A few weeks back I found that, for some reason, one of my machines wasn’t allowing X forwarding over SSH (which is normally run as standard within my local environment, since I have lots of users who at least occasionally run graphical stuff on multiple machines).
The initial error came up as:
xterm Xt error: Can't open display:
xterm: DISPLAY is not set
The obvious test was to try setting $DISPLAY manually (although this would obviously not have been a good permanent solution). New error:
xterm Xt error: Can't open display: localhost:10.0
Digging around online a bit, I found the suggestion of moving the
-nolisten tcp option from
/etc/X11/xinit/xserverrc - this may well work, but I was unhappy with it as it didn’t match the setup I had on other machines which were entirely happy with X forwarding.
Eventually, I found the problem: not only do you need
X11Forwarding yes in
/etc/ssh/sshd_config on the machine you’re sshing into, you also need
AllowTcpForwarding yes. (And also
ForwardX11 yes, or
ForwardX11Trusted yes, depending on your security preferences and access requirements, in
/etc/ssh/ssh_config on the machine you’re sshing from, for the record.)
So fairly straightforward in the end, but took me a few min to disentangle, thus recorded here for others’ reference.