Forwarding X11 over SSH if the server configuration doesn't allow it

Is the protocol X11 speaks when talking to a tcp port any different when talking to a socket?

Perhaps you could combine your own suggested use of ssh -R 6010:localhost:6000 to bring the X11 data in over port forwarding, then bridge the local gab between the tcp port and the X11 socket listener with nc like:

nc -l -p 6000 > /tmp/.X11-unix/X0

1. Spin up an additional X server using Xephyr. This is for security — it prevents the remote system from compromising yours.

2. Use SSH to forward a remote socket to the Xephyr socket. SSH supports forwarding Unix sockets, too.

3. Set the environment variables on the remote server correctly.

@Demi 's answer is good but I think filling it out would be great help.

• local -- the local machine serving an Xserver.
• remote -- the remote machine serving the application which drives the data going to the Xserver

Remote /etc/ssh/sshd_config:

X11Forwarding no
X11DisplayOffset 10
X11UseLocalhost yes

Remote ~/.Xauthority is empty or does not exist

On local:

Xephyr -ac -screen 1280x800 -br -reset   :2 &
DISPLAY=:2 ssh  -fR 6010:/tmp/.X11-unix/X2  user@remote "DISPLAY=:10 xeyes"

In the test, local was running Ubuntu 18.05, remote was running Debian Jesse.