Re: Remote access PC support

• Previous message: Matthew Joyce: "RE: Remote access PC support"
• In reply to: Joshua Ferraro: "Re: Remote access PC support"
• Next in thread: Bobn: "remote access-follow-up"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 17 Feb 2004 21:35:04 -0500
To: Joshua Ferraro <jferraro@athenscounty.lib.oh.us>

Joshua Ferraro wrote:
>>You can always tunnel the VNC connection through SSH. It's what
>>I do for those unfortunate times I stuck on a windows machine
>>(since the VNC viewer and PuTTY are monolithic executables that
>>don't require administrative privileges to install).
>
> Could you expand on how exactly you set that up? I rarely use windows
> but sometimes I am forced to (like on campus computers). Also, is there
> an easy way to acomplish the same thing on a linux box?
>
> Joshua
>

Remote Firewall Local
  Box -----> Box -----> Box
(Win32) (Linux) (Linux)

Naturally, if you do not have a firewall box to SSH into first,
you can go direct to the Local Box.

1. Get the VNC Viewer
http://www.realvnc.com/dist/vnc-3.3.7-x86_win32_viewer.zip
2. Get PuTTY http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
3. Double click PuTTY and enter the hostname or IP of your firewall
    box, select SSH, and in "Tunnels" forward local port 10000 (or some
    high number) to localhost:10000. Make the connection. (If you don't
    have an intermediate firewall, forward to localhost:5901. This
    assumes that you have run your vnc server as display:1. Otherwise
    choose port 5900+vnc-display-num. If you use rfb to export your
    primary display, the port is 5900.)
4. If you are now logged in to an intermediate Linux firewall, execute:
    ssh -L 10000:localhost:5901 user@host, otherwise skip this step.
    See note above about the port numbers.
5. Double click the VNC viewer icon on the windows box and tell it to
    connect to display localhost:10000.

 From Linux to Linux it looks like this:

(with intermediate firewall)
ssh -L 10000:localhost:10000 user@firewall
ssh -L 10000:localhost:5901 user@box

(without intermediate firewall)
ssh -L 10000:localhost:5901 user@box

$ vncserver :1

(different xterm)
vncviewer localhost:10000

Some gotchas:

- Make sure you have "Xvnc: LOCAL" in /etc/hosts.allow.
   This makes certain you don't accidentally connect from
   an unsecure remote client, only from a local (to the box)
   connection (like a forwarded SSH connection).
- Don't forget to start the vnc server, either before leaving
   home (in the case using rfb to export your primary :0 display)
   or on logging into the box.
- Don't forget to kill the vncserver ("vncserver -kill :1")
   when you finish. It's not good to leave extra services
   running.

-Roberto

-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

• application/pgp-signature attachment: OpenPGP digital signature

• Previous message: Matthew Joyce: "RE: Remote access PC support"
• In reply to: Joshua Ferraro: "Re: Remote access PC support"
• Next in thread: Bobn: "remote access-follow-up"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]