Quick solution to the question
- On the host machine, do not put any
DISPLAY=statement there. If exist, the remote host will try to render GUI on its own display port; - On the client machine, do specify
export DISPLAY=127.0.0.1:0.0in the~/.bashrc. ThisDISPLAYvariable shall match with theXmingthat runs on the client machine.
Then, simply connect to the host using the -X flag and enjoy free access to all GUI programs on the remote machine!
What went wrong in the lengthy description below:
- As clarified in one of the comments, one should not set the
DISPLAYvariable on the remote host. It is overkill as it confuses how GUIs should have been rendered.- Removing the line setting the
DISPLAYvariable on the host solved my problem.
- Removing the line setting the
I have set a Linux Mint machine to pick up X11Forwarding by specifying the following in /etc/ssh/sshd_config, yet, I have trouble accessing the server using Ubuntu 18.04.1 LTS hosted as WSL on Windows 10.
X11Forwarding yes
X11UseLocalhost no
AllowAgentForwarding yes
X11DisplayOffset 10
AddressFamily inetYet, after having logged into the Linux Mint machine using ssh -Y address_of_remote_server, I cannot launch any programs that has GUI. The following error messages come from trying to launch gvim during the SSH session:
However, I can launch gvim by combining the commands, as: ssh -Y address_of_remote_server gvim. No error was prompted. Please advise which setting needs to be tweaked to help me open GUI programs during SSH sessions.
More details:
- On the local machine, I use a Ubuntu distro installed as WSL on Windows 10.
- For X-server, I have tried both Xming and X410. Both can host (local) GUI-programs through display port:
127.0.0.1:0.0(thus goes the setting on the remote machine as well.)
- For X-server, I have tried both Xming and X410. Both can host (local) GUI-programs through display port:
- On the remote Linux Mint machine, I have set
export DISPLAY=127.0.0.1:0.0as well; thessh + command (gvim)did not work without the127.0.0.1part.
Updates, with -X flag
I should have opted to show the demo using -X flag. In my case, hooking up SSH connections using -X and -Y are identical. They both have set the $DISPLAY variable:
Similarly, combining the connection statement with the gvim command gets me a lively Gvim window. And, I get the following error with connecting first, and then issuing gvim command:
Updates with the client setting
On the client machine, in ~/.ssh/config, I have set up:
host 10.0.0.168 ForwardX11 yes Port 22990 #This is a fake port. User llinfeng PubKeyAuthentication yes IdentitiesOnly yes IdentityFile ~/.ssh/MyRSA_KeyStill, I cannot launch any GUI programs after getting into the SSH session. Again, launching combined commands does yield a fully functional GUI (ssh -X 10.0.0.168 gvim will create a GVIM window.)
2 Answers
You cannot force a client to enable X11Forwarding by putting an entry in any sshd_config file, but instead need to enable ForwardX11 on the client machine, and for ssh not sshd. X11Forwarding needs to be enabled on the server, but that doesn't mean it's enforced.
You can do this by editing your ~/.ssh/config for the user, and adding a Host entry for your remote server:
Host theserver
Hostname 192.168.1.1
User username
ForwardX11 yes
PubKeyAuthentication yes
IdentityFile ~/.ssh/some_key
IdentitiesOnly yesNow you can run $ ssh theserver and ForwardX11 will be active. When you use -X/-Y flag, you're activating ForwardX11 on the client, the same as by setting up a configuration. Either way, you will need to enable ForwardX11 on the client, and it is not recommended to do this system-wide for all hosts, but instead selectively for each host.
Don't mess with DISPLAY and allow your client and the system to set everything up. You were probably trying to fix stuff and added that, but remove it and try simply using -X/-Y flag, or configuring for X11 Forwarding for the specific host, or with a flag at runtime.
You can read more about the security implications of X11 Forwarding here and elsewhere.
1The answer is as simple as connection with -X flag:
ssh -X me@myserverThis should set proper display variables for you. You can see what the value is like this:
echo $DISPLAYWhen I ssh into my host, I get this value for DISPLAY:
localhost:10.0You may have more in your server's config file than you need. All I have in mine is the following:
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials noTry trimming your ssh config file down to these simple values.
Also, the -p 22 is unnecessary as port 22 is the default for ssh.
There is more info here: Stack Exchange: Forward X
Finally, much can be learned from the manpages:
man ssh 2