Você precisa usar a opção -X
com ssh :
-X Enables X11 forwarding. This can also be specified on a per-host
basis in a configuration file.
X11 forwarding should be enabled with caution. Users with the
ability to bypass file permissions on the remote host (for the
user's X authorization database) can access the local X11 display
through the forwarded connection. An attacker may then be able
to perform activities such as keystroke monitoring.
For this reason, X11 forwarding is subjected to X11 SECURITY
extension restrictions by default. Please refer to the ssh -Y
option and the ForwardX11Trusted directive in ssh_config(5) for
more information.
O lado do servidor também deve suportar o encaminhamento do X em /etc/ssh/sshd_config
:
X11Forwarding
Specifies whether X11 forwarding is permitted. The argument must
be “yes” or “no”. The default is “no”.
When X11 forwarding is enabled, there may be additional exposure
to the server and to client displays if the sshd(8) proxy display
is configured to listen on the wildcard address (see
X11UseLocalhost below), though this is not the default.
Additionally, the authentication spoofing and authentication data
verification and substitution occur on the client side. The
security risk of using X11 forwarding is that the client's X11
display server may be exposed to attack when the SSH client
requests forwarding (see the warnings for ForwardX11 in
ssh_config(5)). A system administrator may have a stance in
which they want to protect clients that may expose themselves to
attack by unwittingly requesting X11 forwarding, which can
warrant a “no” setting.
Note that disabling X11 forwarding does not prevent users from
forwarding X11 traffic, as users can always install their own
forwarders. X11 forwarding is automatically disabled if UseLogin
is enabled.
Então você pode usá-lo:
$ ssh -X user@host xclock