I want to open server's display on my system without using -X with ssh.
I want to log into server using ssh 192.168.xx.xx, now I try to open the server's display on my system. It says "can not open".
What display variable should I export on the server's command line?

I have run on the server
# export DISPLAY="localhost=10.0"
but it still does not open the display of server on my system.

Is ssh -X is the only method to see display of remote host?

Right...why would it? You have set the X display on the remote server, to be ON that server, not on your workstation. When you log in to the remote server, "localhost" references the system you're ON.
Similar to your other thread about the same topic:
http://www.linuxquestions.org/questi...ot-4175468584/

Please read the last post in there, and this has also been covered MANY times on this site. Again, the steps are:

1. Make sure your local workstation is running X windows, and is accepting incoming X connections. From a terminal, do a "ps -ef | grep nolisten". If you see a line similar to "/usr/bin/Xorg -br :0 vt7 -nolisten tcp -auth /var/lib/kdm/AuthFiles/A:0-uf4bza", then your workstation is NOT accepting incoming X sessions. How you fix this depends on your version/distro of Linux. For openSUSE 12.3, it's in YAST->Security Center. Reboot after making that change and verify that the "-nolisten" parameter is not there on your X server anymore. Until it's gone, you WILL NOT be able to get X sessions remotely
2. On your local workstation, type in "xhost +" (a bit insecure), or "xhost <ip address of remote server>" (better)
3. SSH to your remote server
4. Type in "export DISPLAY=<ip address of LOCAL workstation>:0"
5. Run X application

Thanks for your prompt reply.
The problem of previous thread is solved because they have taken my machine, that's why I didn't reply on the thread. but now, the machine is new, the set up is new, everything is new so the problem is new.

I can log into the remote server using ssh -X IP-of-the-remote-machine and I am able to open remote machine's display on my system.

But if I log into remote machine using ssh IP-of-the-remote-machine, now if I try to open display it says, can't open display.
It is fine because display variable is not set becaue I haven't used -X with ssh but now I try to set display variable on remote machine using command line, it still says "can not open display"
I ran following command on the remote host machine's command prompt.
now if I run
it says
It is the same output which is shown when I run echo $DISPLAY after logging in using ssh -X
then why does it not open the display?

If I log in using
and run
it shows blank out put, it is fine because display variable is not set so I set them manually using command line by using this comamnd
Then it doesn't open the display.

I have set the display variable on my system too using
When I runit shows
it is the same output which is appeared when I open the display of remote host on my system using ssh -X.

...which is what you should be doing, so if it works, then continue.
...and see my previous post, which explains how to do it without the "-x" parameter, which is what you asked. Those are detailed steps...can't tell you more than that.

Look at the ssh configuration file (on my system, /etc/ssh/ssh_config). There is an option (usually commented out) "# ForwardX11 no". This shows the default configuration compiled in so change the "no" to "yes" and uncomment.

After that, the -X option is the default.

Note: for it to work, the server must also allow X

A bit more. If all else fails, you can try putting "ForwardX11 yes" in ~.ssh/config (and be sure to remove write access from group/world).

Thanks TB0ne for your reply as well as jpollard too.
the five steps you mentioned in my last thread looking perfect but may be I am doing any silly mistake, I am facing same problem if I don't use -X with ssh.
The obvious question is why I don't want to use -X when ssh gives us the facility. Actually I want to understand the mechanism behind ssh and X11.
I learned these links, but I couldn't understand about export display variable.
http://en.wikipedia.org/wiki/X_Window_System
it says
I think you said the same thing in your previous thread
I think your fourth step is same as wikipedia's suggestion but it is not working me If I try to log in without using -X with ssh.
I have followed these steps.
1)I open my system, I am using ubuntu 12.10. I log in as user. My IP is 192.168.1.10
2) I run following command on my terminal.
it says
or if I run
it says
3) Now I open the terminal and log into server as a user. Server is CentOS-6.3 and it's IP is 192.168.1.20
$ ssh user@192.168.1.20
4) Now I reach on server's user's command prompt. I run following command on server's command prompt
It says nothing,it shows the prompt again. if I run
it says
Now I try to open server's display on my system using
It says
If I try to open gedit using
it says
I don't know where am I wrong.
I just do not want to do this task otherwise I can do it using ssh -X. I want to learn it, how it can be done.
I have read enough theories during my college but they are incomplete without practicals. I got 81 out of 100 in my Linux Admin theory paper but what is the use of this if I can't export a simple display variable.
I have a chance to do practicals now. I don't want to be GURU or VETERAN here but at least I should do this simple jobs by my own. They look very easy if you write 2 or 3 pages about them and get 15 or 16 out of 20 but challenges are here in front of monitor. that's why I am asking these silly questions.
Thanks for your precious time and help.

Ok....go back to the VERY FIRST STEP, posted here again:

1. Make sure your local workstation is running X windows, and is accepting incoming X connections. From a terminal, do a "ps -ef | grep nolisten". If you see a line similar to "/usr/bin/Xorg -br :0 vt7 -nolisten tcp -auth /var/lib/kdm/AuthFiles/A:0-uf4bza", then your workstation is NOT accepting incoming X sessions. How you fix this depends on your version/distro of Linux. For openSUSE 12.3, it's in YAST->Security Center. Reboot after making that change and verify that the "-nolisten" parameter is not there on your X server anymore. Until it's gone, you WILL NOT be able to get X sessions remotely
   Did you do that?

1 members found this post helpful.

ssh forwards X connections, providing an encryption connection to the X server.

Using xhost, in any form, weakens the security of the server by essentially, disabling it.

What sshd does (when forwarding) is to open a second port (6000+offset, where 6000 is the default X TCP port). This second port receives any X connection when the DISPLAY environment variable is set to localhostffset. The "localhost" allows sshd to handle the network connection.

In addition to this, sshd is given an unprivileged access key which it saves in the Xauthority file associated with the "localhostffset" entry. Any TCP connection to the defined X socket is encrypted, tagged as a X data packet (along with a connection id), and forwarded over the ssh tcp connection. The ssh client receives the packet, and then opens a socket to the users X server (if it is an unidentified connection id). This socket is associated (in a table) with the connection established with the sshd connection so that future packets received from the X server will go the correct socket connection established on the sshd side so that the decrypted data can be returned to the application. Decrypted data for already open sockets are then routed to the appropriate place based on the connection id, thus providing a two-way communication between the users local X server, and the remote X application.

In addition to the encryption, ssh provides some data compression as well. Due to the nature of TCP X connections, multiple data packets can be received, packaged together, compressed, encrypted, and passed on. In some/many instances, ssh forwarded X is faster than nearly all connections. Only live video seems to have a bit of a problem.

I think that slowdown is due to the inability to make use of the shared memory connection to the X server. The other limitation is that some applications bypass the X protocol entirely by obtaining a direct connection to the video interface - this can cause some issues (moving a video display around sometimes doesn't quite keep up with the X servers idea of where the window is).

1 members found this post helpful.

Thanks TB0ne
I will try this on monday and reply here since saturday sunday is off for me and there is no home network in my home. As long as my office will not know about this, i will try to learn as many functionalities.
Thanks again.

Thanks jpollard
thanks for explanation. Last para was little tough for me whete you explained why live videos are slow and decrypted data and open socket part but if i want to learn i will have to understand this difficult concept too.

As soon as i reach to my system, i will start exploring again.
Thanks

Today I have tried your solution and yes there is nolisten on my system, if I run following command
It shows
If I run same command on server
$ ps -ef | grep nolisten
It shows
I tries to remove it from my system, but it doesn't go.
I tried to kill the process. I tried to reboot it. Restart xserver.
But it is still there.
I am using ubuntu 12.10 and server is CentOS 6.3.

If you kill that process, xdm/kdm/whichever display manager will restart it. And, as Tbone said "How you fix this depends on your version/distro of Linux."


Running such an open X server is an invitation to failed security. That is WHY it is disabled. The X access keys, if any, are passed unencrypted. If no access keys, then ANYONE from the host (assuming using xhost +hostname) or ANYONE from ANYWHERE (using xhost +) can access your system, read your keystrokes, view your display... AND YOU CAN'T CUT THEM OFF WITHOUT TERMINATING THE X SERVER.

Use ssh, that is what it was designed for.

Right...AGAIN, you need to modify your local workstation to accept incoming connections. UNTIL YOU DO, REMOTE X SESSIONS WON'T WORK, unless you're using the -X, as you should.

So...back to the original step one: modify your X window manager. Since you only now have said your local workstation is Ubuntu 12.10, a good place to start is actually looking at Google for how to modify this. I believe it uses LightDM, but there are also documents showing how to do it for GDM, like this:
http://pzuk.wordpress.com/2011/10/21...-ubuntu-11-10/