Re: VNC over SSH and SOCKS

From: SKH (skh_at_yoyodyne.net)
Date: 02/05/04 

Date: Thu, 05 Feb 2004 16:59:07 GMT

        OK, I got it working all right. Here's a summary, in case anybody is
interested not to make the same mistakes I made.

        First, my SSH software has been built with socks support, which I did not
know and, much to my embarrassment, never bother to test. Thus (using the
notation of my original posting) if in A I invoke

        ssh B

then I get a shell in B, just as I do with

        runsocks ssh B

        Now as far as port forwarding is concerned, runsocks seems to interfere
destructively with SSH. Indeed

        runsocks ssh -L x:localhost:y FIP

seems to fail all the time, in the same way, no matter what port numbers x
and y I use. However, invoking

        ssh -L x:localhost:y FIP

does the right thing, at least when x and y are port numbers used in VNC -
in my case, both x and y are 5901.

        Second, after invoking

        ssh -L 5901:localhost:5901 FIP

I was of course getting a shell on B, as expected. I just did not know
that the port forwarding remains active as long as the shell is up. If one
exits the shell immediately, the VNC connection will never succeed.

        Anyway, once all of the above is understood and done properly,

        vncviewer localhost:1

on A does indeed establish a successful connection to the VNC server on A.
Much to my delight, the performance of this SSH connection seems to be
much snappier than the direct one by means of

        vncviewer FIP:1

At the very least, the mouse pointer moves much more smoothly.

 

Relevant Pages

  • How did they get behind my NAT?
    ... this point I panicked and shutdown the VNC service ASAP. ... My question is how the attacker got to my VNC port! ... the internet through the router. ... client connection using local port number 5900 (which was also being ...
    (alt.computer.security)
  • Re: PLINK and/or PuTTY -- Logon to Linux with no Privileges
    ... There are firewalls that can detect this sort of thing, ... We've tried just regular VNC, with no luck, then tried it on port 80, ... were easily broken out of because, well, they're shell scripts! ...
    (comp.security.ssh)
  • Re: Ports for Ultra VNC behind a firewall - for remote support
    ... and the vendor for the app they use build a Ultra VNC connection into ... Unless your router allows port forwarding based on MAC address, ... has is to forward a port to a particular host by its IP address. ... So, same issue, all computers have Ultra VNC listener, they connect to ...
    (alt.computer.security)
  • Re: VPN connection question
    ... But if he wants to create an ipsec VPN connection into the ... just a VNC, ... Set the Router for port forwarding to ... random port scans forwarded to my XP box. ...
    (Ubuntu)
  • Re: Remote Access from work to home
    ... VPN from their home computer to the LAN at work ... You could use either RDC or VNC to access your home XP Pro pc. ... difficultly is getting a network connection to it. ... RDC required port 3389 forwarded, ...
    (microsoft.public.windows.server.sbs)