X11-Forwarding allows you to execute graphical programs on a remote SSH host and display them locally.
If you're connecting to a remote SSH server for system administration work, chances are you'll be running programs using sudo or su to switch to another user such as root. You will get Can't open display, or X11 connection rejected because of wrong authentication error when running GUI program in SSH when switching users via sudo or su.
$ sudo xclock [sudo] password for user: X11 connection rejected because of wrong authentication. Error: Can't open display: localhost:10.0
This is because SSH X11-Forwarding requires authorization for connecting to the X server which is stored in ~/.Xauthority file and with the correct value for DISPLAY environment variable.
Related: How to run GUI application via SSH
~$ ssh -X remote-host user@remote-host's password: Welcome to Ubuntu 20.10 (GNU/Linux 5.8.0-26-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage 0 updates can be installed immediately. 0 of these updates are security updates. Last login: Sun Nov 1 21:17:13 2020 from 192.168.111.27
$ xauth list $DISPLAY host/unix:10 MIT-MAGIC-COOKIE-1 742d024faeb3d29a15ff06f1b8c3b21e
This info is stored in ~/.Xauthority file.
$ cat ~/.Xauthority host10MIT-MAGIC-COOKIE-1t-O��Қ��ò
$ echo $DISPLAY localhost:10.0
$ sudo su - [sudo] password for user: root@host:~#
# xauth add host/unix:10 MIT-MAGIC-COOKIE-1 742d024faeb3d29a15ff06f1b8c3b21e
# cat ~/.Xauthority host10MIT-MAGIC-COOKIE-1t-O��Қ��ò
# export DISPLAY=localhost:10.0
Comment anonymously. Login not required.