·Bµ©µ Kevin Í xauth ̧äÉ xdm ðp¢é±ÆÌûðSɵĢ éæ¤Å·B O'Reilly and Associates Ì The X System Window System Vol. 8 X "Window System Administrator's Guide" àܽæ¢îñ¹ÈÌÅÓðä©êÜ·B ¢ÉÒÍ`FbNūĢܹñB ³çÉà¤êÂÌhL gÍ "Securing X Windows" Æ¢¤^CgÅ· ®ÉÅàÇßéàÌÅ·B http://ciac.llnl.gov/ciac/documents/ciac2316.html ©çüèÅ«Ü·B comp.windows.xAcomp.os.linux.x â comp.os.linux.networking Ì usenet j [XO[và`FbNµÄ¾³¢B 3. zè·éóµ QäÌRs [^ðgÁĢܷBPäÚÅAüÍÆ\¦Ì½ßÉ X EB hEVXeðgÁĢܷBQäÚð¢Â©ÌdvÈOtBbNÌd ÉgÁĢܷBPäÚÌfBXvCÉQäÚÌoÍð\¦³¹½¢B X EBhEVXeͱêªÅ«Ü·B à¿ëñlbg[NÚ±ªKvÅ·BX vgRÍlbg[NðåH¢ ·éÌÅAÈé׬¢à̪KvÅ·BÅ·ª¿åÁÆÌäÆKØÈv gR³kðg¦ÎAfoRÅAvP[VðÀs·é±ÆàÅ«Ü ·B X vgR³kÉ¢ÄÍ dxpc http://www.vigor.nu/dxpc/ © LBX http://www.paulandlesley.org/faqs/LBX-HOWTO.html <http://www.paulandlesley.org/faqs/LBX-HOWTO.html> (̼ܽð LBX mini-HOWTO Æ¢¤) ð`FbNµÄ¾³¢B PäÚÌfBXvCÉQäÚÌoÍð\¦·éÉÍAȺÌQÂ̱Æðµ ȯêÎÈèܹñB 1. [gRs [^©çÌÚ±ðó¯t¯éæ¤A[JfBXv C (T[o) Éwè·éB 2. [JfBXvCÉ»ÌoÍðs¤æ¤A[gAvP[V (NCAg) Éwè·éB 4. ¿åÁƵ½_ }WbN[hÍ DISPLAY Å·BX EBhEVXeÅÍAfBXvC Í (P»µÄ) L[{[hA}EXAXN[©ç¬èÜ·BfBXv CÍT[ovOÉæÁÄdzêÜ·B±êÍ X T[oÆÄÑÈçí ³êĢܷB±ÌT[oÍAT[oÉÚ±·é¼ÌvOÉ\¦\Íð ^¦Ü·B fBXvCͼOÅ\³êÜ·Bá¦ÎF o DISPLAY=light.uni.verse:0 o DISPLAY=localhost:4 o DISPLAY=:0 fBXvCÌ\LÍzXg¼ (ᦵ½ light.uni.verse â localhost)A R(:)AÔ (ᦵ½ 0 â 4 ) ©ç¬èÜ·BfBXvCÌ\LÌ zXg¼Í X T[oðÀsµÄ¢éRs [^̼OÅ·BzXg¼ðÈ ª·éÆA[JzXg𦷱ÆÉÈèÜ·BÔÍÊ 0 Å·\\P äÌRs [^É¡ÌfBXvCªÚ±³êÄ¢éÌÈçAÊÌlÉÈ é©àµêܹñB ãLÌfBXvC\LÉ .n ªY¦çêé±Æà èÜ·B±Ì .n ÍXN [ÔðwµÄ¢Ü·BfBXvCÍ¡ÌXN[ð±ƪŠ«Ü·BÊÍ (Ô n=0 Ì) ÐÆÂÌXN[µ©È¢ÌÅA±êªù èlÉÈÁĢܷB ¼Ì DISPLAY Ì®à èÜ·ªAãLÌ®Å{ÌÚIðs¤ÉÍ\ª Å·B ZpIÈ»¡Ì½ßÉF o hostname:D.S ÍzXg hostname ÌfBXvCÔ D ÌXN[Ô S ðÓ¡µÜ·\\±Ì\LÌfBXvC̽ßÌ X T[oÍ TCP |[g 6000+D ðbXµÜ·B o host/unix:D.S ÍzXg host ÌfBXvCÔ D ÌXN[Ô S ðÓ¡µÜ·\\±Ì\LÌfBXvC̽ßÌ X T[oÍ UNIX h C\Pbg /tmp/.X11-unix/XD ðbXµÜ· (ÈÌÅ host ©çµ ©Būܹñ)B o :D.S Í host/unix:D.S Æ¿Å·B±±Å host Í[JÌzXg¼ Å·B 5. NCAgÉwè·é NCAgvO (áƵÄOtBbNAvP[V) Í DISPLAY «Ïð²×ÄÚ±·éfBXvCðmèÜ·Bµ©µANC AgN®ÌR}hCøÉ -display hostname:0 