Running firefox a bit more safely - HOWTO

Matthias Play matthias_play at
Mon Sep 26 09:41:42 PDT 2016

Hi Matt,

the script does not work for me as it is listed. I need to call ssh with
'-Y' to get it working.

I get the following error when calling ssh like it has been suggested:

"Unable to init server: Could not connect: Abstract UNIX domain socket
addresses not supported on this system
Error: cannot open display: :0.0"

What might be the reason for this?


On 12.08.15 20:32, Matthew Dillon wrote:
> The sshd sets the DISPLAY environment variable to point to its tunnel. 
> There is no requirement that you use the tunnel, hence the above script
> overrides it and sets the DISPLAY to :0.0  (which is a direct local
> connection) before running firefox.
> -Matt
> On Wed, Aug 12, 2015 at 2:22 AM, Carsten Mattner
> <carstenmattner at <mailto:carstenmattner at>> wrote:
>     On Tue, Aug 11, 2015 at 7:32 PM, Matthew Dillon
>     <dillon at <mailto:dillon at>>
>     wrote:
>     >         #!/bin/csh
>     >         #
>     >         # script for ~/bin/firefox  (assumes ~/bin is in your path)
>     >         #
>     >         scp ~/.Xauthority dfw1 at localhost:
>     >         ssh dfw1 at localhost -n "setenv DISPLAY :0.0; firefox"
>     snip
>     >     * Also note that these applications will be able to use X shared memory
>     >       and thus run fairly optimally (they are NOT using an ssh tunnel nor do
>     >       we want them to as that would be ridiculously slow).  Programs run in
>     >       this way will not have direct access to the GPU so 3D might not be
>     >       so hot.  But for general browsing I haven't had any trouble, and even
>     >       with 4K video appears to work about the same as it did before.
>     Can you explain how this works without going through localhost:22?
>     Isn't X forwarded through the ssh tunnel?

More information about the Users mailing list