Re: trouble tunneling

From: Richard E. Silverman (slade@shore.net)
Date: 03/04/03 

From: slade@shore.net (Richard E. Silverman)
Date: 04 Mar 2003 13:15:52 -0500

>>>>> "JM" == Jacob Mathew <jgm23@cornell.edu> writes:

    JM> I have a two computers (A and B) both running win xp. I have a
    JM> VNC server and an SSH server (SSH secure shell server evaluation
    JM> version) running on computer A. I use putty as my ssh client on B
    JM> and tell it to connect with a tunnell (localhost:5901
    JM> xxx.xxx.x.xxx:5900). But running vnc on localhost:1 dosent seem
    JM> to work. (no error messages either.. just closes).

    JM> I ran TCPView on both machines. On machine B I see putty having a
    JM> connection from B:1381 to A:22, listening on port B:5901 and on
    JM> B:1381 and a connectin from B:5901 B:1382.

    JM> On machine A i see ssh2master.exe having a connteion from A:22 to
    JM> B:1382, and listening of A:22, but is not listening on port 5900.
    JM> Is that the problem if so how do I solve it.

No, the SSH server would not be listening on 5900; your VNC server should
be. Also, you will need to configure VNC to allow connections from the
same host; normally, this is disabled.

    JM> Just so that I know this stuff better, I have a couple of
    JM> questions too (some of them might sound ignorant but bear with
    JM> me). When a port is forwarded from a port A:2 to B:3 it means all
    JM> messages from A:2 are forwared to B:3 *and* vice versa right?

It means that when something makes a TCP connection to A:2, the SSH client
instructs the SSH server to make a TCP connection to B:3. The SSH client
and server then transparently pass information back and forth between
those two connections, across the SSH session.

    JM> why does putty have a connection from B:5901 to B:1382 (it seems
    JM> to me in order to fowraed messages it jsut needs to be listning on
    JM> port 5901)

1382 is the ephemeral source port of the connection you made from the VNC
client to the forwarded port. 

-- 
  Richard Silverman
  slade@shore.net

Relevant Pages

  • Re: SFTP Error
    ... The F-Secure SSH Client first makes a standard SSH connection to the ... server and then attempts to start the sftp-server with the user ... If your SSH Server is on a windows box then run the "path" command ... It works fine when I use the SSH Client. ...
    (SSH)
  • Re: Apache Software Foundation Server compromised, resecured. (fwd)
    ... this was one "result" of the comromised ssh binary at sourceforge. ... a public server of the Apache Software Foundation ... > (ASF) was illegally accessed by unknown crackers. ... > exhaustive audit of all Apache source code and binary distributions ...
    (FreeBSD-Security)
  • Re: FreeBSD Crash without Errors, Warnings, or Panics
    ... I suppose I could run on stable until the driver is fixed in a release branch, but I need this box up and online, and I've always read that the stable branch is not the place for production servers. ... I'm running 6.0-RELEASE-p5 on a Toshiba built server: dual Xeon Intel motherboard with a LSILogic MegaRAID controller. ... Also, some network ports still respond, like a telnet to port 22 to test SSH will yield an SSH banner, but trying to connect with SSH just hangs. ... The box runs a web-based app and connects to a local Postgres DB which seemed to be unable to start new connections being requested by the PHP scripts. ...
    (freebsd-hackers)
  • Re: restrict ssh access
    ... > We have one ssh server which receives about 6000 failed attempts to ... > unsuccessful login attempts per client IP address? ... the remote server is also running OpenSSH. ...
    (comp.security.ssh)
  • Re: SSH as root
    ... Subject: SSH as root ... but it doesn't require having a key on the server that could be ... If they compromise a server, and the passphrase, etc. is there, they only ... private key to anyone. ...
    (SSH)