- To set up X11 forwarding on Linux, type specific commands, download PuTTY and execute your commands.
- X11 forwarding on Mac is also straightforward: Download Quartz, enter a command, test it and you’re good to go.
- Remote PC access software may be a better choice if you’re not IT-savvy, as X11 forwarding is only secure if your server is secure.
- This article is for business owners and IT professionals who want to use X11 forwarding for remote PC access.
Tech-savvy users know you can easily connect to a Linux server using various secure shell (SSH) clients. If you prefer – or are required – to use a tool with a graphical user interface (GUI), the solution is X11 forwarding.
What is X11 forwarding?
X11 forwarding is a mechanism that allows a user to start up remote applications, and then forward the application display to their local Windows machine. It enables you to run GUIs from a local server. It’s essentially remote desktop software that looks better on your screen and is easier to work with.
To determine if a remote desktop is right for your business, read our reviews of the best remote PC access software that provides access and control from any device or major operating system from any location.
X11 forwarding for Linux
To set up X11 forwarding on Linux, you’ll need to perform functions on both the Linux machine and the Windows desktop.
1. Prepare the Linux machine.
You first need to make a few minor changes to your Linux machine to enable X11 forwarding. In this example, we’ll use a standard CentOS 6.5 installation with GNOME installed. Other Linux distributions will have a very similar SSH daemon configuration.
- Locate the SSH configuration file at /etc/ssh/sshd_config.
- Uncomment – or add – the following lines (these items allow you to forward the traffic to your computer from the host):
- Configure X11 forwarding on either a per-user or multiple-user basis. When configuring multiple users, each user must use a separate port range. (There are additional options to configure for X11 forwarding, but those go beyond the scope of this introductory article.)
- Restart the SSH service to apply the revised configuration using this command:
service sshd restart
- If all goes as it should, the sshd service will be fully restarted.
- Install “xeyes” to test the sshd service using this command:
yum -y install xeyes
- Make sure the firewall isn’t blocking the forwarded requests. If the firewall prevents the installation, you may need to adjust the Iptables configuration. To turn off Iptables temporarily, use this command:
service iptables stop
Using a Windows guest computer
The first requirement on the Windows guest is to install PuTTY, which provides the mechanism to forward the display data between the host (the Linux server) and guest (your Windows machine).
- Download the application from the Microsoft Apps store to install PuTTY.
- Install a display manager. In this example, we’re using Xming, which is free and downloadable from SourceForge. Download Xming to your Windows PC and run the setup. We recommend going with the defaults during the installation.
- Try out X11 forwarding once you’ve installed Xming. You’ll need to allow the Windows firewall to be modified for Xming forwarding to work. You’ll see a pop-up requesting the required access.
- Change these settings in PuTTY for X11 forwarding to work:
- Open PuTTY as normal, filling in the IP address or DNS alias name.
- Go to the connection menu in PuTTY, select SSH X11, and check the box Enable X11 forwarding.
- The xdisplay location should also be set to localhost:0, which is basically the display on which you’re currently working.
- Select OK to connect to the Linux server using PuTTY.
- Run the following command:
Hopefully, a silly pair of eyes like this one will appear that follow your cursor around the screen.
To keep the terminal available for additional commands after you launch the X11-forwarded application, use an ampersand (&) at the end of the command to prevent tying up the terminal in question.
No matter which GUI you use on your Linux host – GNOME or KDE – both have an xdisplay manager that underlies the GUI portion of the display. The xdisplay manager is a network protocol designed to allow items to be forwarded to whichever destination that’s required.
Though intended primarily for humor, the xeyes command can be helpful for accessibility. If you’re visually impaired and struggle to locate your cursor, the big eyes can help.
X11 forwarding for Mac
X11 forwarding on a Mac is just as easy as installing it for Linux.
- Download Quartz and install it as you would any other Mac package. Quartz is another example of a display management application.
- Start using X11 forwarding on your Mac using the -X switch; the SSH command looks like this:
ssh -X root@mylinuxhost
- Test it by typing in the command xclock or xeyes. You will see a basic clock or the aforementioned eyes on your desktop.
If you’re thinking about switching from a PC to a Mac, ensure your critical applications have Mac versions or are compatible with your new setup.
X11 forwarding FAQs
Is X11 forwarding secure?
X11 forwarding is safe if you’re confident the server is fully secure. Otherwise, you could be introducing cybersecurity risks. X11 forwarding gives a server all of your information without any protection.
What port does X11 forwarding use?
X11 uses port 6000, though some systems use port 6001. Others may involve additional ports; however, such systems are relatively rare.
What is X11UseLocalhost?
The X11UseLocalhost command connects your X11 forwarding server to either the wildcard address or loopback address. Without this command, your forwarding will automatically be linked to the loopback address.
Additional resources for IT teams
To become more proficient with IT to help your company run more smoothly or boost your tech career, below are three articles that can help you find appropriate IT certifications:
- Best IT Certifications
- CompTIA Certification Guide: Overview and Career Paths
- Best Big Data Certifications
To learn more about working with Windows Server, check out this resource.
Max Freedman contributed to the writing and research in this article.