ð^¦½ê ÍA±ÌÝèðDæµÜ·B¢Â©Ìážç©ÉµÜµå¤B ½¿ÌRs [^ÍO©çzXg¼ light Ƶĩ¦Ä¨èAhC uni.verse É®µÄ¢éƵܷBÊÉ X T[oðÀsµÄ¢éÈ çAfBXvCÍ light.uni.verse:0 ƵįʳêÜ·B dark.matt.er Æ¢¤[gRs [^Å`ævOÌ xfig ðÀsµA[J} V light É xfig ÌoÍð\¦³¹½¢Æv¢Ü·B ·ÅÉ[gRs [^ dark.matt.er É telnet µÄ¢éÆzèµÜ ·B [gRs [^Å csh ðgÁÄ¢éÈç dark% setenv DISPLAY light.uni.verse:0 dark% xfig & Æ·é©A é¢Í dark% xfig -display light.uni.verse:0 & ƵܷB [gRs [^Å sh ðgÁÄ¢éÈç dark$ DISPLAY=light.uni.verse:0 dark$ export DISPLAY dark$ xfig & Æ·é©A é¢Í dark$ DISPLAY=light.uni.verse:0 xfig & ƵܷBà¿ëñ dark$ xfig -display light.uni.verse:0 & ÅࢢŷB (óG dark$ env DISPLAY=light.uni.verse:0 xfig& Èç csh Åà sh Åàg¦Ü·Ë :) ) telnet ÌíÞÉæÁÄÍA©®IÉ[gzXgÖ DISPLAY Ïð]· éàÌà éæ¤Å·B»ñÈ telnet ðgp·éÈçAfBXvCÌwè ðè®ÅsÈíÈÄàæ¢ÌÅAK^ŵå¤B telnet ÌwÇÍ TERM  «Ïð]·éíÞÈÌÅ«âéÈçATERM «ÏÉ DISPLAY ÏÌ àeðãüµÄãp³¹é±ÆÅ·B ãp·éÌƯlÌl¦ûÅAÌæ¤ÈsÌXNvgÅÀ»Å«Ü·B telnet ·éOÉATERM É DISPLAY ÌlðÁ¦éBtelnet ·éB [gRs [^ÌKØÈ .*shrc t@CÅATERM ©ç DISPLAY ÌlðÇÞB 6. T[oÉwè·é T[oÍDZ©çÌÚ±Åàó¯t¯éí¯ÅÍ èܹñB ȽÌXN [É·×ÄÌlªEBhEð\¦Å«éÈñÄAðµÈ¢Å·æËB ȽÌüÍðÇÜê½àȢŵå¤\\L[{[hÍfBXvCÌê Å éÆ¢¤±ÆðYêȢź³¢B fBXvCÖÌANZXªAZL eBXNÌ´öÉÈé±Æð ðµÄ¢élÍÙÆñǢܹñB ȽÌfBXvCÉANZXÅ«él ÍAXN[ðÇÝ«Å«A ȽÌL[Xg[NðÇÞ±Æâ}EX Ì®«ðÇÞ±ÆàÅ«Ü·B ÙÆñÇÌT[oÍÚ±ÌFØû@ªQ èÜ·\\host Xg@\ (xhost) Æ}WbNNbL[@\ (xauth) Å·Bܽ ssh(secure shell) Í X Ú±ð]·é±ÆªÅ«Ü·B 6.1. xhost xhost Í host ¼ÉàÆâÄANZXðµÜ·BT[oÍAÚ±ð³ê ½ host ÌXgðǵܷBhost Ì`FbNð®SɳøÉ·é±Æà Å«Ü·Bӵľ³¢\\³øÉ·éÆ`FbNðµÈÈéÌÅSÄ Ì host ªÚ±Å«Ü·I xhost vOðp¢éÆT[oÌ host Xgð§äÅ«Ü·BOqÌá űÌ@\ðg¤ÉÍ light$ xhost +dark.matt.er ƵܷB ±êÍzXg dark.matt.er ©çÌÚ±ð·×ĵܷBX NCAgª Ú±³êEBhEª\¦³ê½çA·®ÉÀS̽ßÚ±ÂðæèÁµÜ ·B»êÉÍ light$ xhost -dark.matt.er ƵܷB host Ì`FbNð³øÉ·éÉÍ light$ xhost + ƵܷB ±êÍ host ÌANZX`FbNð³øɵĢéÌÅA·×ÄÌlÉÚ±ð µÄ¢Ü·BMpÅ«È¢[U[ª¢élbg[N (á¦ÎC^[ lbg) ãÅ͵ÄANZX`FbNð³øɵȢž³¢Bhost Ì `FbNðÄxLøÉ·éÉÍ light$ xhost - ÅÅ«Ü·B "xhost -" ÍAANZXXg©çSÌzXgðí·éí¯ÅÍ èܹ ñ (ൻ¤ÈçAsÖÉÜèܹñ\\DZ©çàA[JzXg³¦© çàڱūÈÈèÜ·)B xhost ÍÆÄàëÈÁ©µ¢@\Å·Bxhost