To enable X11 Forwarding on a server client edit the file “/etc/ssh/ssh_config” and on ssh server edit the file “/etc/ssh/sshd_config” and perform the following respective configuration changes.
For CentOS/RHEL 5,6
Uncomment the line “# ForwardX11” and Change “ForwardX11 no” to “ForwardX11 yes”
Trusted X11 Forwarding
Uncomment the line “# ForwardX11Trusted” and Change “ForwardX11Trusted no” to “ForwardX11Trusted yes”
# If this option is set to yes then remote X11 clients will have full access # to the original X11 display. As virtually no X11 client supports the untrusted # mode correctly we set this to yes. ForwardX11Trusted yes
After every change restart the sshd service or reboot the system.
# service sshd restart
For CentOS/RHEL 7
1. Uncomment the following lines:
X11Forwarding yes X11DisplayOffset 10 X11UseLocalhost no
2. Start and enable the sshd service
# systemctl start sshd.service # systemctl enable sshd.service
X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user’s X11 authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring if the ForwardX11Trusted option is also enabled.