VNC

Steven

13 May 2005 13 May '05

20:08

Has anyone used VNC to access a remote linux box to view the KDE session on a given display (display:0 for example)? What firewall settings were used?

Show replies by date

Sunny

13 May 13 May

20:19

New subject: [SLE] VNC

On 5/13/05, Steven wrote:

...

Has anyone used VNC to access a remote linux box to view the KDE session on a given display (display:0 for example)? What firewall settings were used?

Hi Steven, Just 5900 for :0. But you have to know that VNC session is not secured. For that reason I use ssh tunneling. Then from my "client" I ssh to the host, and the use VNC viewer against a local port. That way there is no need to open 59xx ports in the firewall. Cheers Sunny

Steven

21:23

New subject: [SLE] VNC

Sunny wrote:

...

On 5/13/05, Steven wrote:

...
Has anyone used VNC to access a remote linux box to view the KDE session on a given display (display:0 for example)? What firewall settings were used?

Hi Steven, Just 5900 for :0.

But you have to know that VNC session is not secured. For that reason I use ssh tunneling. Then from my "client" I ssh to the host, and the use VNC viewer against a local port. That way there is no need to open 59xx ports in the firewall.

Cheers Sunny

I've never heard of that process before. How does one go about doing it?

Khan St. Preest

14 May 14 May

01:52

New subject: [SLE] VNC

...

...
Hi Steven, Just 5900 for :0.

But you have to know that VNC session is not secured. For that reason I use ssh tunneling. Then from my "client" I ssh to the host, and the use VNC viewer against a local port. That way there is no need to open 59xx ports in the firewall.

Cheers Sunny

I've never heard of that process before. How does one go about doing it?

0. ssh to the remote box forwarding local port 15900 to the remote box's own port 5900 e.g. ssh -L 15900:localhost:5900 user@hosts.dns-name.or.address 1. then run a vnc client on your host but connect to your own port 15900 e.g. krdc vnc://localhost:15900 ssh tunnels this vnc connection to your localhost port 15900, through the ssh session, and out the other side to the other machine's localhost port 5900. the port numbers i used are just examples, use whatever ports suit you and your scenario. hope that helps! Khan

Susemail

23:18

New subject: [SLE] VNC

On Friday 13 May 2005 15:52, Khan St. Preest wrote:

...

...
...
Hi Steven, Just 5900 for :0.

But you have to know that VNC session is not secured. For that reason I use ssh tunneling. Then from my "client" I ssh to the host, and the use VNC viewer against a local port. That way there is no need to open 59xx ports in the firewall.

Cheers Sunny

I've never heard of that process before. How does one go about doing it?

0. ssh to the remote box forwarding local port 15900 to the remote box's own port 5900 e.g. ssh -L 15900:localhost:5900 user@hosts.dns-name.or.address

When I check the man page for ssh the -L option looks like this: -L Xo Sm off port host hostport Sm on, but you only used -L in your example. When you use -L what are the values for the ' Xo Sm off port host hostport Sm on' part? Thanks, Jerome

...

1. then run a vnc client on your host but connect to your own port 15900 e.g. krdc vnc://localhost:15900

ssh tunnels this vnc connection to your localhost port 15900, through the ssh session, and out the other side to the other machine's localhost port 5900.

the port numbers i used are just examples, use whatever ports suit you and your scenario.

hope that helps! Khan

Sunny

23:34

New subject: [SLE] VNC

On Saturday 14 May 2005 18:18, Susemail wrote:

...

On Friday 13 May 2005 15:52, Khan St. Preest wrote: When I check the man page for ssh the -L option looks like this: -L Xo Sm off port host hostport Sm on, but you only used -L in your example. When you use -L what are the values for the ' Xo Sm off port host hostport Sm on' part? Thanks, Jerome

From man ssh: -L port:host:hostport Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side. This works by allocating a socket to listen to port on the local side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made to host port hostport from the remote machine. Port forwardings can also be specified in the configuration file. Only root can for ward privileged ports. IPv6 addresses can be specified with an alternative syntax: port/host/hostport. sunny@suse:~> rpm -qa | grep openssh openssh-askpass-3.8p1-33 openssh-3.8p1-37.17 What version of openssh do you use? Btw, you never tald wht OS id the "client". Cheers Sunny

Anders Johansson

23:46

New subject: [SLE] VNC

On Sunday 15 May 2005 01:18, Susemail wrote:

...

When I check the man page for ssh the -L option looks like this: -L Xo Sm off port host hostport Sm on, but you only used -L in your example. When you use -L what are the values for the ' Xo Sm off port host hostport Sm on' part?

:) The .Xo Sm off Sm on stuff is troff markup. You've been looking at a man page that hasn't been formatted for screen display, the source code of a man page.

Kornelis Sietsma

16 May 16 May

03:37

New subject: [SLE] VNC

Khan St. Preest wrote:

...

...
...
Hi Steven, Just 5900 for :0.

But you have to know that VNC session is not secured. For that reason I use ssh tunneling. Then from my "client" I ssh to the host, and the use VNC viewer against a local port. That way there is no need to open 59xx ports in the firewall.

Cheers Sunny

I've never heard of that process before. How does one go about doing it?

0. ssh to the remote box forwarding local port 15900 to the remote box's own port 5900 e.g. ssh -L 15900:localhost:5900 user@hosts.dns-name.or.address

1. then run a vnc client on your host but connect to your own port 15900 e.g. krdc vnc://localhost:15900

ssh tunnels this vnc connection to your localhost port 15900, through the ssh session, and out the other side to the other machine's localhost port 5900.

the port numbers i used are just examples, use whatever ports suit you and your scenario.

Note that the standard vnc client can do most of this for you, these days. From 'man vncviewer': -via gateway Automatically create encrypted TCP tunnel to the gateway machine before connection, connect to the host through that tunnel (TightVNC-specific). By default, this option invokes SSH local port forwarding, assuming that SSH client binary can be accessed as /usr/bin/ssh. Note that when using the -via option, the host machine name should be specified as known to the gateway machine, e.g. "localhost" denotes the gateway, not the machine where vncviewer was launched. See the ENVIRONMENT section below for the information on configuring the -via option. So you can simply type: vncviewer -via my_remote_host localhost:0 where "localhost:0" indicates VNC session 0 (port 5900) on the "my_remote_host" host, strangely. I only found this by accident, but it certainly saves a lot of typing :) - Korny

6929

Age (days ago)

6932

Last active (days ago)

List overview

Download

7 comments

6 participants

participants (6)

Anders Johansson
Khan St. Preest
Kornelis Sietsma
Steven
Sunny
Susemail

VNC

Steven

Sunny

Steven

Khan St. Preest

Susemail

Sunny

Anders Johansson

Kornelis Sietsma

tags

participants (6)