Li Jiang

Profile Photo

Ph.D. in Operation Management


X11 Forwarding from macOS

What

I want to install XQuartz on my Mac so that it has an X server, and then forward it to remote hosts that I SSH onto.

Why

So that I can run GUI applications on remote hosts without local X server (or window manager). GUI apps on remote hosts will connect to the forwarded X server on my Mac, and display whatever window directly on my Mac.

How is it better than VNC?

It is.

Step-by-step instructions

On your Mac

First install XQuartz. For example, you may use homebrew by running brew install xquartz.

Run launchctl load -w /Library/LaunchAgents/org.xquartz.startx.plist and then reboot. (Instructed by this Reddit post. Note that this step is necessary only if you want to start X-forwarded SSH session from Terminal.app, vs. from XTerm in XQuartz. Anyway, this step is highly recommended.) Now, if you fire up Terminal.app, variable $DISPLAY should be set. Actually, it points to the X server in XQuartz.

In your ~/.ssh/config, add the following attributes to whatever hosts for which you want to enable X11 forwarding. It is not recommended to enable X11 forwarding for untrusted remote hosts, just like you should not forward your SSH agent to untrusted remote hosts.

ForwardX11 yes
ForwardX11Trusted yes
ServerAliveInterval 60
ForwardX11Timeout 596h

On remote hosts

First, make sure xauth is installed. Then make sure the following items are enabled in sshd configuration (usually at /etc/ssh/sshd_config):

AllowTcpForwarding yes
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes

Then, restart sshd. Now if you SSH onto a remote host for which you have enabled X11 forwarding, variable $DISPLAY should be set. Install xterm and run it to make sure forwarding works. You can now run whatever GUI app you like, such as virt-manager, omnet++, etc.