Í[gzXgãÌ[Uð æÊūܹñµA host ¼ (ÀÛÉÍAhX) àUé±ÆªÅ«Ü·Bà µMpÅ«È¢[Uª¢élbg[N (á¦ÎC^[lbgÉ_CA Abv PPP ANZX) É¢éÈçA±êÍÇÈ¢±ÆÅ·B (óFAhXðUêéRBxhost ɨ¢Ä X T[oªÛ·éXgÍ lªo^³êĢܷBhost ¼ðgÁÄo^µ½êÅà gethostbyname ÖÉæè»Ì IP AhXªlÆÈèÜ·BÅ·ÌÅASoCgÌlÉ ÈèÜ·B X T[oªANZX`FbNð·éÉgp·éÌÍAX NC Agªoµ½ IP pPbgÌ\[X IP AhXðgp·éÌÅÍ èÜ ¹ñBf[^É X NCAgªæ¹½CÓÌlÅ·BX NCAg ÌvOÌìèÉæè½Åàæ¹é±ÆªÅ«Ü·BóÒªÈOgpµ½ ±ÆÌ é[J»[NXe[VÍAhostid Ìlðæ¹Ä¢Üµ ½Bhostid ÌùèlÍ inittab ÌÅAvC}Ì IP AhXðè`µ Ä龯ŵ½B±ÌêÍANbLOvOð©¸ÆàAsÌ XNvgð¾¯ÅAuh[UA^bNªs¦Ü·B) 6.2. xauth xauth ͳµ¢@§ðmÁÄ¢élÉANZXðµÜ·B»Ìæ¤È@§Í FØR[h é¢Í}WbNNbL[ÆÄÎêÜ·B±ÌFØXL[̳ ®ÈÄÌÍ MIT-MAGIC-COOKIE-1 Å·B ÙÈéfBXvCÉηé»ê¼êNbL[ÍA~/.Xauthority ÉÜÆßÄ i[³êÜ·B~/.Xauthority ÍO[v[U¨æѼ[UÉÍANZX Å«È¢æ¤ÉµÈ¯êÎÈèܹñ (óFchown 600 .Xauthority ÆµÄ ¨«Ü·)Bxauth vOͱêçÌNbL[ðǵܷB»êÌɱ ÌXL[ÌjbNl[Í xauth Æ¢¢Ü·B ZbVðnßéÛAT[oÍ -auth ÌøÅwèµ½t@C©çNb L[ðÇÝÜ·B»ÌãT[oͯ¶NbL[ðméNCAgÌÚ±ÌÝ µÜ·BÚ±ªm§³ê½ãÅ ~/.Xauthority ÌNbL[ªÏX³êÄà T[oͱÌÏXðæèoµÜ¹ñB ÅßÌT[oÍÆïµ½NCAgpÌNbL[ð·®Éìé±ÆªÅ«Ü ·Bµ©µANbL[ÍT[oàÉÛ¶³ê½ÜÜÅ·\\NCAgª ~/.Xauthority ÉNbL[ðÇÁµÈ¢Àè ~/.Xauthority ÉÍüèܹ ñBDavid WigginsÉæéÆ È½ª»¡ð¦·æ¤È¼Äª X11R6.3 ÅÇÁ³êܵ½BV µ¢ZL eBg£ðʵÄAX T[oÍ·®ÉVµ¢NbL[ ðìÁÄÔ·±ÆªÅ«Ü·B³çÉNbL[ðuMpµÈ¢væ ¤ÉwèÅ«éÌÅA»Ìæ¤ÈNbL[ÅÚ±ðsÁ½AvP [VÍÌæ¤Éìð§À³êÜ·Bá¦Î¼ÌMpÅ«é NCAgÌL[{[h/}EXÌüÍâEBhEÉ\¦³ê Ä¢éàeðßÈÈèÜ·BÈPÅȢɵÄàAÈÆà ±Ì@\ðg¤±ÆªÅ«éVµ¢TuR}h "generate" ª xauth É èÜ·B xauth Í xhost Éä×ÄZL eBÉDêĢܷBܽÁèÌRs [^ÌÁèÌ[U¾¯ÉANZXð§À·é±ÆªÅ«Ü·Bxhost Ìæ¤ ÉUÁ½AhX©çÌÚ±ÍūܹñBKvÈç xauth ÌãÅڱ𠷽ßÉ xhost ðg¤±ÆàÅ«Ü·B 6.2.1. NbL[ðìé xauth ðg¢½¢ÌÈçA-auth authfile øðt¯ÄAX T[oðN®µ ȯêÎÈèܹñ (óFauthfile ÍFØt@Cðw· PATH)B startx XNvgðg¤ÌÈçAxinit ÌE¤ÉLqµÜ·BȺÌæ¤ÉµÄ startx XNvgÌÅFØR[hð쬵ܷB /usr/X11R6/bin/startx©çÌøpF mcookie|sed -e 's/^/add :0 . /'|xauth -q xinit -- -auth "$HOME/.Xauthority" mcookie Í util-linux pbP[WÉ é¬³ÈvOÅA ftp://ftp.math.uio.no/pub/linux/ ©çüèÅ«Ü·B é¢ÍA md5sum ðp¢Ä³ì×f[^ (á¦Î /dev/urandom â ps -axl) ðNbL[`®É Ï· (massage) ·é±ÆàÅ«Ü·B dd if=/dev/urandom count=1|md5sum|sed -e 's/^/add :0 . /'|xauth -q xinit -- -auth "$HOME/.Xauthority" root ÉÈê¸ startx XNvgðÒWÅ«È¢ÌÈçAVXeÇÒÉ statx XNvgðKØÉÝèµÄà礩A é¢Í xdm ðÝèµÄà çÁľ³¢BÇҪūȢàµÍµÈ¢ÈçA ~/.xserverrc XN vgÅÀ»Å«Ü·B±ÌXNvgª éÆA xinit ÍÀÛÌ X T[o ÌãíèɱÌt@CðÀsµÜ·Bµ½ªÁÄA±ÌXNvg©çÀÛ Ì X T[oðKØÈøÅN®Å«Ü·B±¤·éÉÍA ~/.xserverrc É ãLÌ}WbNNbL[Ìsð¢ÄNbL[ðìç¹A¢Å X T[oð N®·ésð«Ü·B #!/bin/sh mcookie|sed -e 's/^/add :0 . /'|xauth -q exec /usr/X11R6/bin/X "$@" -auth "$HOME/.Xauthority" X ZbVÌÇÉ xdm ðg¤ÈçAxauth ðÈPÉgpÅ«Ü·B /etc/X11/xdm/xdm-config ÌÉ DisplayManager.authDir \[Xðè`µ ľ³¢Bxdm Í X T[oªN®·éÉ -auth øðn·æ¤ÉÈèÜ ·Bxdm ÌàÆÅOCµ½Axdm Í ~/.Xauthority ÉNbL[ðu« Ü·BÚµÍ xdm(1) Ì man y[WðQƵĺ³¢Bá¦ÎÒÌ /etc/X11/xdm/xdm-config ÅÍȺÌsª©êĢܷB DisplayManager.authDir: /var/lib/xdm 6.2.2. NbL[Ì] T[ozXg light.uni.verse Å X ZbVðJnµA ~/.Xauthority ÌÉNbL[ð¿Üµ½BÍNCAgzXg dark.matt.er ÖNb L[ð]·éKvª èÜ·B±êÉÍA½³ñÌû@ª èÜ·B 6.2.2.1. z[fBNg̤L light Æ dark ãÌ È½Ìz[fBNgª¤L³êÄ¢êÎêÔÈP Å·B¼ûÌ ~/.Xauthority t@Cͯ¶ÈÌÅA¦ÀÉNbL[Í] ³êÜ·Bµ©µÆµª èÜ·\\~/.Xauthority É :0 ̽ßÌNb L[ðu¢½Adark Í light ̽ßÌNbL[Æl¦¸É©g̽ßÌ NbL[¾Æl¦Ü·BNbL[ðìéA¾¦IÈzXg¼ðg¤×«Å· \\±êðȪ·é±ÆÍūܹñBÌæ¤ÈA¿åÁƵ½ sed ÌZ ðg¦ÎA:0 Æ light:0 ̼û̽ßɯ¶NbL[ðu±ÆªÅ«Ü ·B #!/bin/sh mcookie|sed -e 's/^/add :0 . /' -e p -e "s/:/$HOST&/"|xauth -q exec /usr/X11R6/bin/X "$@" -auth "$HOME/.Xauthority" 6.2.2.2. [gVF rsh ðg¤ z[fBNgª¤L³êĢȢÌÈçA[gVF rsh Éæé û@ÅNbL[ð]Å«Ü·B light$ xauth nlist "${HOST}:0" | rsh dark.matt.er xauth nmerge - ƵܷB±êÍ 1. [JÌ ~/.Xauthority ©çNbL[ðo·é (xauth nlist :0)B 2. dark.matt.er É]·é (| rsh dark.matt.er)B 3. ]æÌ ~/.Xauthority Éu (xauth nmerge -)B ðs¢Ü·B ${HOST} Ìg¢ûÉӵľ³¢B[JzXgƾ¦IÉÖAïç ê½NbL[ð]·éKvª èÜ·B[g X AvP[VÍ fBXvCÌl :0 ð[g}VÌàÌÆðߵܷB±êÍâè½¢ ±ÆÆÍá¤Åµå¤H 6.2.2.3. Telnet ðg¢è®Ås¤ rsh ª®ìµÈ¢±Æà èÜ·Bܽ rsh ÍZL eBãÌ_à è Ü· (ÒÌL¯ª³µ¢ÈçA±êà host ¼ðUêÜ·)B rsh ðg¦È ¢©gíÈ¢ÈçȺÌæ¤Éè®ÅNbL[ð]Å«Ü·B light$ echo $DISPLAY :0 light$ xauth list $DISPLAY light/unix:0 MIT-MAGIC-COOKIE-1 076aaecfd370fd2af6bb9f5550b26926 light$ rlogin dark.matt.er Password: dark% setenv DISPLAY light.uni.verse:0 dark% xauth Using authority file /home/zweije/.Xauthority xauth> add light.uni.verse:0 . 