1

I am trying to figure out how to forward X11 over ssh without using -Y. Both systems run the latest version of stock arch linux with the yay aur helper. The server runs xorg with KDE plasma and the client runs xorg with i3wm, neither run wayland.

Both the client and server have extra/xorg-xauth installed. The ssh server runs sddm while the ssh client runs lightdm When I run ssh user@ip -X it complains that the client does not have a ~/.Xauthority file present. This is because sddm sets the file in /tmp/xauth_XXX where XXX changes every boot. $XAUTHORITY it set to the correct path to the file yet ssh (or sshd) ignores this value in favor of the lightdm ~/.Xauthority. How do I force ssh to use the file pointed to by $XAUTHORITY.

According to xauth(1)

By default, xauth will use the file specified by the XAUTHORITY environment variable or .Xauthority in the user's home directory.

Meaning that $XAUTHORITY should be recognized properly

I do have access to root on both client and server for configuration.

Improve this question
1
  • Comments have been moved to chat; please do not continue the discussion here. Before posting a comment below this one, please review the purposes of comments. Comments that do not request clarification or suggest improvements usually belong as an answer, on Unix & Linux Meta, or in Unix & Linux Chat. Comments continuing discussion may be removed. Commented Oct 29, 2024 at 11:06

2 Answers 2

Reset to default
1

The server runs xorg with KDE plasma and the client runs xorg with i3wm, neither run wayland.

What kind of X server the SSH server runs is irrelevant, because the very purpose of SSH "X11 forwarding" is to let programs on the SSH server connect through the SSH tunnel to an X server running on the SSH client, instead of the X server running on the SSH server.

That is, the 'forwarded' X connections are supposed to completely ignore SDDM (and KDE Plasma) and any auth files that SDDM has set up on the SSH server side. Instead, your SSH session's $DISPLAY will point to a temporary socket created by sshd (usually display :10 or such), and the sshd will always write its Xauth token to the default ~/.Xauthority path (and will deliberately not set $XAUTHORITY because all X11 apps know where the default path is).

On the client side, meanwhile, the ssh client also does not care about SDDM on the server – after all, it is not connecting to the SSH server's X11, but the opposite – so it needs to use the LightDM-provided ~/.Xauthority like all other client-side apps do.

Improve this answer
0

Can you confirm that the $XAUTHORITY environment variable is correctly set on the server to point to the current X session's authority file?

echo $XAUTHORITY

Configure the SSH client: When connecting to the server, explicitly specify the X authority file

ssh -X user@ip "env XAUTHORITY=$XAUTHORITY app"

Replace app with any other graphical application you want to run. This command should make use of the X authority file set in the $XAUTHORITY variable.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.