Forwarding X11 traffic without "X11Forwarding yes"
It is possible to forward X11 traffic over an ssh tunnel even if the OpenSSH X11Forwarding directive is set to "no."
From the sshd_config man page:
Note that disabling X11
forwarding does not prevent users from forwarding X11 traffic, as users
can always install their own forwarders.
On the client system:
1. Run xhost +localhost to permit X11 server connections from localhost.
2. Run ssh -R 6000:localhost:6000 user@remote_server to forward X11 traffic (TCP port 6000) from remote_server to the local system over an ssh tunnel. From the client perspective, the X11 traffic is originating from localhost.
On the server system:
1. Run export DISPLAY=localhost:0
2. Run an X client (e.g. xterm).
Back to brandonhutchinson.com.
Last modified: 08/11/2005