How to Set Up and Use X11 Forwarding on Linux and Mac

What is X11 forwarding?

X11 forwarding is a mechanism that allows a user to start up remote applications, and then forward the application display to their local Windows machine. It enables you to run GUIs from a local server. It’s essentially remote desktop software that looks better on your screen and is easier to work with.

X11 forwarding for Linux

To set up X11 forwarding on Linux, you’ll need to perform functions on both the Linux machine and the Windows desktop.

1. Prepare the Linux machine.

You first need to make a few minor changes to your Linux machine to enable X11 forwarding. In this example, we’ll use a standard CentOS 6.5 installation with GNOME installed. Other Linux distributions will have a very similar SSH daemon configuration.

1. Locate the SSH configuration file at /etc/ssh/sshd_config.
2. Uncomment – or add – the following lines (these items allow you to forward the traffic to your computer from the host):
   

   X11Forwarding yes

   X11UseForwarding yes

3. Configure X11 forwarding on either a per-user or multiple-user basis. When configuring multiple users, each user must use a separate port range. (There are additional options to configure for X11 forwarding, but those go beyond the scope of this introductory article.)
4. Restart the SSH service to apply the revised configuration using this command:
   

   service sshd restart

5. If all goes as it should, the sshd service will be fully restarted.
6. Install “xeyes” to test the sshd service using this command:
   

   yum -y install xeyes

7. Make sure the firewall isn’t blocking the forwarded requests. If the firewall prevents the installation, you may need to adjust the Iptables configuration. To turn off Iptables temporarily, use this command:
   

   service iptables stop

Using a Windows guest computer

The first requirement on the Windows guest is to install PuTTY, which provides the mechanism to forward the display data between the host (the Linux server) and guest (your Windows machine).

1. Download the application from the Microsoft Apps store to install PuTTY.
2. Install a display manager. In this example, we’re using Xming, which is free and downloadable from SourceForge. Download Xming to your Windows PC and run the setup. We recommend going with the defaults during the installation.
3. Try out X11 forwarding once you’ve installed Xming. You’ll need to allow the Windows firewall to be modified for Xming forwarding to work. You’ll see a pop-up requesting the required access.
4. Change these settings in PuTTY for X11 forwarding to work:
   • Open PuTTY as normal, filling in the IP address or DNS alias name.
   • Go to the connection menu in PuTTY, select SSH X11, and check the box Enable X11 forwarding.
   • The xdisplay location should also be set to localhost:0, which is basically the display on which you’re currently working.

5. Select OK to connect to the Linux server using PuTTY.
6. Run the following command:
   

   xeyes

Hopefully, a silly pair of eyes like this one will appear that follow your cursor around the screen.

To keep the terminal available for additional commands after you launch the X11-forwarded application, use an ampersand (&) at the end of the command to prevent tying up the terminal in question.

No matter which GUI you use on your Linux host – GNOME or KDE – both have an xdisplay manager that underlies the GUI portion of the display. The xdisplay manager is a network protocol designed to allow items to be forwarded to whichever destination that’s required.

Key Takeaway

Though intended primarily for humor, the xeyes command can be helpful for accessibility. If you’re visually impaired and struggle to locate your cursor, the big eyes can help.

X11 forwarding for Mac

X11 forwarding on a Mac is just as easy as installing it for Linux.

1. Download Quartz and install it as you would any other Mac package. Quartz is another example of a display management application.
2. Start using X11 forwarding on your Mac using the -X switch; the SSH command looks like this:
   

   ssh -X root@mylinuxhost

3. Test it by typing in the command xclock or xeyes. You will see a basic clock or the aforementioned eyes on your desktop.

Tip

If you’re thinking about switching from a PC to a Mac, ensure your critical applications have Mac versions or are compatible with your new setup.

X11 forwarding FAQs

Is X11 forwarding secure?

X11 forwarding is safe if you’re confident the server is fully secure. Otherwise, you could be introducing cybersecurity risks. X11 forwarding gives a server all of your information without any protection.

What port does X11 forwarding use?

X11 uses port 6000, though some systems use port 6001. Others may involve additional ports; however, such systems are relatively rare.

What is X11UseLocalhost?

The X11UseLocalhost command connects your X11 forwarding server to either the wildcard address or loopback address. Without this command, your forwarding will automatically be linked to the loopback address.

Additional resources for IT teams

To become more proficient with IT to help your company run more smoothly or boost your tech career, below are three articles that can help you find appropriate IT certifications:

• Best IT Certifications
• Best Networking Certifications

To learn more about working with Windows Server, check out this resource.

Max Freedman contributed to the writing and research in this article.