клиент удаленного входа OpenSSH (OpenSSH remote login client)
X11 FORWARDING
If the ForwardX11 variable is set to 'yes' (or see the description
of the -X, -x, and -Y options above) and the user is using X11 (the
DISPLAY environment variable is set), the connection to the X11
display is automatically forwarded to the remote side in such a way
that any X11 programs started from the shell (or command) will go
through the encrypted channel, and the connection to the real X
server will be made from the local machine. The user should not
manually set DISPLAY. Forwarding of X11 connections can be
configured on the command line or in configuration files.
The DISPLAY value set by ssh will point to the server machine, but
with a display number greater than zero. This is normal, and
happens because ssh creates a 'proxy' X server on the server
machine for forwarding the connections over the encrypted channel.
ssh will also automatically set up Xauthority data on the server
machine. For this purpose, it will generate a random authorization
cookie, store it in Xauthority on the server, and verify that any
forwarded connections carry this cookie and replace it by the real
cookie when the connection is opened. The real authentication
cookie is never sent to the server machine (and no cookies are sent
in the plain).
If the ForwardAgent variable is set to 'yes' (or see the
description of the -A and -a options above) and the user is using
an authentication agent, the connection to the agent is
automatically forwarded to the remote side.