076aaecfd370fd2af6bb9f5550b26926 xauth> exit Writing authority file /home/zweije/.Xauthority dark% xfig & [15332] dark% logout light$ ÚµÍ rsh(1)Axauth(1x) ðQƵĺ³¢B 6.2.2.4. Telnet Å©®És¤û@ [gzXgÖ telnet ·éÉATERM © DISPLAY ÏÉNbL[ðãü µÄãp³¹é±ÆªÅ«Ü·B±êÍ TERM ÏÉ DISPLAY Ïðãp³ ¹éÌƯ¶û@ÅÀsÅ«éŵå¤BZNV 5 Ìu``NCAg Éwè·é''vðQƵľ³¢B±êÉ¢ÄÍÙ_Ì éûà¢çÁ µáéŵå¤B±Ìû@Å{ɤܢ̩Ǥ©A é¢ÍÊÚÈÌ ©AÆ¢¤_ðmè½¢ÌÅAàµÀÛÉØÅ«½lª¢êÎÊðÒÜ ÅÁÄ¢½¾¯½çK¢Å·B (óFNbL[ͳXlbg[N§ßÅ·Bµ©µAX Í}`vbg tH[«ÈÌÅA[ªÈeXgªKvÅ éÆ¢¤±Æ¾ÆvíêÜ ·B) ÅàÓA¼Ì UNIX ÅÍAÊÌ[U©çÅà«Ïð©é±ÆªÅ«é ±Æà èÜ·B»ñÈêA $TERM ÌÉüê½NbL[ð¼lÉ©¦È ¢æ¤É·é·×Í èܹñB 6.2.3. NbL[ðg¤ dark.matt.er ãÌ (OqÌ xfig Ìæ¤È) X AvP[VÍAFØÉ g¤NbL[ð©®IÉ ~/.Xauthority ©çÇÝÜ·B localhost:D ðg¤ÍA¿åÁƵ½âèª èÜ·BX NCAgAv P[VÍANbL[õÌÚI̽ßÉ localhost:D ð host/unix:D ÆðߵܷBÀÛÉÍA~/.Xauthority É localhost:D ÌNbL[ðu û@Íøʪ èܹñB l¦ÄÝêÎAPÉ_É]ÁÄ¢éÉ߬Ȣ±Æªí©éŵå¤B localhost ÌðßÍA»êððß·é}VÉ®SɶE³êÜ·BNFS ÈÇ Åz[fBNgð¤L·éÆA½³ñÌzXgÅeX̼ÌNbL[ ªSıµ ÁÄAÐÇ¢óÔÉ×é±ÆÉÈéŵå¤B 6.3. SSH FØR[hÍû³ê¸Élbg[NðoRµÄM³êÜ·BN©ª Ú±ð̼Szª éÈçAssh(secure shell) ðgÁľ³¢B±êÍ Ã»³ê½Ú±ðoRµÄ X ð]µÜ·B»êÉܽAÙ©Éà·Îç µ¢±Æª èÜ·B»êÍVXeÌ\¢üPÅ·Bssh z[y[W http://www.ssh.org/ ð©Ä¾³¢B N©FØXL[âû X ڱɢļɽ©mÁĢܹñ©H kerberos©ÈH óF KerberosÉ¢ÄA¤¦âÜ é¢³ñAª{³ñ©çÌRgðÜ Æßܵ½F PxXÍMV_bÉoÄé»EÌxzÒnfXÌ¢¢ÅR Â̪ðà¿»EÌåðçéԢŷB"Kerberos" Í MIT Ì "Athena" væÌêÑƵĤJ³êܵ½BRFC 1510 ª 1993 N És³êÄÜ·B Kerberos ÍMÅ«È¢lbg[NÅÀSÈFØEÊMðs¤½ß ÉAMÅ«éæOÒðg¤VXeÅ·BàÌÃÍ Î̮à DESðg¢Ü·BDESÈÌÅ ÜèÍ èܹñBµ©µA`Pb gÆ¢¤dgÅFØðs¤ÌÅ^pªÈPÅAÀSÈFØÆÊMªÅ« Ü·B®zzZ^[ðKw»µÄAåKÍÈVXeÉàÎ·é± ÆàÅ«éæ¤Å·B Ó¤Ìû@¾ÆANCAgªT[oðp·éÆ«Íèª{ É{¨Å é©Ý¢Éª©èܹñB»±ÅA¨Ý¢ªMµÄ¢éæ OÒÉg³ÛصÄàç¦Îæ¢Æ¢¤l¦ÉîâĢܷB»Ìæ OÒª®zzZ^[Æ¢¤àÌÅA»Ì®zzZ^[ÉT[oð p·é½ßÌ`PbgðsµÄàç¢Ü·B¾êÅà`Pbgðs µÄàç¦éí¯ÍÈNCAgÆT[oÌ®ðo^µÄ¨Kv ª èÜ·B®zzZ^[ÉsµÄàçÁ½`PbgÍANCA g(sµÄà礤) Ì®Åû³êÄ¢éÌÅA±êðÅ «éÆ¢¤±ÆÍANCAgÍm©É{lÅ é±Æªí©èÜ ·({l¶áȯêÎ`Pbgðæ边ȢÌÅAT[oðp·é ±ÆÍūܹñ)B `PbgÍ»µ½ÉüÁÄ¢ÄA±Ì`PbgÍT[oÌ®Åà »³êĢܷB»±ÅuT[oª`Pbgð»Å«é = T[ oàm©É{lÅ évÆ¢¤±ÆÉÈèÜ·(»µ½ÉZb V®ªüÁÄ¢ÄA»êÈ~ÌÊMűÌZbV®ðg¤Ì½ ßA{lÈOͱsūܹñ)B ±Ì_ÍA`PbgÌÄpªÅ«ÄµÜ¤Æ±ëÅ·BUÒÍ` PbgÌàeð©êܹñªA¬êÄ¢é`PbgðEÁÄ»ÌÜÜà ¤êñT[oÉêÎ{lÌÓèðÅ«Ü·B»Ì½ßÉA^CX^ vðûµÄêÉèÜ·Bâ^CX^vt«Ì`Pbg Íg¦Ü¹ñB»êÉAT[oÍ^CX^vðL^µÄ¢éÌÅA ÜÁ½¯¶X^vðÂ`PbgͳøÅ·B VXeSÌÅÌ_ÍA®zzZ^[ª¶Ý·é±ÆÅ·B®·× Äðo^µÄ¢éÌÅA±±ðjçêéÆÀSàÈÉà èܹñB XFree86 Ì}j AÌ|ó(ª{³ñ)ª JF É èÜ·B X ÌFØ ÖWÌQlɵľ³¢BܽAàÅÍ OPEN DESIGN No.14 CQ o ÅÐ ISBN4-7898-1806-3 C3055 \1748EÌuWÁWÅVÌÃÉæé ZL eBÌÀ»vªQlÉÈèÜ·B |C^F FreeBSDnhubNÌy[ WFhttp://www.freebsd.org/ja_JP.EUC/handbook/handbook64.html#66 http://www.releenet.co.jp/bsd/handbook/handbook60.html Jun Kuwamura³ñÌy[WFhttp://stealth.rccm.co.jp/~juk/krb/ 7. ÊÌ[U ID ©çÌ X AvP[V root Á ÌKvÈAOtBJÈÝèc[ðÀsµ½¢ÆµÜµå¤B µ©µA X ZbVÍÊÌAJEgÅÀsµÄ¢Ü·BnßÍïÉ v¤©àµêܹñªAX T[oÍc[ªfBXvCÉANZX·é±Æ ðµÜ¹ñB root ÅÊɽ©µ½¢ÉAǤ·êÎÂ\Å·©H»µ ÄǤ·êαÌâèðñðÅ«Ü·©H [U ID clientuser Å X AvP[VðN®µ½¢ª X ZbV Í serveruser ÅN®³êÄ¢éÆ¢¤AêÊIÈóµÉµÜµå¤BNbL [ÌZNVðÇñÅ¢êÎAȺ clientuser ªfBXvCÉANZX ūȢ̩ª©é͸ŷB ~clientuser/.Xauthority ÍfBXvCÉANZX·é½ß̳ µ¢}WbNNbL[ðÜñŢܹñB³µ¢NbL[Í ~serveruser/.Xauthority É èÜ·B 7.1. ¯êzXgãÌÙÈé[U à¿ëñA[g X Å®ì·éàÌÍAÙÈé[U ID Ì X Åà¯¶æ ¤É®ìµÜ· ([IÉÍ slogin localhost -l clientuser)BNCAg zXgÆT[ozXgª½Ü½Ü¯¶¾Æ¢¤¾¯Å·Bµ©µA¼ûÌzX gª¯¶A}WbNNbL[Ì]ÉÍß¹ª èÜ·B [U ID ÌØèÖ¦É su ðg¤Æ¼èµÜ·Bî{IÉAsíȯêÎÈ çÈ¢±ÆÍAsu ðÄÔXNvgð«A»±Å su Ìs¤R}hðA [g X ÉKvÈðs¤KØÈR[hÅbv·é±ÆÅ·BKvÈ ÆÍ DISPLAY ÏÌÝèÆ}WbNNbL[Ì]Å·B DISPLAY ÌÝèÍärIÈPÅ·\\su R}hðÀs·éOÉA»Ìø ÆµÄ DISPLAY="$DISPLAY" ðè`·é¾¯Å·BȺÌæ¤ÉµÜ·B su - clientuser -c "env DISPLAY=$DISPLAY clientprogram &" ±ê¾¯ÅÍ®ìµÜ¹ñB³çÉNbL[Ì]ðs¤Kvª èÜ·B NbL[Ìæ¾Í xauth list "$DISPLAY" ðg¦ÎÂ\Å·B±ÌR}h ªNbL[ÌXgÉp¢é®ÍA½Ü½Ü xauth add R}hÉ^¦é ÛÌ®ÉvµÄ¢Ü·\\¿å¤ÇKvƵĢ½àÌÅ·B RpCvÅNbL[ðnµ½¢Æ±ëÅ·BcOȪçAsu Í»ÌWü Í©çpX[hðÇà¤Æ·éÌÅAsu R}hÉpCvÅn·±ÆÍÈ PÅÍ èܹñB±±ÅàsÌ¢¢±ÆÉÍAVFXNvgÌàÅ Ít@CLqqð¢¶èñ·±ÆªÅ«Ü·ÌÅA±êªÂ\ÉÈèÜ·B clientuser Æ clientprogram ðp[^»µÄp»µ½XNvgð« Ü·BÇÝⷳ͵]µÉµÄæÉÈéæ¤ÉAXNvgðüPµÜ µå¤BȺÌæ¤ÉÈèÜ·B #!