SSH, server has feature called X11Forwarding. It specifies whether X11 forwarding is permitted or not. You need to set this parameter to yes. Once this is enabled, you will be able to run a graphical application on server and get applications display (window) on your desktop.
Server setup
For example, login on Linux/BSD system called server1.mydomain.com. Open /etc/ssh/sshd_config file using text editor:
# vi /etc/ssh/sshd_config
Find out parameter X11Forwarding and set it to yes:
X11Forwarding yes
Save file and exit to shell prompt. Restart sshd service under Debian Linux:
# /etc/init.d/ssh restart
Alternatively, if you are using Fedora / Red Hat Linux restart sshd:
# /etc/init.d/sshd restart
Desktop setup
Since X11 forwarding is enabled, just login from desktop system to server1.mydomain.com using ssh command:
desktop $ ssh -X user@server1.mydomain.com
Password:
server1 $
When you login using ssh command, you need to use -X flag to enable X11 forwarding. If you do not use -X flag forwarding it will not work and you will get an error that read as follows:
couldn’t open display (null)
Once you are logged in to server1, if you type the X application command over ssh session, the application will run on server1 and display will appear on your desktop system. For example, run xeyes or open office program:
server1 $ xeyes &
server1 $ ooffice &
Within few seconds, you should get a graphical display on your desktop system.
- RSS feed or Weekly email newsletter
- Share to Twitter • Facebook • 5 comments... add one ↓
40 Linux Server Hardening Security Tips [2019 edition]
Linux 25 PHP Security Best Practices For Sys Admins
30 Best Sources For Linux / *BSD / Unix Documentation On the Web
Top 20 OpenSSH Server Best Security Practices
Top 25 Nginx Web Server Best Security Practices
21 Examples To Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
The Novice Guide To Buying A Linux Laptop
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
Replace -X with -Y for a trusted/encrypted session :-j
Great article! Hoe would one achieve the same if there is another machine inbetween like this:
Desktop -> WRT54GL (OpenWrt) -> Server. I know there is a way one can forward packets via ssh, but how?
Thanks again.
Hi all,
can we make some changes in the sshd config file so that everytime we don’t have to specify -X or -Y option for opening a graphical interface??
in the file
/home//.ssh/config
you can add
Host ahost
ForwardX11 yes
to always enable for that host
or use
Host *
ForwardX11 yes
to always enable it
is there any solution if a program like firefox is already open at server , then as a clinet if i try to open firefox then it shows the program is already running.