Using X11 over SSH from a Mac

Using ProxyCommand like @womble told you works. For me another way works, too. I also need to occasionally run remote X programs from a computer that's behind another server, so I need to connect from my laptop to a server and from there to my final destination. I do it like this:

ssh -YC me@myserver

and then from the server

ssh -YC me@myanothercomputer

So I use -YC instead of -X. Even the -Cis not needed, it's just compression, it helps me a bit if I'm behind a slow connection.

You can do this, but not the way you think. What you want to do is use the SSH ProxyCommand configuration option (see ssh_config(5) for examples) to allow you to make an SSH connection directly from your local machine to the destination, tunneling the SSH connection inside one or more other connections. You're not making multiple "hops", just a series of tunnels.

Sidenote: I don't think goodserver has X11 installed.

I think this is the problem - ssh -X will try to forward any remote incoming X connections to the local X server, and this seems to be impossible if there is no local X library and such. (It might be that SSH actually uses the X library for the cookie rewriting.)

I just tried your commands, and it worked fine - but here the intermediate server had the X binaries, too. (It has no monitor, though.)

So, use the proposal by womble: use one SSH connection to goodserver, create a tunnel in this connection, and then run a second connection through this tunnel. (I normally do this using the JSch SSH client library for Java, but it is also possible with command line SSH.)

ssh -L localhost:2222:badserver:22 -N root@goodserver &
ssh -X -p 2222 root@localhost

You might need the -o NoHostAuthenticationForLocalHost=yes for the second command to avoid your SSH client to howl if you already have another key for localhost stored in your known hosts file.