background
Most of the time we don't want to install a graphical interface on the server, but sometimes some programs require a graphical interface, such as when installing Oracle . At this point, you can configure Linux to use the remote X Server for graphical interface display.
The first thing to be clear is the basic principle of Linux X Window System. X is an open protocol specification. The current version is 11, commonly known as X11. The X Window System consists of a client and a server. The server X Server is responsible for graphics display, and the client library X Client sends graphics display requests to the corresponding X Server according to the DISPLAY environment variable set by the system.
Therefore, we only need to open an X Server at the remote end and set the DISPLAY variable accordingly on the target machine to complete the remote display of graphics.
"Truth Experience" Edition
Environment: Remote Graphicless Machine A (IP 192.168.9.135, OS CentOS 6.2), Local Graphical Machine B (IP 192.168.1.135, OS CentOS 6.2), Subnet 192.168.0.0
X Server is the basis of desktop environments such as Gnome. A desktop environment usually includes XDM (X Display Manager, the usual graphical user login interface belongs to XDM), window manager (the graphics displayed by X Server have no "window" borders , By replacing the window manager, different visual effects can be achieved, such as Compiz for 3D effects) and other components.
A desktop environment is not required for graphical display, as long as an X Server is available.
Now start an X Server on machine B, then configure the DISPLAY environment variable of machine A to point to the X Server on B, start a graphics program on A, and the graphics should be displayed on B.
Linux provides a startx script to start the X Server, and the startx script does this by calling xinit. xinit completes two tasks, first starts an X Server in the background, and then starts a series of client programs to connect to the X Server according to the configuration. Only the last of these client programs can and must run in the foreground. When the client program in the foreground exits X Server will be shut down.
There is a desktop environment on machine B. Viewing the process, you can see that the following processes are running:
/usr/bin/Xorg :0 -nr -verbose -audit 4 -auth /var/run/gdm/auth-for-gdm-Ikd3i7/database -nolisten tcp vt1
This means that there is an X Server running on display 0, where the X Server is Xorg. For security reasons, this X Server does not listen for TCP connections (-nolisten tcp), so it is impossible to connect to this X Server through the network. X Server can connect via TCP and domain sockets, which will be described in detail later when the DISPLAY variable is described.
We can manually start an X Server through startx or directly using xinit. The options of startx are the same as those of xinit, and the options are passed directly to xinit. The xinit options are divided into two parts, delimited by the symbol "--", preceded by the client options, followed by the X Server options.
startx [ [ client ] options ... ] [ -- [ server ] [ display ] options ... ]
It should be noted that "client" (ie the client program to be run) must be in the form of an absolute path. If "client" is not specified, startx or xinit will start a client program according to the user and system global configuration files (usually xinit starts the xterm program by default).
Now we start an X Server:
xinit /usr/bin/xterm -- :1 &
This command can be run in a terminal in a desktop environment, or in a character terminal. The desktop environment on machine B is displayed on the terminal Ctrl-Alt-F1, F2-F6 are all character terminals, and F7-F12 are reserved for graphical terminals. Execute the above command on the F2 character terminal of the B machine, and an xterm will appear on the F7 terminal.
Next, configure the DISPLAY variable of the A machine so that the graphics can be displayed on the B machine. Log in to machine A with another terminal and set the DISPLAY variable:
export DISPLAY=192.168.1.135:1.0
The format of the DISPLAY variable is [Address]:{NumA}.{NumB}. The Address is the X Server address. If the Address is empty, it will connect to the local X Server through the domain socket. NumA is the display number, which corresponds to the display option passed to xinit. This display number is the listening port number of the X Server and sends 6000. Therefore, in fact, the X Server on the B machine is listening on port 6001 at this time, which can be verified by using the netstat command. NumB is the screen number (may be specified on which monitor to display in the case of multiple monitors, not verified), usually 0.
Now close the firewall of machine B (or open the corresponding port) so that the X client program of machine A can connect to the X Server on machine B. Then in the session where the DISPLAY variable was just set on the A machine, start a program with a graphical interface, and the graphics will be displayed on the F7 terminal of the B machine.
If you are prompted that you cannot connect to the X Server specified by DISPLAY, it may be because the X Server has access control turned on. Use the xhost command to view authorization information in a session with the DISPLAY variable set on the A machine:
xhost
If the display cannot be opened, it can be determined that the access control is turned on by the X Server.
In the xterm opened by xinit in the F7 terminal of the B machine, use xhost to authorize the A machine to access:
xhost + 192.168.9.135
然后在B机器F7终端xterm上使用xhost命令查看ACL,可以看到192.168.9.135已获得授权。此时,在A机器已设置DISPLAY的会话中运行xhost,同样可以看到ACL,再运行图形程序,图形应显示在B机器F7终端上。
SSH隧道转发版
SSH提供了X11转发的功能,可以使用SSH简单地实现上一节描述的功能。
首先确认A机器上的SSH Server打开的X11转发功能。检查SSH Server配置文件/etc/ssh/sshd_config,确认有如下配置:
X11Forwarding yes
然后在从B机器上SSH到A机器:
ssh -X 192.168.9.135
-X选项打开SSH的X11转发功能。
在此会话中查看A机器上的DISPLAY变量,应与下面类似:
localhost:10.0
在此会话中查看A机器上的TCP监听端口,应有6010端口。
在此会话中启动A机器上的图形程序,图形应显示在B机器上。
实际上,SSH在A机器上打开了一个监听端口6010,并且在登录会话开始时为会话设置了DISPLAY变量为localhost:10.0。随后此会话中的图形程序运行时,X11 client库会将X请求发送到SSH监听6010端口中,然后A机器上的SSH将X请求转发到B机器,B机器的SSH客户端收到X请求后交给B机器上的X Server显示。
SSH隧道转发Windows版
原理与上一节类似,X请求也是通过SSH进行转发。要在Windows上显示Linux的图形界面,必须并运行一个X Server,这里选用Xming。
安装并运行Xming以后,使用ssh客户端连接上机器A,这里选用SecureCRT作为ssh客户端(使用putty同样可以)。
打开SecureCRT的会话选项作如下设置:
勾选这个选项的作用实际上与上一节中的ssh命令的-X选项相同。
设置好会话选项以后,如果当前会话已经登录机器A,注销再重新登录。
登录到机器A,查看DISPLAY变量:
Start a graphical program and the interface will be displayed on Windows:
summary
Through the above small experiments, you should have a clear understanding of the basic principles of X11. When you encounter some software that must use a graphical interface in the future, you can use Xming on Windows to perform remote graphical display. The bloated graphical environment is installed on the server.