Xephyr - Multiple nested X sessions

Updated: January 11, 2010

If the title of this article sounds like something from Star Trek, you're not far off. It's a very geeky thing, which allows you to export X (GUI) applications as separate entities on top of your desktop. Indeed, Xephyr is an X server utility. As such, it allows you to manage your virtual consoles, without leaving the safety and comfort of your desktop.


What is Xephyr good for?

Well, except for impressing girls with your omnipotent computing skills, you can use it for development of applications, demonstration of tools and secure forwarding of X sessions without VNC.

This article is referenced from a very nicely written tutorial at Ubuntu forums, by bodhi.zazen. Most of the critical information is there, I've just polished it a little, added some extra examples and a sprinkling of screenshots. Anyhow, demonstrated on Ubuntu 9.10.

Install Xephyr

Xephyr can be found in the repositories. Grab it and install it.

sudo apt-get install xserver-xephyr

Start Xephyr server

You can use a single machine for this demonstration or several. Regardless, the host running Xephyr server will have to have the SSH port open. Ubuntu does not ship with SSH installed, so you will have to do that, as well.

sudo apt-get install ssh

Once you have ssh running on a host, start Xephyr. Here's the command you will have to run:

Xephyr -ac -screen <resolution> -br -reset -terminate 2> /dev/null :1 &

What do we have were?

You can read the documentation - or just read this explanation here.

-ac disables access control restrictions and allows you to forward X sessions. This is probably similar to running xhost +, which allows you to accept forwarded X sessions to your own.

-screen <resolution> is the screen size of the forwarded sessions. You can choose anything you want, but it's best to keep it within the limits of your native resolution.

-br sets the background color to black. You can choose others if you want.

-reset -terminate is a sort of a failsafe mechanism that should make sure Xephyr closes automatically after the last X session (client) has been killed.

2> /dev/null redirects any error message to /dev/null, a device that is a sort of a black hole, it eats anything sent to it and never gives back. Think of it as your digital trash bin.

:1 is the display that you are using Xephyr for. In general, the default display is :0, which is your monitor. Any additional display, real or virtual, needs a new port. In this case, we're using :1, but we can also use :3, :17 or anything.

& means Xephyr is going to run in the background. Nothing serious, it will merely relinquish the command of the terminal windows back to you.

OK, so a practical example would be:

Xephyr -ac -screen 1024x768 -br -reset -terminate 2> /dev/null :1 &

Xephyr is running and we have SSH open. Now, we need to go to a client machine and export the session there from to our Xephyr server. Please note that the client can be a remote machine or the very same machine you're running on!

Start Xephyr client

In my case, the client is the machine itself running the server. There are no conflicts. It's just a conceptual difference you need to be aware of. Before we forward the application, we need to set the DISPLAY environment variable. You see, by default, your standard display (:0) is the one where data is sent and shown. If we do not change it, Xephyr won't get any data forwarded to it. This needs to be done on the client machine! In BASH:

export DISPLAY=:1.0

In TCSH (you probably won't be running this in Ubuntu, but just in case):

setenv DISPLAY :1.0

If you are forwarding to another computer, then you will have to prefix the :1.0 with the qualified name or the IP address of the remote host. Likewise, pay attention to the display port. If you've forwarded :1, then use :1, if you've forwarded another port, adjust accordingly. Now, let's forward one of our X applications - or the entire session - to Xephyr.

ssh -XfC -c blowfish <user>@<server> <application>

-XfC flags tell ssh to forward X (-X), place the session in the background (-f) and use compression to conserve bandwidth (-C). No problem on LAN, but can be issue over the Internet.

-c blowfish sets the encryption type.

<user>@<server> are the username and the machine name (or IP address) of the server running Xephyr. In my case, this is roger@roger-laptop, but I could also have used roger@localhost or roger@ or anything of that sort.

xterm is the application. We begin humbly.

So our example is:

ssh -XfC -c blowfish roger@roger-laptop xterm

If this is the first time you're connecting to the server, you will have to accept its signature. This is the standard precaution when establishing new SSH connections.


And we have the xterm forwarded.

Forwarded xterm


But this is not really exciting, is it? Let's do a whole Gnome session!

Forward desktop session

Instead of xterm as the application, we will use gnome-session. Here we go!

Gnome session

Now, that's more like it! And we can combine them, too.

Forwarded several applications at once

Start a second Xephyr server, forwarded to :2. On the client, change the DISPLAY environment to :2 and ssh yet another application to this display. You can continue doing this until you run out of memory. Sweet! Great for impressing girls or working without clutter.



Xephyr is a very neat invention. Desktop users may not find too much use for it, but it should serve developers or geeks well. Regardless of its end use, it's a very good exercise in Linux command line for any, as it includes playing with environment variables and helps understand basic concepts in networking a little better.

I hope you enjoyed. Big thanks to bodhi.zazen for his original article.

See you around!


You may also like: