Running X window graphical application over ssh session

SSH, server has feature called X11Forwarding. It specifies whether X11 forwarding is permitted or not. You need to set this parameter to yes. Once this is enabled, you will be able to run a graphical application on server and get applications display (window) on your desktop.

Server setup
For example, login on Linux/BSD system called Open /etc/ssh/sshd_config file using text editor:

# vi /etc/ssh/sshd_config

Find out parameter X11Forwarding and set it to yes:

X11Forwarding yes

Save file and exit to shell prompt. Restart sshd service under Debian Linux:

# /etc/init.d/ssh restart

Alternatively, if you are using Fedora / Red Hat Linux restart sshd:

# /etc/init.d/sshd restart

Desktop setup
Since X11 forwarding is enabled, just login from desktop system to using ssh command:

desktop $ ssh -X

server1 $
When you login using ssh command, you need to use -X flag to enable X11 forwarding. If you do not use -X flag forwarding it will not work and you will get an error that read as follows:
couldn’t open display (null)

Once you are logged in to server1, if you type the X application command over ssh session, the application will run on server1 and display will appear on your desktop system. For example, run xeyes or open office program:

server1 $ xeyes &
server1 $ ooffice &

Within few seconds, you should get a graphical display on your desktop system.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 5 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
5 comments… add one
  • Anonymous Apr 22, 2006 @ 12:50

    Replace -X with -Y for a trusted/encrypted session :-j

  • Lifeboy Jun 3, 2008 @ 9:21

    Great article! Hoe would one achieve the same if there is another machine inbetween like this:
    Desktop -> WRT54GL (OpenWrt) -> Server. I know there is a way one can forward packets via ssh, but how?

    Thanks again.

  • anon Jul 22, 2008 @ 1:21

    Hi all,
    can we make some changes in the sshd config file so that everytime we don’t have to specify -X or -Y option for opening a graphical interface??

  • Marmalade Mar 28, 2009 @ 10:10

    in the file

    you can add

    Host ahost
    ForwardX11 yes

    to always enable for that host

    or use

    Host *
    ForwardX11 yes

    to always enable it

  • ashutoshh singh Nov 11, 2013 @ 16:51

    is there any solution if a program like firefox is already open at server , then as a clinet if i try to open firefox then it shows the program is already running.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum