Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-0366: How to configure Centrify OpenSSH for X11 forwarding

Authentication Service ,  

12 April,16 at 11:06 AM


How to configure Centrify OpenSSH for X11 forwarding?


Server Side:
In order to configure ssh to do X11 forwarding, the following settings need to be applied in the sshd config files:
  • In /etc/centrifydc/ssh/sshd_config
  • Search for the following line:
    • #X11Forwarding no
  • Change this to:
    • X11Forwarding yes
Client Side:

Add the following lines into be added in the ssh_config file on the client side:
  • ForwardX11 yes
  • ForwardX11Trusted yes
Save the configurations, then restart sshd.

After a restart, the $DISPLAY environment variable will be set and the needed .XAuthority files will be created.

Additional steps for Fedora Core / RHEL  / CentOS:

Either create a link to /usr/bin/xauth by running:
  • cd /usr/X11R6/bin
  • ls
  • ln -s /usr/bin/xauth xauth

Or add the following configuration:
  • XAuthLocation /usr/bin/xauth

Additional steps for Solaris:
  1. Edit /etc/centrifydc/ssh/sshd_config and configure the line to listen on:
  2. In the startup script, change the startup line for 'ssh' to start with 'sshd -4'
  3. Stop and restart the Centrify sshd service.
  4. ssh -X should now work.
Download and install Xming X server for Windows:
PuTTY Client:
  • Check the following box on Putty client: Connection -> SSH -> X11 -> "Enable X11 forwarding"

Additional Notes:
Workaround for stock SSH (not Centrify)
  • Add the lo0 interface for IPv6, for example:
    • ifconfig lo0 inet6 plumb up
  • To make this change permanent, run:
    • touch /etc/hostname6.lo0
  • Disable IPv6 ssh support and change ListenAddress to in /etc/ssh/sshd_config, then restart sshd with the "-4" option. For example:
    • svcadm -v disable ssh
    • /usr/lib/ssh/sshd -4
Centrify Corporation does not take any responsibility for the content or availability of the links in this article and it was provided as a courtesy.  Customers should contact the vendor if there are any further questions.