xauthはmanによると
DESCRIPTION
The xauth program is used to edit and display the authorization information used in connecting to
the X server. This program is usually used to extract authorization records from one machine and
merge them in on another (as is the case when using remote logins or granting access to other
users). Commands (described below) may be entered interactively, on the xauth command line, or
in scripts. Note that this program does not contact the X server except when the generate com‐
mand is used. Normally xauth is not used to create the authority file entry in the first place;
the program that starts the X server (often xdm or startx) does that.
とあり、そのまんま名前の通りX serverをセキュアに使うための仕組みを提供するコマンドです。
実際のところ
ためしにSSHでVirtualBox上のUbuntuに入りxauthのリストを見てみると
$ xauth list user-VirtualBox/unix:10 MIT-MAGIC-COOKIE-1 0caf6bb5f99d23a003fe27673ccXXXXX