/bin/sh if [ $# -lt 2 ] then echo "usage: `basename $0` clientuser command" >&2 exit 2 fi CLIENTUSER="$1" shift # FD 4 becomes stdin too exec 4>&0 xauth list "$DISPLAY" | sed -e 's/^/add /' | { # FD 3 becomes xauth output # FD 0 becomes stdin again # FD 4 is closed exec 3>&0 0>&4 4>&- exec su - "$CLIENTUSER" -c \ "xauth -q <&3 exec env DISPLAY='$DISPLAY' "'"$SHELL"'" -c '$*' 3>&-" } ÙÆñÇÌóµÅAÚA«Æ®ìÉ\ª¾Æl¦Ü·B»ÝÒªl¦¤é _ÍA'$*' ðgÁÄ¢é½ßA command àÅVONH[gðp¢éÆ su R}hÌø ('$*') ªóêĵܤ±ÆÅ·BർÉàÈÉ©[ ÈÔᢪ Á½çAÒÉ email ð«Áľ³¢B XNvgð /usr/local/bin/xsu Æ·êÎ xsu clientuser 'command &' ÆÅ«Ü·B pX[hðg¤ÀèA±êÈ㻤ÈPÉÍūܹñB¦¦A(sudo) ð g¤û@à èÜ·ËBÅà±±Å͵¢Ü¹ñB 7.2. NCAg[Uª root RAroot ÅÍÈ¢NCAg[Uª root Å®ì·é±Æà¯lÉÅ «Ü·Bµ©µAroot Í·×ÄÌlÌ ~/.Xauthority t@CðÇޱƪ Å«éÌÅAroot ÌêÍæèÈPÅ·BNbL[ðéKvª èܹ ñB DISPLAY «ÏðÝèµAXAUTHORITY ª ~serveruser/.Xauthority ð©éæ¤ÉÝè·é¾¯Å·BÂÜè: su - -c "exec env DISPLAY='$DISPLAY' \ XAUTHORITY='${XAUTHORITY-$HOME/.Xauthority}' \ command" ±êðXNvgÉÆȺÌæ¤ÉÈéŵå¤B #!/bin/sh if [ $# -lt 1 ] then echo "usage: `basename $0` command" >&2 exit 2 fi su - -c "exec env DISPLAY='$DISPLAY' \ XAUTHORITY='${XAUTHORITY-$HOME/.Xauthority}' \ "'"$SHELL"'" -c '$*'" XNvgð /usr/local/bin/xroot Æ·êÎ xroot 'control-panel &' ÆÅ«Ü·B ÅàAൠxsu ð·ÅÉÝèµÄ êÎA±Ìæ¤ÉµÈ¯êÎÈçÈ¢ RÍ èܹñB 8. [gEBhE}l[WÌÀs EBhE}l[W (twmAwmaker â fvwm95 Ìæ¤È) ͼÌAvP[ VƯlɵ¦Ü·BÊÌèÅ®©¹Ü·B ÙÆñÇÌê¤Ü¢«Ü·BÅÅêÂÌEBhE}l[Wð¢ÂÅ àfBXvCÅÀsÅ«Ü·B·ÅÉ[JEBhE}l[WªÀs ³êÄ¢éÌÈçA[gEBhE}l[WðN®·é±ÆÍūܹ ñ (»êÍs½ð¾¢I¹·éŵå¤)BÅÉ[JEBhE}l[ Wð kill(ܽÍPÉ quit) µÈ¯êÎÈèܹñB cOȪçA½Ì X ZbVXNvgͱÌPsÅIíèÜ·B exec window-manager-of-choice »µÄA±êÍ ([JÌ)EBhE}l[WªI¹µ½ÉAZb VªI¹·é±ÆðÓ¡µÜ·B X VXe (xdm © xinit) ÉZb VªI¹µ½ÆÝȳêéÆAÀÛÉÍOAEg³¹çêÄµÜ¢Ü ·B ¢Â©ÁÊȱÆðsíȯêÎÈèܹñªAÀsÍÂ\Å»ñÈÉïµ èܹñB Ƚª~·éƨèÉAZbVXNvg (ÊÍ ~/.xsession © ~/.xinitrc) ð¿åÁÆ¢¶é¾¯Å·B ½ÌêAEBhE}l[WÍVµ¢vOÌÀsû@ðñµÜ ·ªA»êÅÀsµ½vOÍ[J}VãÅÀs³êé±ÆÉÓ µÄ¾³¢B±±Å¾¤[JÆÍEBhE}l[WªN®µÄ¢é }VðwµÜ·B[gÅEBhE}l[WðÀsµ½êÍA [gÌAvP[VªN®³êÜ·B±êÍ È½Ìó]ÆÍÙÈé©à µêܹñBà¿ëñA[gÅN®µ½vOÍAËRƵÄè³Ì fBXvCÉ\¦ðs¢Ü·B 9. guV [eBO ßÄ[g X AvP[VðÀsµæ¤ÆµÄàAåïÍ»ÌÜÜ ÅÍ®ìµÜ¹ñBȺQ`RÌG[bZ[WA´öAðû@ð°Ü ·B xterm Xt error: Can't open display: DISPLAY «ϪÈAܽAvP[VÉ -display tOàwèµ Ä¢Ü¹ñBAvP[VÍó̶ñðzèµÜ·ªA\¶ã³øÅ ·B±ÌðÉÍADISPLAY «Ïð³µÝèµÄ¨«Ü· (VFÉ æÁÄ setenv © export ÌÇ¿¿ç©ðg¢Ü·)B _X11TransSocketINETConnect: Can't connect: errno = 101 xterm Xt error: Can't open display: love.dial.xs4all.nl:0 G[ 101 Í "Network is unreachable" Å·BAvP[VÍT[o Élbg[NڱūܹñBDISPLAY ÌÝ誳µ¢©Ç¤©ÆAT[o }VÉNCAg©çBÅ«é©Ç¤© (T[oÉOCµ½ãAN CAgÉ telnet µÄÝéÈÇ) ðmFµÄ¾³¢B _X11TransSocketINETConnect: Can't connect: errno = 111 xterm Xt error: Can't open display: love.dial.xs4all.nl:0 G[ 111 Í "Connection refused" Å·BÚ±µæ¤ÆµÄ¢éT[o} VÉÍBµÜ·ªAwèµ½T[oª èܹñBzXg¼ÆfBXv CÔð³µgÁÄ¢é©mFµÄ¾³¢B Xlib: connection to ":0.0" refused by server Xlib: Client is not authorized to connect to Server xterm Xt error: Can't open display: love.dial.xs4all.nl:0.0 NCAgÍT[oÉÚ±ðìêܵ½ªAT[oÍ (FسêĢȢ) NCAgªfBXvCðg¤±ÆðµÜ¹ñB³µ¢}WbNNbL [ðNCAgÉ]µA»ÌúÀªØêĢȢ© (Vµ¢ZbVð Jn·éAT[oÍVµ¢NbL[ðg¢Ü·) mFµÄ¾³¢B 10. ú{êóÉ墀 ú{êóÍ Linux Japanese FAQ Project ªs¢Üµ½B|óÉÖ·é²Ó© Í JF vWFNg <JF@linux.or.jp> ¶ÉAµÄ¾³¢B üùððȺɦµÜ·B v0.3.1 |ó: Tetsu Isaji <isaji@mxu.mesh.ne.jp> KerberosÉ¢ÄF ¤¦âÜ é¢³ñ <rui@ic.netlaputa.ne.jp>A ª{ êK³ñ <kokamoto@ad.vc-net.ne.jp>A Jun Kuwamura³ñ <juk@rccm.co.jp> v0.6.3 |ó: ì{_ê <hng@ps.ksky.ne.jp> Z³F ¡´ Póñ <fujiwara@linux.or.jp>A Á¡ åT³ñ <daisuke@terra.dti.ne.jp>A é ³½³ñ <takavoid@palette.plala.or.jp>A Toshimi Horie ³ñ <je2uff@mxa.mesh.ne.jp>A ä Lõ³ñ <takei@webmasters.gr.jp>A J çG³ñ <jeanne@mbox.kyoto-inet.or.jp>A ì Y³ñ <nakano@apm.seikei.ac.jp>A X{ ~³ñ <morimoto@xantia.citroen.org>A Hiro YAMAZAKI ³ñ <hiro@linux.or.jp>A Tsutomu Kawashima ³ñ <kawawa@mail.interq.or.jp>A ã¡ ë°³ñ <magotou@fubyshare.gr.jp>A ²ì r³ñ <kgh12351@nifty.ne.jp>A ª{ êK³ñ <kokamoto@ad.vc-net.ne.jp>