More experienced users know that you can connect to a Linux server quite easily using a variety of SSH (Secure Shell) clients. That's all well and good but what about if you need to use some tool that has a GUI?
The answer is to use X11 forwarding. X11 forwarding is a mechanism that allows a user to start up remote applications but forward the application display to your local Windows machine.
X11 Forwarding on Linux
There are a few minor changes needed on your Linux box to enable X11 forwarding. In this basic example I am using a standard CentOS 6.5 installation with GNOME installed. Other Linux distributions will have a very similar SSH daemon configuration. The SSH configuration file is located at /etc/ssh/sshd_config. Locate and uncomment (or add) the following lines:
These items allow the traffic to be forwarded over to your computer from the host and also allow forwarding to be used. X11 forwarding can be configured on a per user basis. There are additional options that can be configured for X11 forwarding, but those go beyond the scope of this introductory article. The system can also be configured to allow multiple X11 forwarded users, but each user will have to use a separate port range.
Once the config file's modifications have been made to your Linux system, the SSH service will need to be restarted to effect the revised configuration. Restart the services by using the command:
service sshd restart
All being well, the sshd service will be fully restarted. As a funny little test, install "xeyes." Use the command:
yum -y install xeyes.
It is also prudent to check that the firewall is not blocking the forwarded requests. Iptables' configuration may need to be adjusted if they are. To turn off Iptables on a temporary basis, you can use the command:
service iptables stop
On the Windows guest, the first requirement is to install PuTTY, which provides the mechanism to forward the display data between the host (the Linux server) and guest (your Windows machine). If you don't already have PuTTY, download the PuTTY application from the PuTTY website and install it. I'd suggest using the full download package.
There are many display managers you can use. In this example we are using Xming, which is free and downloadable from sourceforge.net. Download Xming to your Windows PC and run the setup. During installation, you might see a number of options; I'd suggest going with the defaults.
Once Xming is installed you are ready to try out X11 forwarding. You will need to allow the Windows firewall to be modified to allow Xming forwarding to work. This should automatically pop up and request the required access.
There are also two settings in PuTTY that need to be changed to make X11 forwarding work. Open PuTTY as normal, filling in the IP address or DNS alias name. Before clicking OK to connect to the server, go to the connection menu in PuTTY, select SSH, X11 and tick the box X11 forwarding. The xdisplay location should also be set to localhost:0, which is basically the display you are working on currently.
You can now connect to the Linux server using PuTTY. At the command line, run the command: xeyes. Hopefully a silly pair of comedy eyes will pop up that follow your cursor around the screen. To keep the terminal available for additional commands after you launch the X11 forwarded application, use an & at the end of the command to prevent tying up the terminal in question.
Now that you have seen it in action, it is perhaps time to share how it all works.
No matter which GUI you use on your Linux host, GNOME or KDE, they both have what is termed a xdisplay manager that underlies the GUI portion of the display. It is a network protocol that was designed from the outset to allow items to be forwarded to whichever destination is required.
X11 Forwarding on Mac
X11 forwarding on Mac is just as easy. Download Quartz and install it as you would any other Mac package. Quartz is another instance of display management. To start using X11 forwarding to your Mac, use the -X switch. In other words, the ssh command would look like this:
ssh -X root@mylinuxhost
To test it just type in the command xclock or xeyes, and, as if by magic, you get a basic clock or aforementioned eyes on your desktop.