To enable X11 Forwarding on a server client edit the file “/etc/ssh/ssh_config” and on ssh server edit the file “/etc/ssh/sshd_config” and perform the following respective configuration changes.


For CentOS/RHEL 5,6

X11 Forwarding

Uncomment the line “# ForwardX11” and Change “ForwardX11 no” to “ForwardX11 yes”

ForwardX11 yes


Trusted X11 Forwarding

Uncomment the line “# ForwardX11Trusted” and Change “ForwardX11Trusted no” to “ForwardX11Trusted yes”

# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
ForwardX11Trusted yes


After every change restart the sshd service or reboot the system.

# service sshd restart


For CentOS/RHEL 7


X11 Forwarding

1. Uncomment the following lines: 

X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost no


2. Start and enable the sshd service

# systemctl start sshd.service
# systemctl enable sshd.service



X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user’s X11 authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring if the ForwardX11Trusted option is also enabled. 


Was this answer helpful? 0 Users Found This Useful (0 Votes)