Quick Tip: Use remote Linux GUI system, admin tools locally

by on April 10, 2007 · 14 comments· LAST UPDATED April 10, 2007

in , ,

This is a reader-contributed article.

Technology has changed dramatically in the last decade. OpenSSH is one the best project. It allows you to control remote Linux / UNIX server using command line or GUI tools.

Do you miss GUI configuration server management tools such as Debian network-admin or Redhat/Cent os system-config-* tools/utilities while administrating a Linux server? Do you want to run GUI admin tools on a remote Linux server and get display on local desktop or laptop X server system?

I have been using OpenSSH X11 forwarding and it works very well with DSL / ADSL/ cable connections.

Sample setup

Our setup is as follows:
#1: Remote Redhat Enterprise / Debian Linux Server
IP address: 203.199.92.106

#2: My IBM laptop running Ubuntu Linux connected via hi speed ADSL connection.
IP address: Dynamic

Step #1: Server Setup

You must have OpenSSH server installed. Open SSHD configuration file /etc/ssh/sshd_config
$ sudo vi /etc/ssh/sshd_config
Turn on X11Forwarding by setting X11Forwarding parameter to yes:
X11Forwarding yes

Save and close the file. Restart OpenSSH server you so the changes will take place:
$ sudo /etc/init.d/ssh restart
If you are using RedHat server, use:
# /etc/init.d/sshd restart

Logout and close ssh connection.

Step # 2: Running a command remotely

Debian Linux has the Network Administration Tool. It allows you to specify the way your system connects to other computers and to internet. Let us run this tool from laptop and make some changes to remote server networking. Open X terminal and type the command:
$ ssh -X 203.199.92.106 /usr/bin/network-admin
Run RedHat Linux system-config-httpd tool (Apache sever configuration tool):
$ ssh -X 203.199.92.106 /usr/bin/system-config-httpd

Basic X11 Forwarding Over SSH - Open HTTPD Config tool
[X11 Forwarding in action]

Within few seconds (depends upon your network speed) you should see a network-admin or system-config-httpd GUI locally. The client desktop/laptop does not need any extra configuration :)

Another option is to connect to the remote server and use X port forwarding:
$ ssh -X 203.199.92.106

Make sure you replace IP address 203.199.92.106 with actual hostname or IP address.

A note for apple OS X tiger users

Instead of –X option use –Y option:
$ ssh -Y 203.199.92.106
$ ssh -Y 203.199.92.106 system-config-network

Optional : Turn on Automatic X11 Forwarding

You can turn on automatic forwarding by adding following two lines to local OpenSSH client configuration file /etc/ssh/ssh_config or ~/.ssh/config:
$ sudo vi /etc/ssh/ssh_config
Set configuration parameter:
Host *
ForwardX11 yes

Save the changes. You can run almost any GUI program locally :)

Reference Links:

About the author: Rocky Jr., is an engineer with VSNL - a leading ISP / global telecom company in India and a good friend of nixCraft.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 14 comments… read them below or add one }

1 disgrntld_emu April 10, 2007 at 5:41 pm

Forget plain old X11 forwarding. Check out NoMachine’s(http://www.nomachine.com/download.php) NX software. It runs over SSH as well but the responsiveness of the NX protocol is unlike any other remote GUI. Don’t be mislead, you can get it all for free if you click the right links on their page =)

Reply

2 Nevyn April 11, 2007 at 10:55 pm

This technique can also be used to serve up Linux applications on a Windows desktop. Brilliant for me – I have the best (and worst) of both worlds.
You need to install an X-server on the windows machine – read: cygwin.
And use something like putty to connect up to the server and run your commands from there.
I’m still having a problem though – I’m still having to run xhost +[Server Address] on my desktop for some strange reason despite all the instructions being followed.

Reply

3 Vivek Kapoor April 12, 2007 at 7:37 am

If you use -XC intead of just -X then the performance would be far better. C is for Compression.

Reply

4 Hans-Werner April 12, 2007 at 10:14 am

@Nevyn: “xhost +ServerIP” is dangerous on potentially hostile networks since an IP can be forged. You’re probably having an authentication problem. Check the man page of “xauth”, basically you need to extract the authentication token on the X server (i.e. SSH client) and merge it into the XAuth database on the X client side (i.e. SSH server side).

Reply

5 arbuzz April 12, 2007 at 6:48 pm

“A note for apple OS X tiger users”

Say what I need to be able to make this work on iBook?

I got this error: /usr/share/system-config-network/netconfpkg/NC_functions.py:30: DeprecationWarning: rhpl.log is deprecated and will be removed; use python’s logging instead
import rhpl.log
TERM environment variable needs set.

Reply

6 Danny Williams April 12, 2007 at 7:27 pm

But why not just use TightVNC?

Reply

7 Terrell Prude' Jr. April 12, 2007 at 11:23 pm

You might also have to throw the “ForwardAgent yes” setting in /etc/ssh/ssh_config in order for this to work. I’ve run into that.

Good tip, though. I use X11 forwarding at work all the time, and it’s very handy. Way better than the old telnet/xhost way.

Reply

8 What is Software? April 14, 2007 at 8:00 am

Could you do an article on installing X on a windows machine. That’s all my university has. Better yet, X on a disk-on-key, like Portable Apps, would be great.

Thanks.

Reply

9 Stuart April 17, 2007 at 3:33 pm

It’s best not to enable X11Forwarding for all connections (i.e. don’t enable it in /etc/ssh/ssh_config)… it used to be the default and there’s a very good reason why it is no longer. It’s dangerous.

It turned out that a remote attacker could sniff your keyboard and mouse movements (or possibly even more horrible things) just because you ssh’d onto a box that they had cracked. In short, it turned into a great way of cracking the next host up the chain.

I generally define two connections in .ssh/config for any machine, say foo.example.com — one connection I call “foo” and the other “xfoo”. I then have X11Forwarding turned on for only one of them. And of course, by using the config file, I can automatically get all the other benefits it brings — I turn on compression and can specify an identity file for pubkey login too.

Reply

10 Scott Bohler June 17, 2007 at 3:35 am

Very useful. Thank you!

Reply

11 p3ace January 8, 2009 at 1:00 pm

Nice ! This is very usefull and simple !

Reply

12 vinay April 16, 2009 at 7:20 am

I tried this method but was unsuccessfull in launching GUI applications on the local system. I checked and made sure that X11Forwarding is set as YES on the remote system. I connect to the remote system using ssh -X .
Now, when i type gedit on the terminal window, the gedit editor open in the remote terminal. Please advice as to what settings i am missing which will enable me to open the GUI on the local system.

Thanks,
vinay

Reply

13 Abdulrahim January 14, 2012 at 3:33 pm

hi friend
if i wrote this as bellow
[abdulrahim@redhat ~]$ ssh -X ali@redhat.com /usr/bin/network-admin
bash: /usr/bin/network-admin: No such file or director

this is result. what’s the problem? i don’t understand

Reply

14 Abdulrahim January 14, 2012 at 4:02 pm

hi friend
scenario is: I pc but no any network just local. so can i use (ssh) between users in same pc as bellow is right no any problem

[abdulrahim@redhat ~]$ ssh -X ali@redhat.com
Last login: Sat Jan 14 18:29:45 2012 from redhat.com
[ali@redhat ~]$

but if i use this command as bellow is
[abdulrahim@redhat ~]$ ssh -X ali@redhat.com /usr/bin
bash: /usr/bin: is a directory

this problem the same before this comment
so what’s problem for that? it must go in this folder right or not????!!!!!!!

Reply

Leave a Comment

Previous post:

Next post: