One, X Window System
X Window System adopts C/S structure, but it is different from our common C/S. In the common C/S structure, the party that provides the service is called the server, that is, the server side (such as HTTP service, FTP service, etc.), and the one that uses the service is called the client, that is, the client. However, in the X Window System, the client is the party that executes the program, and various X programs are executed on it, and the server is the party responsible for displaying the window where the client runs the program.
The composition of X Window System can be divided into three parts: X server, X client, and X protocol. X server mainly controls input and output, maintains fonts, colors and other related resources. It accepts the input information of the input device and transmits it to the X client. The X client processes the information returned by the information, and the X server is also responsible for outputting the information to the output device (that is, the display we see). The information transmitted by the X server to the X client is called Event , which is mainly information about keyboard and mouse input and window status. The information transmitted by the X client to the X server is called Request , which mainly requires the X server to create a window, change the size and position of the window, or draw and output text on the window. X client is mainly the part that completes the calculation and processing of the application, and does not accept user input information. The input information is input to the X server, and then passed to the X client in the form of Event by the X server (it feels similar to the message mechanism of Windows. The system receives the user's input information, and then transmits it to the window in the form of a message, which is then processed by the window's message processing process). After the X client processes the received Event, if it needs to output to the screen or change the appearance of the screen, it sends a Request to the X server, and the X server is responsible for displaying it.
A common situation is that both X server and X client run on the same computer, but they can also be located on different computers on the network. In X Window System, X client has nothing to do with hardware. It doesn't care what graphics card, monitor, keyboard and mouse you are using . These are only related to X server. [1]
Summary: X Window System is composed of three parts: X server, X client and X protocol. Unlike ordinary C/S architecture, the server does not run programs, but only receives mouse, keyboard and other input information and forwards it to X client, X client After receiving the information (event), the client calculates the display change after corresponding calculations (execute the program) and then sends it back to the X server (Request) to instruct the X server on the server to draw and display. The X server is responsible for receiving mouse and keyboard information. The advantage is that it can remotely operate the application (Qt) and display the program. How does a Qt program resize?
- X server accepts mouse click and drag information
- X server sends event information to X client
- X client calculates the drag amount and display update amount and returns Request
- The X server receives the Request to redraw the display content
Two, SSH and X Window System
If a computer is located in Los Angeles, USA, with the X Window System architecture, I can also operate the hardware resources corresponding to the computer located in the US in Guangdong, China. Los Angeles has both X Server and X client. If we want to control computers in Los Angeles in Guangdong, we must establish an X server in Guangdong to receive my mouse and keyboard information sitting in front of the computer.
X forwarding is a function of X, which allows the program to run on one host while the user interacts with it on another machine. The concept is similar to VNC and Microsoft's remote desktop. Unlike these software, what we want to achieve is to run a specific graphical user interface program on the Microsoft Windows platform, rather than display and control the entire desktop. In the X context, the client "client" refers to the host running the program, and you are sitting in front of the server "Server", which is different from the conventional name. For example, if you open the program on B remotely through A, that is to say you are operating A and you want to remotely control B, then B is the client and A is the server.
The X11 forwarding feature of SSH enables X client and X server to communicate securely. After using X11 forwarding, the data from X client to X Server is first sent to SSH server, SSH server uses the secure channel with SSH client to forward to SSH client, and then forwards from SSH client to X server, from X server to X client The same is true for the data flow. Here, SSH server and SSH client act as data forwarders between X client and X server. Since SSH server and X client, SSH client and X server are generally on the same machine, there is a secure inter-process communication between them. The communication between SSH server and SSH client is also secure, so the communication between X client and X server is secure[2]
2.1 SSH settings
- Server side (/etc/ssh/sshd_config) to
complete this setting, you need to set the server ssh and client ssh. If your Los Angeles computer does not have the ssh server installed, please use the command:
sudo apt-get install openssh-server
Confirm that the option X11Forwarding is set to yes:
- Client端(/etc/ssh/ssh_config)
Explanation of some options:
-
X11DisplayOffset
specifies the first available display number forwarded by sshdX11. The default value is 10.
This can be used to prevent sshd from occupying the real X11 server display area and causing confusion. -
X11Forwarding
whether to allow X11 forwarding. The default value is "no", set to "yes" to allow it.
If X11 forwarding is allowed and the display area of the sshd proxy is configured to listen on the address (X11UseLocalhost) containing wildcards.
Then there may be additional information leaked. Due to the possible risks of using X11 forwarding, the default value of this command is "no".
It should be noted that prohibiting X11 forwarding does not prohibit users from forwarding X11 communications, because users can install their own transponders.
If UseLogin is enabled, X11 forwarding will be automatically disabled. -
X11UseLocalhost
sshd Whether the X11 forwarding server should be bound to the local loopback address. The default value is "yes".
By default, sshd binds the forwarding server to the local loopback address and sets the host name part of the DISPLAY environment variable to "localhost".
This prevents the remote host from connecting to the proxy display. However, some old X11 clients cannot work properly in this configuration.
In order to be compatible with these old X11 clients, you can set it to "no".
In Guangdong, we can ssh -X user@hostnamelog in and let the graphical interface of the program running in Los Angeles be displayed in Guangdong.
DISPLAY variable
The DISPLAY variable in the X Window system consists of the following three basic parts:
- keyboard
- mouse
- screen
The DISPLAY variable is often used by X11 to identify your monitor, mouse and keyboard. The value is often :0the main screen of the computer. When we Xlog in to SSH with options, the value of DISPLAY of the currently logged-in terminal will be a value localhost:10:0like that. X application will send graphics input and output to the TCP port based on this value, 127.0.0.1:6010and then SSH will send back to your original host (also Is where your terminal is located), this process is called forward back.
[1] https://www.cnblogs.com/super119/archive/2010/12/18/1910065.html
[2] https://blog.csdn.net/defeattroy/article/details/7466018
[3] localhost It is defined in /etc/hosts, which is actually 127.0.0.1