/GENERATE[=(keyword[=value][,...]) (Alpha/Integrity servers
only)
Requires a trusted network connection to an X display server and
the SECURITY extension must be enabled on that server.
Instructs the display device to connect to the X display
server and generate a new authorization key (consisting of
the authorization protocol name and a magic cookie). This
authorization key is then stored in the X authority file
currently in use. If you do not want to overwrite any previously
existing keys for this display device, use the /XAUTHORITY
qualifier to write the generated key to an alternate X authority
file.
NOTE
The MIT-KERBEROS-5 protocol does not currently support key
generation, as defined by the SECURITY extension. Do not
use the /GENERATE qualifier when connected to an X display
server protected by Kerberos access control.
Each generated key follows the default settings unless
otherwise specified. This means that, by default, each generated
authorization key:
o Follows the MIT-MAGIC-COOKIE-1 protocol
o Grants an untrusted connection to the X server
o Is not associated with a particular application group
o Maintains a timeout period of 60 seconds before which it must
be used (otherwise, it is automatically revoked)
Possible keyword values are as follows:
Value Description
TRUSTED Specifies that the key grant unrestricted access
to the X server. This keyword permits a client
application to perform all actions.
UNTRUSTED Specifies that the key grant restricted access
to the X server. This keyword restricts client
applications to a subset of X server extensions
and prevents access to windows other than those
created by the requesting application.
TIMEOUT=seconds Specifies the number of seconds after which the
key is revoked automatically if not in use. The
timeout period begins immediately, and refreshes
once all connections using this key have closed.
NOTIMEOUT Specifies that the key has no expiration and must
be explicitly revoked.
GROUP=groupid Specifies that the key is associated with a
particular application group and is to be revoked
if that group is deleted. Although the use of
application groups is supported by DECwindows
Motif via the XC-APPGROUP extension, DECwindows
Motif does not currently supply any utilities or
desktop applications to create these groups. To
create an application group, you must use an X
Window System application or utility external to
DECwindows Motif.
PROTOCOL=name Specifies the protocol to be used to authenticate
the key. Valid values are server dependent. For
the DECwindows X display server, the only valid
value for the name parameter is MIT-MAGIC-COOKIE-
1. If you are connecting to a third-party X
server, the names of any additional authorization
protocols on that X server that support the
SECURITY extension and key generation are also
valid.
The keyword sets TRUSTED/UNTRUSTED and TIMEOUT/NOTIMEOUT are
mutually exclusive. Do not enter both values on the same command
line.