On Thu, 17 Jan 2002, Jens Woch wrote:
But sniffing could happen even if I replace 0/0 with something (much) more specific, couldn't it? The ssh-suggestion by Markus Gaugusch would prevent it, I guess (have to play with it yet).
Jens, in your situation I recommend using SSH port forwarding. Log in to the firewall and port forward your connection. Depending on your setup you have 2 possibilities: a) port forward a port on your firewall to the desired machine b) port forward your localhost through the firewall ad a) you will need _ssh -g -L...._ see _man ssh_ and man sshd especially section AUTHORIZED_KEYS FILE FORMAT on how to restrict the -g (global access) ad b) the better solution: login from the remote machine and forward a port from the remote machine (which is localhost for you) through the firewall to the desired VNC server. i.e. ssh -L12344:vnc_server:5900 firewall (this is for Unix/Linux but other clients are not much different.) then connect your viewer to _localhost:12345_ hope that helps, -- Andreas