Trying to get X11 over SSH working: Connection refused by server

Using Cygwin/X11
Launch command in local Xterm for SSH:

xterm -e ssh -Y -v -l MyUser myserver.mydomain.com &

After logging in, I've run

setenv DISPLAY myclient.mydomain.com:0.0

When I try to launch an Xterm I get:

Xlib: connection to "myclient.mydomain.com:0.0" refused by server
Xlib: No protocol specified

xterm Xt error: Can't open display: myclient.mydomain.com:0.0

On another server I have no issues launching new xterm windows without running the setenv.
"echo $DISPLAY" on that server returns "localhost:11.0"

If I try using that on the other server I get the following:

$ setenv DISPLAY localhost:11.0
$ xterm
xterm Xt error: Can't open display: localhost:11.0

I figure I'm missing something pretty basic, but I'm not sure what it is.

---

EDIT:
Tried not setting the $DISPLAY:

Here's the results

$ echo $DISPLAY
DISPLAY: Undefined variable.
$ xlogo
Error: Can't open display:

Still not working :-(

---

EDIT Again: The above was on a straight login. I did not remove the $DISPLAY or change it before trying to run xlogo

From serverfault Luciano

• From man ssh:

  -X   Enables X11 forwarding. This can
       also  be specified on a per-host
       basis in a configuration file.
  

  Luciano : I'm using -Y, which enables trusted Xll Forwarding.

  PP : Ah, might be different on different operating systems.
  From PP

• Don't set the display on the remote side. By using the -Y parameter on SSH, it will set up a listener on the (remote)local side that gets tunneled back to the local side.

  You should be able to do this:

  local$ ssh -Y user@remote
  remote$ xlogo
  

  ...and the xlogo will pop up.

  Edit: this assumes that the display is set up on the local system first, ie:

  local$ xlogo
  

  ...should work before you perform the ssh, as ssh just plugs the forward back to whatever the originating session thinks is the correct display. This is useful, since you can carry your display through multiple ssh sessions:

  local$ ssh remote
  remote$ ssh further
  further$ xlogo
  

  ...should work.

  Luciano : Tried that- Output is above as an edit. Short- it didn't work.

  David Mackintosh : The display has to be set locally first, I think.

  pjz : Don't forget that the remote machine needs to have 'xauth' installed on it - I think that debian, for instance, doesn't install that by default on minimal installs.

  David Mackintosh : You are right. Some systems either don't have xauth or don't include it in the path when you login.
  From David Mackintosh

• David pretty much nailed one half of the equation -- the ssh mechanism automatically takes care of setting up the xauth authentication and defining your display, so don't override that manually by setting the DISPLAY variable yourself.

  The other issue is that some ssh daemons on the destination side of things are configured to deny X forwarding even if you ask politely.

  ssh -v will tell you if the server declines to allow X forwarding; you can also look at the sshd_config to see if it disallows X forwarding.

  Luciano : It does not appear that it is setting up the $DISPLAY for me- if I don't set anything, the variable is not defined.
  From chris

• You should do after login a

  echo $DISPLAY
  

  Probably you will get something like "localhost:11.0". This means ssh will automatically forward any connection going to localhost display 11 to your X11 server on the laptop. So, just start your program.

  When you modify the DISPLAY you tell the program to connect directly to your laptop (without encryption). In order that to work you should allow it on your laptop (do something like "xhost +myclient.mydomain.com).

  Also, when you do "ssh -Y", on the server the X server should listen to a TCP port 6000+n where n is the display number assigned to your trusted connection. You can check by doing:

  netstat -l -t 
  

  then check if there is anything open after port 6000 (for example 6011). If, for any reason the DISPLAY is set wrong (maybe to your colleague machine?) then try to do:

  setenv DISPLAY localhost:11.0
  

  Luciano : When I log in, the $DISPLAY is not set. I've tried "setenv DISPLAY localhost:11.0", but that does not work (xterm Xt error: Can't open display: localhost:11.0) Is there a way to find out what port the X11 forwarding is listening to?

  Luciano : I've run netstat -l -t on the remote box, and then compared it to a ps -ef | grep vnc output, and I don't see a port that doesn't match with a VNC instance (6007 -> Xvnc :7) On my local box, I see Xwin listening on port 6000.

  vladmihaisima : Did you check /etc/ssh/sshd_config ? It should have: "X11Forwarding yes" and "X11DisplayOffset 10". I assumed they are already enabled as you said your colleague can do that...
  From vladmihaisima