= SSH X11 forwarding and SU =

**Summary**: How to work with xauth cookies when doing su. \\
**Date**: Around 2012 \\
**Refactor**: 29 April 2025: Checked links and formatting. \\
{{tag>redhat aix solaris}}

X authentication is based on cookies, secret little pieces of random data that only you and the X server know. So, when you su the user you su to need to know the cookie. To do so request your cookies and your display setting before you su:

<code>
>xauth list
server1.company.local/unix:10  MIT-MAGIC-COOKIE-1  1c64ce9c5e07154d4403bf8b919635f2
server2.company.local/unix:10  MIT-MAGIC-COOKIE-1  0d219bf6b6b4ed805ad51b17f71d2e38
>echo $DISPLAY
localhost:10.0
</code>

Now su, and import the cookie configuration and the DISPLAY variable:

<code>
>su - oracle
oracle's Password:

>xauth add server2.company.local/unix:10  MIT-MAGIC-COOKIE-1  0d219bf6b6b4ed805ad51b17f71d2e38
>export DISPLAY=localhost:10.0
</code>

> Note: If you do this on a system with SELinux enabled and run into errors see [[redhatselinux#selinux_and_non_default_home_directories|here]]