Mailinglist Archive: opensuse-security (394 mails)

< Previous Next >
Re: VNC through SSH tunnelling problem
  • From: Johannes Franken <jfranken@xxxxxxxxxxx>
  • Date: Wed, 10 Dec 2003 22:33:52 +0100
  • Message-id: <20031210213352.GA19424@xxxxxxxxxxx>
* Neil Anderson <cleidh_mor@xxxxxxxxxxxxxxx> [2003-12-09 21:46 +0100]:
> I SSH to my Linux box ok, start a VNC server ok and can do a
> "straight" VNC into the linux box. However, if I try to use the VNC
> viewer to set up a connection to localhost on the Windoze machine (to
> use port forwarding) nothing happens and if I look in PuTTY's event
> log it has the error "server refused forwarded connection".

Just some ideas:

1.) The server's /etc/ssh/sshd_config doesn't contain
"AllowTcpForwarding=no", does it?

2.) Are there any "no-port-forwarding" or "permitopen" options in your
~/.ssh/authorized_keys ?

3.) Are you forwarding to the right port?
"lsof -Pai -c Xvnc" and
"netstat -ptan|grep Xvnc"
can find out the port of the vncserver, like
"*:5901 (LISTEN)" or
"0.0.0.0:5901"
(mind the ip address before the colon: it must be wildcard or localhost)

4.) Are you forwarding to the right host?
Try 127.0.0.1 instead of "localhost" or any hostname.

5.) Can you locally connect to the vncserver? Check with
"nc -v localhost 5901" or "telnet localhost 5901" from the server's
shell. It must print a line starting with "RFB".

6.) Is the server's /etc/hosts missing the line "127.0.0.1 localhost"?

7.) If this all doesn't help, I'd next try to trace the server's
loopback interface by running "tcpdump -i lo port 5901" as root.

--
Johannes Franken

Professional unix/network development
mailto:jfranken@xxxxxxxxxxx
http://www.jfranken.de/

< Previous Next >
Follow Ups
References