Graphical Environment  «Prev  Next»
Lesson 8 Remote X sessions
Objective Run remote X clients on the local X server.

Remote X Sessions in Redhat

To run remote X clients on a local X server in a Red Hat Linux environment, several prerequisites must be fulfilled and a sequence of operational steps need to be strictly followed. This procedure employs the X11 forwarding mechanism over SSH, ensuring both secure data transmission and graphical user interface functionality.

Prerequisites

  1. SSH Server: Ensure that the SSH server is installed on the remote machine. If it is not, you can install it by executing `sudo yum install openssh-server`.
  2. X11 Apps: The remote system should have X11 applications installed that you want to run.
  3. X11 Server: The local system needs to be running an X11 server. Most Linux desktop environments start an X11 server by default.
  4. SSH Client: The local machine should have an SSH client installed, typically OpenSSH.
  5. Network Access: Ensure that the local and remote machines are reachable over the network and that firewalls are configured to allow SSH traffic.

Configuration Steps

Step 1: Configure SSH for X11 Forwarding on the Remote Server
  1. Log in to the remote machine.
  2. Edit the SSH daemon configuration file, typically located at `/etc/ssh/sshd_config`, using a text editor such as `vi` or `nano`.
    sudo vi /etc/ssh/sshd_config
  3. Ensure that the `X11Forwarding` option is set to `yes`.
     X11Forwarding yes
  4. Restart the SSH service to apply changes. 
    sudo systemctl restart sshd
Step 2: Initiate SSH Connection with X11 Forwarding
On the local machine, execute the following command to initiate an SSH connection with X11 forwarding: 
ssh -X username@remote_server_i

The `-X` flag enables X11 forwarding.
Step 3: Verify X11 Forwarding
To confirm that X11 forwarding is successfully configured, you can run an X11 application from the remote machine and see if it displays the GUI on the local machine. For instance, run `xeyes` or `xclock`. 
xeyes

If configured correctly, the `xeyes` graphical interface should appear on your local machine but run on the remote machine.

Security Considerations

X11 forwarding over SSH is generally secure, but for added security:
  1. Use SSH keys instead of passwords for SSH login.
  2. Always keep your system and software updated to the latest security patches.
Troubleshooting
  1. DISPLAY variable: If you encounter an error related to the DISPLAY variable, ensure that the environment variable is set correctly. Use `echo $DISPLAY` to verify.
  2. Firewall: Ensure that the firewall rules on both the local and remote machines permit SSH traffic, usually over port 22.

By adhering to these guidelines, you can efficiently configure and run remote X clients on your local X server in a Red Hat Linux environment. This enables you to interact with graphical applications on remote servers as though they were running locally, all while maintaining the security afforded by SSH.
There may come a time when you need to run an X server on one machine, and have the windows appear on a different machine. These machines can be in the same room or on different continents; as long as they're networked, the X server will display the remote client on your display. You can connect an X server to a compatible display anywhere in the world as long as you know the correct display name.

Calling Linux Machine by name

An X server can have many different displays running, and can use several screens within one display system. X supports this for workstations with multiple graphics cards (one graphics card per display) and multiple monitors (one monitor per screen). X Windows System designers established a naming convention that specifies the host name, the display on the host, and the screen in that display, all in a convenient string. The format is: 
hostname:displaynum.screennum

Most computers don't have multiple graphics cards or stereo monitors, so the display and screen numbers are usually just "0". For example, the X server on a local machine might be named localhost:0.0. To simplify names, X provides a shorthand version of the naming string. If the X server is on the local machine and there is only one screen, the display name is just :0. Notice that both the hostname and screen number were dropped.

Allowing X Client Access

The X server, by default, denies all clients trying to connect unless they originated locally. To allow a remote host to display windows on your X server, use the xhost command with the +name parameter. To deny a host, use the -name parameter.
For example, to allow the host replicant.mydomain.com to display windows on your X server, use: 
xhost +replicant.mydomain.com
.

Displaying remote X client

To display a remote X client on your X server:
  1. Allow access to your X server with xhost +hostname. Execute this command in any open X terminal.
  2. Login to the remote host and set the DISPLAY variable to your X server's address. For example, if your X server's name is xserv.mydomain.com:0, you'd type: DISPLAY=xserv.mydomain.com:0 ; export DISPLAY
  3. Launch the X client in the background. For example, start the xload program in the background with: xload &
The next lesson explains how to troubleshoot common X problems.