What exactly does DISPLAY localhost mean?

Question

I am trying to do some X11 forwarding and I got completely lost. I found very good answers explaining the theory:

• What is the $DISPLAY environment variable?
• https://unix.stackexchange.com/questions/17255/is-there-a-command-to-list-all-open-displays-on-a-machine
• https://superuser.com/questions/368530/understanding-x-windows-display-environment-variable-when-tunnelling

But I'm still straggling when applying it in practice.

Here is what I did:

1. Opened mobaxterm which creates a X server on my machine (Windows, shouldn't matter).
2. ssh -X server1
3. echo $DISPLAY gives localhost:10.0
4. xeyes - opens a window on my local machine. Great, but why does localhost direct to my machine? Shouldn't it be server1?

As far as I understand localhost is equal to 127.0.0.1 which is the local address. So if I'm connected to server1 shouldn't it look for X-server on server1?

Answer 1

This happens exactly because you perform X11 forwarding (or perhaps could be called X11 tunneling).

You could fire up an X server, connect to a remote host, and on that remote host set $DISPLAY to point back to your original computer. In that case (if network, permissions etc. are set up correctly) your graphical app would try to connect to your desktop to present its window there, independently from your existing ssh connection, and accordingly, probably over an unencrypted channel.

Instead, what happens is that your application believes that it presents the window on the same computer, and unaware to that application, ssh catches that and directs the actions back to your original computer, under its own encrypted channel.

One advantage of this method is that the traffic is encrypted. Another advantage is that you don't have to enable others (with proper authentication, access control) to connect to your machine, plus it even works if your local machine is unaddressable from the remote one (e.g. is behind a firewall, or on a private network etc.).