Hello Stuart, On 06/25/2015 11:51 PM, Stuart Barkley wrote: > For (ssh based) X forwarding no X server needs to run on the server. > I usually install the xorg-x11-xauth (necessary) and xterm (optional) > rpms on all my servers in case X forwarding becomes necessary. > > Then from your desktop (assuming Linux already running X) in a local > xterm do something like: > > ssh -Y remote-system Do not use that because any user logged on the server can connect to your X server display and snoop what you are doing, open windows etc. -Y disables all the X server authentication mechanisms (http://www.x.org/wiki/Development/Documentation/Security/) > Note about -X versus -Y with ssh: > > -X enables basic X forwarding, It disables some X functionality making > it "safer" to allow. -X also stops working after about 20 minutes > (this is by design but not well documented). I only recently learned > why it would stop working after pulling out the last of my hair. I have been using ssh X forwarding for current work use (local betwork) for more than 15 years and never got into this kind of problem from RH 7 to Centos 7, AIX and Solaris. Maybe it is some other issue that is closing your ssh connection (maybe you should use the KeepAlive options on the ssh server/client); just guessing. > -Y allows the full X protocol which might be a security risk. Some > applications will only work with -Y. With this, remote X applications > can grab keyboard interactions, grab passwords, put windows on top of > other windows (obscuring security messages), etc. > > For my own choice I use -Y (although I only enable it occasionally to > specific systems). It is a security risk as I said above any user logged on the server can connect to your display X server without you knowing. Lec