Open PuTTY, put in the hostname in the main screen, but before you click Open, dig down in the options pane on the left hand side. Then on monad you run vncviewer on localhost, and all should work. That may be the same as what you said, but I got a bit confused.Ĭode: Select all ssh -L 5900:localhost:5900 dyad So in block diagram terms it sort of goes The magic of ssh forwarding takes that connection, tunnels it through the firewall's open port 22, and spits it out on dyad's ssh server, which then (as part of the magic) forwards it to dyad:5900, which is where the actual VNC server is listening. You then run the VNC client connecting to monad:5900 (or, equivalently, localhost:5900). On monad, you setup your ssh client to listen on port 5900. On dyad, you have an ssh server listening on port 22, and a VNC server listening on port 5900. Let's say the computer you're on is called monad and the one you want to VNC into is called dyad. Not quite (if I understand that right anyway). REMOTE COMPUTER (runs VNC viewer) -> connects using 5900 ->ssh client, 5900 forward to 22, so in the end:Ģ2 (MY COMPUTER) VNCSSHCLIENT> 22 (REMOTE COMPUTER) MY COMPUTER (runs VNC) -> listens on 5900 ->ssh, which listens on 22. There's even a protocol called sftp which uses similar principles to implement a secure version of FTP.) (Comes in handy in a lot of places - getting through firewalls, accessing things that are restricted to a particular IP address range, etc. It's probably worth sorting out your immediate problem before worrying about ssh tunnelling, but it's a useful thing to find out about. also behind the firewall) you don't even need an ssh server on that machine - you can just use the one which is bound to be running on the *nix machine. If you have a *nix machine on the same local network as the machine you want to VNC into (i.e. Windows ssh servers are a bit trickier and usually involve either paying or setting up cygwin and the cygwin ssh server - the latter isn't hard but can be a bit fiddly. Windows ssh clients include PuTTY and probably some others. The two advantages being: the only port the firewall needs to let through is port 22 (ssh), since the VNC traffic is being 'tunnelled' through the ssh connection, and since it's ssh, it encrypts everything so you get security for free. So if you forwarded port 5900 to :5900, you can then point your VNC viewer at localhost and ssh will forward it over to the remote machine. One of the things it can do is a limited form of port forwarding - you can tell it to listen for connections on, say, port 22222, and forward them to a port of your choice on a computer of your choice. Ssh is the Secure SHell - originally designed to let you log into a remote computer securely, but can do all sorts of other clever stuff too.
0 Comments
Leave a Reply. |