X11 forwarding over SSH

I recently got my old computer up and running with Gentoo Linux with extensive help from one of my coworkers, who is an avid Gentoo fan. Now that it is back in my basement I am starting to play with it remotely.

One of the cool things about the windowing system on Linux (called X11 or just X) is that it is a server and considers the program windows you have opened as clients. There is nothing saying that the server your client program window is getting its information from has to be the local computer you are sitting in front of.

Of course, no proper Linux aficionado would send this kind of thing across the internet without encryption, so the X windows are sent through an SSH tunnel. The settings (on Gentoo at least) were pretty simple. In the /etc/ssh/ssh_config file change this:

# Host *

# ForwardAgent no

# ForwardX11 no

To this:

Host *

# ForwardAgent no

ForwardX11 yes

And then in the /etc/ssh/sshd_config file change:

# X11Forwarding no


X11Forwarding yes

Once you have done that restart the sshd service with the command:

sleepycat ~ # /etc/init.d/sshd restart

* Stopping sshd … [ ok ]

* Starting sshd … [ ok ]

Now you are ready to ssh to the box. Use the –X flag to enable X11 forwarding and the –l option to specify the username you are connecting with:

sleepycat ~ # ssh –X –l mike

When you are connected you can issue a command like “firefox &” and marvel as firefox opens with your search history and bookmarks from the remote computer.

When I showed this off at work I was asked “cool, but what are you going to use it for?”

I guess if I ever wanted an undetectable way to surf porn at the office I could use it for that…