Joshua Ferraro wrote:
You can always tunnel the VNC connection through SSH. It's what I do for those unfortunate times I stuck on a windows machine (since the VNC viewer and PuTTY are monolithic executables that don't require administrative privileges to install).Could you expand on how exactly you set that up? I rarely use windows but sometimes I am forced to (like on campus computers). Also, is there an easy way to acomplish the same thing on a linux box? Joshua
Remote Firewall Local Box -----> Box -----> Box (Win32) (Linux) (Linux) Naturally, if you do not have a firewall box to SSH into first, you can go direct to the Local Box.1. Get the VNC Viewer http://www.realvnc.com/dist/vnc-3.3.7-x86_win32_viewer.zip
2. Get PuTTY http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe 3. Double click PuTTY and enter the hostname or IP of your firewall box, select SSH, and in "Tunnels" forward local port 10000 (or some high number) to localhost:10000. Make the connection. (If you don't have an intermediate firewall, forward to localhost:5901. This assumes that you have run your vnc server as display:1. Otherwise choose port 5900+vnc-display-num. If you use rfb to export your primary display, the port is 5900.) 4. If you are now logged in to an intermediate Linux firewall, execute: ssh -L 10000:localhost:5901 user@host, otherwise skip this step. See note above about the port numbers. 5. Double click the VNC viewer icon on the windows box and tell it to connect to display localhost:10000. From Linux to Linux it looks like this: (with intermediate firewall) ssh -L 10000:localhost:10000 user@firewall ssh -L 10000:localhost:5901 user@box (without intermediate firewall) ssh -L 10000:localhost:5901 user@box $ vncserver :1 (different xterm) vncviewer localhost:10000 Some gotchas: - Make sure you have "Xvnc: LOCAL" in /etc/hosts.allow. This makes certain you don't accidentally connect from an unsecure remote client, only from a local (to the box) connection (like a forwarded SSH connection). - Don't forget to start the vnc server, either before leaving home (in the case using rfb to export your primary :0 display) or on logging into the box. - Don't forget to kill the vncserver ("vncserver -kill :1") when you finish. It's not good to leave extra services running. -Roberto
Attachment:
signature.asc
Description: OpenPGP digital signature