x11 forwarding from WSL2 to remote machine

Question

I am trying to use x11 apps on my Mac from WSL2, but whenever I ssh into the machine I get this warning:

X11 forwarding request failed on channel 0

And echo $DISPLAY returns blank.

In the server I've tried editing the X11 options in sshd_config file, alternated between yes and no on X11 UseLocalhost, edited AddressFamily to inet, used export DISPLAY=localhost:0.0. Nothing works.

So far I've managed to use X11 on the Windows machine where WSL is installed with VcXsrv, but never remotely from an external machine.

Answer 1

So I figured that what I was doing wrong was that I followed this guide: what this actually does is that when I ssh I'm connecting to Windows first, which then prompts the ubuntu shell (or something like that).

So I got rid of that configuration and set up connection directly to the Ubuntu ssh server, and presto, x11 apps work like a charm.

EDIT: For this to be possible, I had to create the following .bat file:

@ECHO OFF
SET ThisScriptsDirectory=%~dp0
SET PowerShellScriptPath=%ThisScriptsDirectory%wsl2-network.ps1
pwsh -NoProfile -ExecutionPolicy Bypass -Command "& pwsh %PowerShellScriptPath%"
::pwsh -NoProfile -ExecutionPolicy Bypass -Command "& wsl"
wsl sudo service ssh start

which makes use of the following wsl2-network.ps1 script:

# WSL2 network port forwarding script v1
#   for enable script, 'Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser' in Powershell,
#   for delete exist rules and ports use 'delete' as parameter, for show ports use 'list' as parameter.
#   written by Daehyuk Ahn, Aug-1-2020

# Display all portproxy information
If ($Args[0] -eq "list") {
    netsh interface portproxy show v4tov4;
    exit;
} 

# If elevation needed, start new process
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))
{
    # Relaunch as an elevated process:
    Start-Process powershell.exe "-File",('"{0}"' -f $MyInvocation.MyCommand.Path),"$Args runas" -Verb RunAs
    exit
}

# You should modify '$Ports' for your applications 
$Ports = (22,80,443)

# Check WSL ip address
wsl hostname -I | Set-Variable -Name "WSL"
$found = $WSL -match '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}';
if (-not $found) {
    Write-Output "WSL2 cannot be found. Terminate script.";
    exit;
}

# Remove and Create NetFireWallRule
Remove-NetFireWallRule -DisplayName 'WSL 2 Firewall Unlock';
if ($Args[0] -ne "delete") {
    New-NetFireWallRule -DisplayName 'WSL 2 Firewall Unlock' -Direction Outbound -LocalPort $Ports -Action Allow -Protocol TCP;
    New-NetFireWallRule -DisplayName 'WSL 2 Firewall Unlock' -Direction Inbound -LocalPort $Ports -Action Allow -Protocol TCP;
}

# Add each port into portproxy
$Addr = "0.0.0.0"
Foreach ($Port in $Ports) {
    Invoke-Expression "netsh interface portproxy delete v4tov4 listenaddress=$Addr listenport=$Port | Out-Null";
    if ($Args[0] -ne "delete") {
        Invoke-Expression "netsh interface portproxy add v4tov4 listenaddress=$Addr listenport=$Port connectaddress=$WSL connectport=$Port | Out-Null";
    }
}

# Display all portproxy information
netsh interface portproxy show v4tov4;

# Give user to chance to see above list when relaunched start
If ($Args[0] -eq "runas" -Or $Args[1] -eq "runas") {
    Write-Host -NoNewLine 'Press any key to close! ';
    $null = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown');
}

You have to run the .bat file with Administrator privilege.