X11Forwarding
The problem is how to have X11 forwarding, that is allow a server to use the client X11 interface to display graphical applications. For example using Firefox from the server itself when you want to test some server service and the test web site is only graphical (that is do not like w3m).
Getting infos
Adding -v ssh command, that is for example using "ssh -v -X login@domain", gives lot of information and specially if the X11 forwarding (the -X) is accepted. If it fails you should have:
(...) debug1: Requesting X11 forwarding with authentication spoofing. debug1: Sending environment. debug1: Sending env LANG = fr_FR.UTF-8 X11 forwarding request failed on channel 0 (...) after login:
Getting X11 forwarding
You have to setup both the server and the client to allow this.
Server side
notice the config file is for sshd, the ssh daemon, the receiving part. It is probably necessary to restart the daemon after changing the config file, with "systemctl restart sshd.service".
grep X11 /etc/ssh/sshd_config X11Forwarding yes
- X11DisplayOffset 10
- X11UseLocalhost yes
- X11Forwarding no
(notice the # in front of the 3 last line) - you have to set X11Forwarding yes
What not to do
adding
X11UseLocalhost no
then
systemctl restart sshd.service
solve the problem, but open a serious breach in the server, so it shouldn't be used.
Other setup
It may happen than you disabled IPV6 on this server (and may be forgot it). In this case you have also to change "AddressFamily" from "any" to "inet".
This may be seen as a bug, never fixed: https://bugzilla.novell.com/show_bug.cgi?id=686477
Client side
You can change the /etc/ssh/ssh_config file (notice it's ssh, not sshd) to ForwardX11 yes. It's probably commented out and the default is no.
But you can as well, when connecting to the server, use ssh -X login@domain (Once debugged, no more reason to use -v). For example for me
ssh -X jdd@test.tld.