Monday, July 9, 2007

X11 Forwarding via ssh howto

Get a graphical user interface remotely via ssh?

Here is a quick way on how to enable X11 forwarding with ssh. Make sure you have all the required ssh packages installed from your box. Or you can install it yourself by issuing

#yum install openssh-* -y

After successful installation from the remote box, launch you editor, edit /etc/ssh/sshd_config , look for the lines

X11Forwarding no

and change it to

X11Forwarding yes

then save. Additionally, check your /etc/ssh/ssh_config and confirm if it contains the below line

ForwardX11Trusted yes

Be warned and reminded to backup conf files before modifying them. Do restart your ssh service like so

# service sshd restart

Make sure the firewall settings from the remote box allows ssh connection from your own local box. I would not cover advance ssh restrictions here. However, one quick way of testing your remote ssh server settings is by doing so

# ssh USER@REMOTEIPBOX

Change USER with your username and REMOTEIPBOX with an IP address of your remote linux box. This assumes that your ssh is running at port 22 by default .

If your ssh attempt was successful, it basically means the ssh port is open and you are able to reach the remote box via ssh as a a client

Now, from the local box, test X11 forwarding by issuing

# ssh -X USER@REMOTELOCALIP

You will be logged in from the remote box. From there, issue

# gcalctool

nice! incase, this is the CLI command to launch your GUI calculator obviously, it should appear from your local linux box screen and not from the remote linux box. Take note that by default, sshd binds the forwarding server to the loopback address. You can verify this from /etc/ssh/sshd_config with

X11UseLocalhost yes

X11 SSH CONNECTION:

Incase you need to execute some direct commands, alternatively try the faster one-liner.

# ssh -X USER@REMOTELOCALIP gcalctool

It is highly advisable to restrict your ssh policies then for added security.

This could be an extra help if you wish to connect remotely with X11Forwarding from your local linux box to another out-of-network-broadcast window box behind a linux firewall via X11Forwarding .

PACKAGE VERIFICATION:

For added info, if you wish to know if you have successfully installed openssh package, you can query them by

# rpm -qa openssh*

which lists out installed openssh rpm packages like so

openssh-clients-XXX
openssh-XXX
openssh-server-XXX

Hope this helps.

0 comments:

Sign up for PayPal and start accepting credit card payments instantly.
ILoveTux - howtos and news | About | Contact | TOS | Policy