23

From https://unix.stackexchange.com/a/17278/674

If you run ssh -X localhost, you should see that $DISPLAY is (probably) localhost:10.0. Contrast with :0.0, which is the value when you're not connected over SSH. (The .0 part may be omitted; it's a screen number, but multiple screens are rarely used.) There are two forms of X displays that you're likely to ever encounter:

  • Local displays, with nothing before the :.
  • TCP displays, with a hostname before the :.

With ssh -X localhost, you can access the X server through both displays, but the applications will use a different method: :NUMBER accesses the server via local sockets and shared memory, whereas HOSTNAME:NUMBER accesses the server over TCP, which is slower and disables some extensions.

What are the relations and differences between X server, display and screen?

What does "the X server through both display" mean? Does a "display" means a display server, i.e. an X server, so two "displays" means two display servers, i.e. two X servers.

What does "multiple screens" mean? Does a "screen" mean a display monitor?

Thanks.

AdminBee
  • 22,803
Tim
  • 101,790

1 Answers1

36

I will give you a visual example to explain the basics of X11 and what is going on in the background:

X11 connections example source

In this example you have a local X11-server with two "screens" on your hostA. Usually there would be only one server with one screen (:0.0), which spans across all your monitors (makes multi-monitor applications way easier). hostB has two X servers, where the second one has no physical display (e.g. virtual framebuffer for VNC). hostC is a headless server without any monitors.

terminal 1a, 2a, 5a, 6a: If you open a local terminal, and set the display to :0.0 (default) or :0.1, the drawing calls for your graphical programs will be sent to the local X server directly via the memory.

terminal 1b, 5b: If you ssh onto some server, usually the display will be set automatically to the local X server, if there is one available. Otherwise, it will not be set at all (reason see terminal 3).

terminal 2b, 6b: If you ssh onto a server, and enable X11-forwarding via the "-X" parameter, a tunnel is automatically created through the ssh-connection. In this case, TCP Port 6010 (6000+display#) on hostB is forwarding the traffic to Port 6000 (X server #0) on hostA. Usually the first 10 displays are reserved for "real" servers, therefore ssh remaps display #10 (next user connecting with ssh -X while you're logged in, would then get #11). There is no additional X server started, and permissions for X-server #0 on hostA are handled automatically by ssh.

terminal 4: If you add a hostname (e.g. localhost) in front of the display/screen#, X11 will also communicate via TCP instead of the memory.

terminal 3: You can also directly send X11 commands over the network, without setting up a ssh-tunnel first. The main problem here is, that your network/firewall/etc. needs to be configured to allow this (beware X11 is practically not encrypted), and permissions for the X server need to be granted manually (xhosts or Xauthority).

To answer your questions

What are the relations and differences between X server, display and screen?

A display just refers to some X server somewhere. The term "both displays" was referring to ":0.0" on the local computer ("local display") being equal to "localhost:10.0" on the ssh-target ("TCP display"). "screens" is referring the different virtual monitors (framebuffers) of the X server. "localhost:10.0" is only redirecting to the local X server, there is no X server started on the ssh-target (see scenario terminal 2b/6b).

ZleekWolf
  • 709
  • 7
  • 12
  • 1
    Thanks. Did you create the diagram? Very impressive, an takes me a while to read. When I run DISPLAY=192.168.1.198:0 eog, it says Unable to init server: Could not connect: Connection refused. How shall I make it work? Do I need to make the X server on the remote host accept TCP connection? – Tim Mar 13 '19 at 10:16
  • If that IP is your remote Host's IP. It simply because your there's no x server listening on tcp:192.168.1.198:6000. @Tim If you want that to work, you have multiple solution, safe or not safe, simple or not simple. – 炸鱼薯条德里克 Mar 13 '19 at 14:57
  • Yes, I created the diagram (might use it for some future trainings). As written in the terminal 3 example (direct X11 connection across servers), theres two primary things to do: Your firewall needs to be opened (in your case allowing connections to tcp:192.168.1.198:6000, as 炸鱼薯条德里克 wrote), and you need to look up how to configure X11 permissions with e.g. xhosts.

    This assumes that a working X server is running on 192.168.1.198, so DISPLAY=192.168.1.198:0 eog should work if executed locally on that server.

     – ZleekWolf Mar 19 '19 at 17:53
  • "localhost:10.0" is only redirecting to the local X server, there is no X server started on the ssh-target. What is the target terminal doing without a X11 server? Like how :0 and :1 refer to X-servers (and then Monitor 1 and VNC), 2hat "display" does localhost:10 refer to then? @Folfy – User 10482 Feb 13 '23 at 21:13
  • Please see drawing and description for terminal 2b and 6b. For X11-Forwarding to make sense, you're supposed to have an X11 Server already running on your ssh-client host, and that's where the X11 traffic is redirected/forwarded to. – ZleekWolf Feb 14 '23 at 14:00