Running Remote Applications

Displaying remote applications on a local system or even controlling a remote desktop requires little configuration and almost no changes to your everyday application use.
Remote Desktops Using Xnest/Xephyr

The -display option allows a single application to display remotely, but what about an entire desktop? It is possible to start a graphical login remotely over XDMCP using the Xnest or Xephyr X servers. These servers act like application windows on your local display but connect to the remote display manager (GDM) to offer up a graphical login. GNOME doesn't include these servers, and on most Linux distributions, they are likely not installed by default. However, if you do a quick search of your distribution's software repositories, you should find packages similar to these Fedora-specific packages: xorg-x11-server-Xephyr and xorg-x11-server-Xnest.

After installation, the servers can be run manually to connect to a remote system:

Xnest :10 -query <host-with-gdm-configured> -geometry 1024x768
Xephyr -query <host-with-gdm-configured> -screen 1024x768 :1

Figure 2. Xephyr-Based Remote Desktop Running Evolution

Experiments with both shows that Xephyr (Figure 2), the more modern and more actively developed of the two, was more stable. Unfortunately, logging out of a session prevented further connections. That may be because GDM was configured to allow only a single session from a remote system and may be fixed with additional research into GDM configuration. In these tests, however, the only solution was to restart GDM on the remote host.

XDMCP via GDM acts as a conduit for remote applications to display on a local machine. This means it does not control remote desktops. In fact, there doesn't need to be anyone logged in to the remote system at all, although GDM does need to be running. Because it doesn't take control of an existing X session remotely, it is possible to have a different display size on the local display. For example, if the remote system provides only a display resolution of 800x600, it still would be possible to display at 1024x768 on the local display using a Xephyr and a GDM/XDMCP-managed connection. It also means you can use different desktop environments (GNOME, KDE, Xfce or others) for the remote and locally displayed sessions.

Remote Display via SSH

By far, the easiest of the three methods for remote application display is to use SSH. SSH is the secure shell, a tool for connecting to remote systems using encrypted communications. Linux systems use the open-source OpenSSH implementation of SSH. This package offers X11Forwarding, a configurable option in the server and client (the SSH server and client) that end users utilize with the -X command-line option.

SSH uses a client/server architecture. The server side is the remote system, and the client is the local system (the configuration that we normally think of as client/server and the opposite of X). The remote server must be configured to allow X11 forwarding. This is done by enabling the X11Forwarding option in /etc/ssh/sshd_config:


#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes

X11 forwarding also can be enabled on a per-user basis in this file by placing the X11Forwarding option after a user specification:

Match User bilbobaggins
   X11Forwarding no

These changes will not take affect until the SSH server is restarted. If your distribution provides it, the service command is the easiest way to do this:

sudo service sshd restart

The client-side configuration, found in /etc/ssh/ssh_config, requires enabling the Forward11Trusted option. This is enabled by default on Fedora systems, although other distributions may require the option to be enabled manually:

ForwardX11Trusted yes

Note that the location of the SSH client and server configuration files may vary with different Linux distributions. Consult the OpenSSH package for your distribution to find the configuration files.

Once the server and client sides are configured for SSH, a user can use X11Forwarding by adding the -X option to an SSH login. The -X option passes the required DISPLAY information to remote applications, which automatically open on the local display. Note that using SSH X11Forwarding means the remote application should not use the -display option nor should the DISPLAY environment variable be set. SSH will take care of all of that automatically.

SSH X11Forwarding does not require the remote machine to be running GDM or an X server. This means remote systems can be run in headless mode, which means they have no display at all. Instead, users log in remotely using ssh -X, run graphical applications on the remote system and have them display locally. This places far less load on the remote system than using the GDM-based remote application display.

Although in most instances, you will need to have an X server installed on the remote system, because most X applications, which are on the remote system, will need the associated X libraries, and most package managers will end up installing the entire X server to provide them:

ssh -X <remote host>
# login to remote host succeeds...
xterm -geometry 80x50



Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

NX server

Anonymous's picture

On the site of the Dutch MandrivaClub ( I also read very positive reviews about FreeNX. Much faster than vnc.

Dana, you are right. NX shouldn't be ignored.

Arvi Pingus

NX server

dwellen's picture

Having tried most of these methods I stumbled on NX by NoMachines. It does have some advantages over most remote desktop in that it has very good performance, if fact some applications that normally, due to poor performance are usable over a WAN or VPN. I know it's closed source but the company has released much of their code to the open source project called freeNX. I have done about 6 months of testing along with user testing/feedback and have had great success using NX. It also handles multimedia content (Haven't tried but it claims to) and using ssh along with compression so you get the advantages of secure ssh along with almost native performance.

Dana Wellen

BTW, I don't work for or have any connection to NoMachines but NX seams to get ignored often.

Geek Guide
The DevOps Toolbox

Tools and Technologies for Scale and Reliability
by Linux Journal Editor Bill Childers

Get your free copy today

Sponsored by IBM

Upcoming Webinar
8 Signs You're Beyond Cron

Scheduling Crontabs With an Enterprise Scheduler
11am CDT, April 29th
Moderated by Linux Journal Contributor Mike Diehl

Sign up now

Sponsored by Skybot