If you are using the MIT-MAGIC-COOKIE-1 authorization protocol, follow these steps to allow another user access to your server.
On the machine running the server, use xauth to extract an entry corresponding to hostname:0 into a file.
For this example, hostname is anyhost and the file is xauth.info.
myhost%$OPENWINHOME/bin/xauth nextract - anyhost:0 > $HOME/xauth.info
Send the file containing the entry to the user requesting access (using Mail Tool, rcp, or some other file transfer protocol).
Mailing the file containing your authorization information is a safer method than using rcp. If you do use rcp, do not place the file in a directory that is easily accessible by another user.
The other user must merge the entry into their .Xauthority file.
For this example, userhost merges xauth.info into their .Xauthority file.
userhost%$OPENWINHOME/bin/xauth nmerge - <xauth.info
The auth-data is session-specific; therefore, it is valid only as long as the server is not restarted.