Updated: January 11, 2010
If the title of this article sounds like something from Star Trek, you're not far off. It's a very geeky thing, which allows you to export X (GUI) applications as separate entities on top of your desktop. Indeed, Xephyr is an X server utility. As such, it allows you to manage your virtual consoles, without leaving the safety and comfort of your desktop.
Well, except for impressing girls with your omnipotent computing skills, you can use it for development of applications, demonstration of tools and secure forwarding of X sessions without VNC.
This article is referenced from a very nicely written tutorial at Ubuntu forums, by bodhi.zazen. Most of the critical information is there, I've just polished it a little, added some extra examples and a sprinkling of screenshots. Anyhow, demonstrated on Ubuntu 9.10.
Xephyr can be found in the repositories. Grab it and install it.
sudo apt-get install xserver-xephyr
You can use a single machine for this demonstration or several. Regardless, the host running Xephyr server will have to have the SSH port open. Ubuntu does not ship with SSH installed, so you will have to do that, as well.
sudo apt-get install ssh
Once you have ssh running on a host, start Xephyr. Here's the command you will have to run:
Xephyr -ac -screen <resolution> -br -reset -terminate 2> /dev/null :1 &
You can read the documentation - or just read this explanation here.
-ac disables access control restrictions and allows you to forward X sessions. This is probably similar to running xhost +, which allows you to accept forwarded X sessions to your own.
- screen <resolution> is the screen size of the forwarded sessions. You can choose anything you want, but it's best to keep it within the limits of your native resolution.
-br sets the background color to black. You can choose others if you want.
-reset -terminate is a sort of a failsafe mechanism that should make sure Xephyr closes automatically after the last X session (client) has been killed.
2> /dev/null redirects any error message to /dev/null, a device that is a sort of a black hole, it eats anything sent to it and never gives back. Think of it as your digital trash bin.
:1 is the display that you are using Xephyr for. In general, the default display is :0, which is your monitor. Any additional display, real or virtual, needs a new port. In this case, we're using :1, but we can also use :3, :17 or anything.
& means Xephyr is going to run in the background. Nothing serious, it will merely relinquish the command of the terminal windows back to you.
OK, so a practical example would be:
Xephyr -ac -screen 1024x768 -br -reset -terminate 2> /dev/null :1 &
Xephyr is running and we have SSH open. Now, we need to go to a client machine and export the session there from to our Xephyr server. Please note that the client can be a remote machine or the very same machine you're running on!
In my case, the client is the machine itself running the server. There are no conflicts. It's just a conceptual difference you need to be aware of. Before we forward the application, we need to set the DISPLAY environment variable. You see, by default, your standard display (:0) is the one where data is sent and shown. If we do not change it, Xephyr won't get any data forwarded to it. This needs to be done on the client machine! In BASH:
In TCSH (you probably won't be running this in Ubuntu, but just in case):
setenv DISPLAY :1.0
If you are forwarding to another computer, then you will have to prefix the :1.0 with the qualified name or the IP address of the remote host. Likewise, pay attention to the display port. If you've forwarded :1, then use :1, if you've forwarded another port, adjust accordingly. Now, let's forward one of our X applications - or the entire session - to Xephyr.
ssh -XfC -c blowfish <user>@<server> <application>
-XfC flags tell ssh to forward X (-X), place the session in the background (-f) and use compression to conserve bandwidth (-C). No problem on LAN, but can be issue over the Internet.
-c blowfish sets the encryption type.
<user>@<server> are the username and the machine name (or IP address) of the server running Xephyr. In my case, this is roger@roger-laptop, but I could also have used roger@localhost or email@example.com or anything of that sort.
xterm is the application. We begin humbly.
So our example is:
ssh -XfC -c blowfish roger@roger-laptop xterm
If this is the first time you're connecting to the server, you will have to accept its signature. This is the standard precaution when establishing new SSH connections.
And we have the xterm forwarded.
But this is not really exciting, is it? Let's do a whole Gnome session!
Instead of xterm as the application, we will use gnome-session. Here we go!
Now, that's more like it! And we can combine them, too.
Start a second Xephyr server, forwarded to :2. On the client, change the DISPLAY environment to :2 and ssh yet another application to this display. You can continue doing this until you run out of memory. Sweet! Great for impressing girls or working without clutter.
Xephyr is a very neat invention. Desktop users may not find too much use for it, but it should serve developers or geeks well. Regardless of its end use, it's a very good exercise in Linux command line for any, as it includes playing with environment variables and helps understand basic concepts in networking a little better.
I hope you enjoyed. Big thanks to bodhi.zazen for his original article.
See you around!