Our current X11 forwarding implementation (inagentssh) uses Unix socket forwarding and places the socket file in/tmp/.X11-unix/X0.

New SSH connections overwrite the socket and take over communication. This means that connecting withssh -X twice, then disconnecting from the newest session will also disconnect the old session.

OpenSSH typically does X11 forwarding over port6000 and up, and generally starting from an offset of10 (i.e.6010). For OpenSSH theDISPLAY env looks commonly like:DISPLAY=localhost:10.0 (referring to port6010), whereasagentssh always sets this toDISPLAY=:0.0 (referring to/tmp/.X11-unix/X0).

Theagentssh behavior is problematic in a few situations:

1. The agent doesn't have permission to write to/tmp/.X11-unix
2. There's an X server running inside the workspace (will have allocated/tmp/.X11-unix/X0 already)
3. The user wants the X11 connection to remain open even if other SSH sessions are closed

I propose we implement the listening port + start offset to avoid the conflict listed in 2.

An alternative method is to try/tmp/.X11-unix/X[0-9]+ until we find the next free slot and set theDISPLAY environment variable accordingly. (And if we use an offset it's unlikely to collide with X running in the workspace.)

Please note thatssh.X11.ScreenNumber inx11Callback shouldnot decide the number we use in the workspace, it should be the next free port or file.