Imagine you have a Linux server (server) without X server installed (or running) and you need to execute some application in graphical environment. If you also have another Linux computer with X server running (laptop), then here are the steps how to do it:
Note: On server you will need this package for X authentication: xorg-x11-xauth
1) connect from laptop with GUI to the server with enabled X11 forwarding:
laptop$ ssh -X user@server_IP
2) when connecting for a firs time, notice:
/usr/bin/xauth: creating new authority file /home/user/.Xauthority
3) you can run any X application on server and you will see X output on your laptop
server$ echo $DISPLAY
localhost:10.0
server$ xclock
4) if you su or sudo to different user, you can't run X application, because you don't have /home/user/.Xauthority file with correct session details
server$ xclock
...
debug2: X11 connection uses different authentication protocol.
X11 connection rejected because of wrong authentication.
debug2: X11 rejected 1 i0/o0
debug2: channel 1: read failed
...
5) connect as normal user again and export your X session details:
laptop$ ssh -X user@server_IP
server$ xauth list
server/unix:11 MIT-MAGIC-COOKIE-1 6ead87db0aa40e02d948eb1634855706
6) now su or sudo to different user and import your session settings:
server$ xauth add <paste the list line here>
7) notice the message:
xauth: creating new authority file /root/.Xauthority
8) now you can run X application again:
server$ xclock
Note: On server you will need this package for X authentication: xorg-x11-xauth
1) connect from laptop with GUI to the server with enabled X11 forwarding:
laptop$ ssh -X user@server_IP
2) when connecting for a firs time, notice:
/usr/bin/xauth: creating new authority file /home/user/.Xauthority
3) you can run any X application on server and you will see X output on your laptop
server$ echo $DISPLAY
localhost:10.0
server$ xclock
4) if you su or sudo to different user, you can't run X application, because you don't have /home/user/.Xauthority file with correct session details
server$ xclock
...
debug2: X11 connection uses different authentication protocol.
X11 connection rejected because of wrong authentication.
debug2: X11 rejected 1 i0/o0
debug2: channel 1: read failed
...
5) connect as normal user again and export your X session details:
laptop$ ssh -X user@server_IP
server$ xauth list
server/unix:11 MIT-MAGIC-COOKIE-1 6ead87db0aa40e02d948eb1634855706
6) now su or sudo to different user and import your session settings:
server$ xauth add <paste the list line here>
7) notice the message:
xauth: creating new authority file /root/.Xauthority
8) now you can run X application again:
server$ xclock
