When using ssh -X is the executable copied and run locally or is it run on the host machine. Since it is called X11 forwarding it makes me think that the window is drawn on my machine but running on the host.
asked Aug 17, 2010 at 13:39
-
btw.. and some Linux distros this would be ssh -Y– txwikingerCommented Aug 17, 2010 at 17:55
-
5@txwikinger: -X and -Y are supported by Linux ssh. -Y does trusted forwarding.– kbyrdCommented Aug 17, 2010 at 19:22
-
"Remote X Apps mini-HOWTO" describes what parts X consist off and how they are split and interact when working remotely.– Grzegorz WierzowieckiCommented Dec 16, 2011 at 23:08
Add a comment
|
4 Answers
The executable is run on the remote machine and displayed (drawn) on the local machine. What ssh -X remote does is start up a proxy X11 server on the remote machine. If you do echo $DISPLAY on the remote machine, you should see something like localhost:21.0. That is telling the program running on the remote machine to send drawing commands to the X11 server with id 21. This then forwards those commands to the real X11 server running on the local machine, which draws on your screen. This forwarding happens over an encrypted ssh connection, so they can't be (easily) listened to.
Unlike Windows, Mac OS, etc, X11 was designed from the beginning to be able to run programs across a network, without needing things like remote desktop. For a while, X11 thin clients were popular. It is basically a stripped down computer that only runs a X11 server. All of the programs run on some application server somewhere.
-
4"X11 thin clients" were usually called "X terminals" in fact.– deleteCommented Aug 18, 2010 at 3:16
-
1X11 is designed to be able to run programs across a network because X11 is a network protocol. :) And many full-blown workstations had an X Terminal option where they booted a basic kernel with root over NFS (or on ramdisk) and just ran an X server. The Sun XKernel was one of them. You could run it on meaty (but diskless) workstations like the Sun 3/50, 3/60, 3/75 or the later SPARCstation classic, SLC, ELC, etc.– AlexiosCommented Feb 1, 2012 at 9:43
-
1@Alexios I remember the old Sun 3 series. We had a room full of Sun X terminals (diskless) running off a single server for our computer lab. Quite fun when the power flickered and all 20 or so X Terms tried to boot at the same time. The main problem was that Sun's vision exceeded what the technology could support at the time.– KeithBCommented Feb 1, 2012 at 15:21
-
1It definitely did. But if you think about it, you'd have the same trouble today if you tried to run a lab of 20 power hungry, multi-core beasts off a single server. We're no longer running Motorola 68020s at 16 MHz, but the lowest modern spec of graphics device was undreamed of back then. I drooled at Sun's 1152x900 256-colour unaccelerated displays. But that was the 80s. :)– AlexiosCommented Feb 1, 2012 at 17:59
The application runs remotely, except the X components (i.e. rendering the x-commands etc) which are running locally. Every client application usually uses the local X server to display the UI. In this case, the commands are send via the encrypted SSH channel from the remote machine to your local machine and are displayed there.
Setting $DISPLAY is only half of the deal though. In order to be able to authenticate the clients on the server side, ssh also utilizes xauth to create a new authentication cookie. See xauth list and ~/.Xauthority.
The key may be to realize that the X server is a single thing which provides graphics to a user, and all the different programs which want graphics have to be X clients and connect to a server. The interface between client programs and the X server was designed from the start to support connections with remote programs, not just those on the local machine.
In a crazy enough network, a program could be run anywhere and display its graphics anywhere else...
-
"In a crazy enough network, a program could be run anywhere and display its graphics anywhere else..."I like that!– scjorgeCommented Mar 17, 2021 at 12:10