Remote X11 Windows to AIX
UrbanBiel 0600017E5Q Comments (21) Visits (142716)
I love a command line. It's numerous advantages over GUI is hard to list, but there are situations, where you need a remote X Windows connection. I've been asked many times by my colleagues, how to set up remote X Windows (X11, as the most recent version of X Windows is 11) on AIX, why it doesn't work, etc.
Basic overview of X11 Windows architecture
X11 is a client / server architecture. You need to know two things:
Anyway, some people are confused here: I'm connecting to an AIX server using ssh/telnet, thus my workstation is an ssh/telnet client. What do I have to run on my local machine: an X11 client or an X11 server? You obviously need to install and run an X11 server on your local workstation. If you run e.g. xclock on a remote machine (AIX), that's an X11 client.
Let's have a quick look at a connection between an X11 client and an X11 server. The connection can be a unix socket or TCP/IP. The socket is used, when the client and the server run on the same machine, which is not our case. Remote X Windows connection is using the TCP/IP. To tell the client, where the X11 server runs, you need to set up a DISPLAY environment variable. By default an X11 server listens on port 6000. You can have more X server instances, but that's out of the topic.
If you want to display a program on your local workstation, that is running on a remote AIX, you need to install and run an X server locally. If you run Linux on your workstation and you're reading this in a browser, you're done. On Windows there is a few X servers; some are commercial, some are free. Very popular is Xming, I use Cygwin.
A quick Cygwin howto:
If you see the output like this, you're done with your workstation.
Remote AIX server
An X Windows minimum installation includes filesets: X11.base.lib X11.base.rte X11.apps.config. I suggest to install X11.apps.clients too, that contains xclock program. By running this program I check the time, and of course the X11 setup. For an X11 client to run, it needs to establish TCP/IP connection to your X11 server. You can do this directly or you can tunnel the connection.
Direct X11 TCP/IP connection
The simplest scenario. It works, if there is no firewall blocking port 6000 to your workstation and there is no NAT. Try to ping your workstation from the AIX server, and if it works, try telnet to port 6000 to your workstation. If everything is fine, set the DISPLAY variable to an IP address of your workstation, for example
SSH X11 port forwarding
This is the way professionals do it, as ssh is installed by default on AIX now. Advantages:
On the AIX check, that ssh X11 forwarding requests are allowed:
# grep X11Forwarding /etc
If it's necessary, change the value and restart the ssh service. You can do it while you're logged in, your current ssh session will not be dropped. Keep in mind, that the ssh X11 forwarding will apply only to new ssh sessions, that are opened with X forwarding.
stopsrc –s sshd; sleep 2; startsrc –s sshd
Now set the X11 forwarding on your workstation. If you have an command line ssh client e.g. as part of Cygwin, run
After you log in, check the DISPLAY and authentification value. If it is as on an example below, run xclock and enjoy.
# echo $DISPLAY DISP
Note: If you open more ssh sessions to one host, with the X11 forwarding turned on, every session will have different offset number in the DISPLAY variable. The offset number is the one after a colon, e.g. 10 in the example above.
A few FAQ's I'm being asked
I run xclock, but it hangs out and does not display anything
I use ssh the X11 forwarding, but the DISPLAY variable is not set
Everything looks OK, still X11 doesn't workI found an issue somehow related to TCPv6, I think ssh tries to open a new channel for X11 forwarding using TCPv6. Try to set
AddressFamily inetand restart
I'm getting xauth errors immediately after logon
If you get an error after you log in with ssh X11 forwarding on, that looks like this one (the string in quotes can be different):
/usr/bin/X11/xauth: (stdin):1: 1356-373 unknown command "odstr" /usr/bin/X11/xauth: (stdin):2: 1356-373 unknown command "prida"
and every xauth command gives you this message:
p740a10:/root>xauth 1356-364 xauth: creating new authority file /root/.Xauthority
while no .Xauthority file is actually created, the issue is with the language environment setting on the AIX server. I believe this is a bug. It looks like if you have the system language set to other that en_US language and you do have a openssh message catalogue of that language, xauth commands "add" and "remove" are being translated into the non en_US language for any reason and it just doesn't work. These commands are run automatically by ssh in order to deploy your X11 authentication token on the remote server. To solve this issue, either: