Enabling Remote X Connections (updated)

Getting remote X applications displaying on your CentOS desktop used not to be difficult. X11 remote connections are typically governed by the -listen tcp or -nolisten tcp arguments to X or Xorg server running your desktop. It’s not sufficient to just run xhost + from a terminal on your desktop, you have to edit a display manager configuration file and start a new X session (log out, log in again).

First, disable the firewall:

sudo systemctl stop firewalld
sudo systemctl disable firewalld
sudo systemctl mask firewalld
sudo systemctl daemon-reload

The right command to test with

If you ssh from desktop1 to server2, you probably have X11 forwarding happening already. This uses implied port forwarding through ssh for port 5900 to localhost:5010 usually. This is why when you type $ echo $DISPLAY you will likely see localhost:10 as your new display. By default, many X11 based programs take a -d host:display.number argument. Use this to avoid testing out the ssh local X forwarding. You want to use xhost + from your desktop first, of course:

desktop1$ xhost +
access control disabled, clients can connect from any host
desktop1$ ssh server2
server2$ echo $DISPLAY
localhost:10
server2$ xterm -d desktop1:0.0

When running lightdm as your display manager:

https://askubuntu.com/questions/804567/how-to-set-disallowtcp-false-in-ubuntu-16-04

Updated: The files you want to edit if you’re running lightdm include:
1) /usr/share/lightdm/lightdm.conf.d/50-xserver-command.conf

[Seat:*]
xserver-command=X -core -listen tcp

2) /etc/lightdm/lightdm.conf
This file probably won’t exist, you may create it if it is missing.

[Seat:*]
xserver-allow-tcp=true
xserver-command=X -listen tcp

Then run $ sudo systemctl restart lightdm

When you log in again, check that no -nolisten tcp arguments are present in the X command line. Multiple -listen tcp arguments are fine.

$ pgrep X | xargs ps -lfwwwp

When running gdm as your display manager:

Then edit /etc/gdm/custom.conf

You want to add this line to [security] stanza:

DisallowTCP=false

And allow a listen tcp argument to the [xdmcp] stanza:

ServerArguments=-listen tcp

A full configuration looks like:

# GDM configuration
[daemon]

[security]
DisallowTCP=false

[xdmcp]
ServerArguments=-listen tcp

[chooser]

[debug]
#Enable=true

Log out of your CentOS desktop session, and log in again. Open a terminal and run:

$ xhost +

You can check the efficacy of that by looking at the arguments X was started with:

$ pgrep X | xargs ps -lfwwwp

centos-2018-03-30-01

Other options include TigerVNC:

$ sudo yum install tigervnc
$ vncviewer 192.168.1.101:1

Or use Rdestop:

$ sudo yum install freerdp
$ xfreerdp 192.168.1.101

Remote X connections have been out of fashion for many years, and the default is to not allow connections for security reasons. If you are running equipment in an isolated environment, you should feel safe doing this.

Advertisements