X11-Forwarding allows you to run graphical program on the remote host and tunnel the display back to your local machine.
If you're connecting to remote
SSH server for system administration work, chances are you'll be running programs using
su to switch to other user such as
root. You will likely get
Can't open display and maybe
X11 connection rejected because of wrong authentication. error when running
GUI program in
$ sudo xclock [sudo] password for user: X11 connection rejected because of wrong authentication. Error: Can't open display: localhost:10.0
This is because
X11-Forwarding requires authorization for connecting to the
X server which is stored in
~/.Xauthority file and with the correct value for
DISPLAY environment variable.
Xtunneling as normal user.
~$ ssh -X remote-host [email protected]'s password: Welcome to Ubuntu 20.10 (GNU/Linux 5.8.0-26-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage 0 updates can be installed immediately. 0 of these updates are security updates. Last login: Sun Nov 1 21:17:13 2020 from 192.168.111.27
Xauthorization entry for current display.
$ xauth list $DISPLAY host/unix:10 MIT-MAGIC-COOKIE-1 742d024faeb3d29a15ff06f1b8c3b21e
This info is stored in
$ cat ~/.Xauthority host10MIT-MAGIC-COOKIE-1t-O��Қ��ò
DISPLAYenvironment variable value.
$ echo $DISPLAY localhost:10.0
rootor other user using
$ sudo su - [sudo] password for user: [email protected]:~#
# xauth add host/unix:10 MIT-MAGIC-COOKIE-1 742d024faeb3d29a15ff06f1b8c3b21e
.Xauthorityfile to confirm.
# cat ~/.Xauthority host10MIT-MAGIC-COOKIE-1t-O��Қ��ò
DISPLAYenvironment variable value for current user.
# export DISPLAY=localhost:10.0
Support us on Patreon if this guide has helped you. Thanks!!!
Comment anonymously. Login not required.