Re: Remote access PC support

To: Joshua Ferraro <jferraro@athenscounty.lib.oh.us>
Cc: debian-user@lists.debian.org
Subject: Re: Remote access PC support
From: Roberto Sanchez <rcsanchez97@yahoo.es>
Date: Tue, 17 Feb 2004 21:35:04 -0500
Message-id: <[🔎] 4032CF58.3000100@yahoo.es>
In-reply-to: <[🔎] 20040218004310.GA10221@alma.athenscounty.lib.oh.us>
References: <[🔎] 20040217234551.EVZY18515.imf17aec.mail.bellsouth.net@mail.bellsouth.net> <[🔎] 20040218003240.GC24881@ursine.ca> <[🔎] 4032B439.2000603@yahoo.es> <[🔎] 20040218004310.GA10221@alma.athenscounty.lib.oh.us>

Joshua Ferraro wrote:

You can always tunnel the VNC connection through SSH.  It's what
I do for those unfortunate times I stuck on a windows machine
(since the VNC viewer and PuTTY are monolithic executables that
don't require administrative privileges to install).


Could you expand on how exactly you set that up?  I rarely use windows
but sometimes I am forced to (like on campus computers).  Also, is there
an easy way to acomplish the same thing on a linux box?

Joshua


Remote              Firewall              Local
 Box        ----->    Box         ----->   Box
(Win32)             (Linux)              (Linux)


Naturally, if you do not have a firewall box to SSH into first,
you can go direct to the Local Box.

1. Get the VNC Viewerhttp://www.realvnc.com/dist/vnc-3.3.7-x86_win32_viewer.zip

2. Get PuTTY http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
3. Double click PuTTY and enter the hostname or IP of your firewall
   box, select SSH, and in "Tunnels" forward local port 10000 (or some
   high number) to localhost:10000.  Make the connection.  (If you don't
   have an intermediate firewall, forward to localhost:5901.  This
   assumes that you have run your vnc server as display:1.  Otherwise
   choose port 5900+vnc-display-num.  If you use rfb to export your
   primary display, the port is 5900.)
4. If you are now logged in to an intermediate Linux firewall, execute:
   ssh -L 10000:localhost:5901 user@host, otherwise skip this step.
   See note above about the port numbers.
5. Double click the VNC viewer icon on the windows box and tell it to
   connect to display localhost:10000.

From Linux to Linux it looks like this:

(with intermediate firewall)
ssh -L 10000:localhost:10000 user@firewall
ssh -L 10000:localhost:5901 user@box

(without intermediate firewall)
ssh -L 10000:localhost:5901 user@box

$ vncserver :1

(different xterm)
vncviewer localhost:10000

Some gotchas:

- Make sure you have "Xvnc: LOCAL" in /etc/hosts.allow.
  This makes certain you don't accidentally connect from
  an unsecure remote client, only from a local (to the box)
  connection (like a forwarded SSH connection).
- Don't forget to start the vnc server, either before leaving
  home (in the case using rfb to export your primary :0 display)
  or on logging into the box.
- Don't forget to kill the vncserver ("vncserver -kill :1")
  when you finish.  It's not good to leave extra services
  running.

-Roberto

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

References:
- Remote access PC support
  - From: <speaker11@bellsouth.net>
- Re: Remote access PC support
  - From: Paul Johnson <baloo@ursine.ca>
- Re: Remote access PC support
  - From: Roberto Sanchez <rcsanchez97@yahoo.es>
- Re: Remote access PC support
  - From: Joshua Ferraro <jferraro@athenscounty.lib.oh.us>

Prev by Date: RE: Remote access PC support
Next by Date: Re: Remote access PC support
Previous by thread: Re: Remote access PC support
Next by thread: remote access-follow-up
Index(es):
- Date
- Thread