Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
On Tuesday 10 October 2006 22:55, Mark Shields wrote: Guys, there's no need to keep replying. Thanks for the help, but I'm able to do it now (have been for the past 4 e-mails) I'm glad you got it sorted Mark. A vaguely related but quite O/T question: would you perhaps know why when I select connect to local ports only (in the VNC server running on a WinXP box, under the Properties tab Connections) to stop it listening to ports connected to the Internet, I can no longer connect from another WinXP box through ssh port forwarding? No problem connecting to the VNC server from my Gentoo box, or from the WinXP box using Knoppix. The error that comes up on the VNC viewer is something like the connection was unexpectedly terminated, would you like to try again. Telnet-ing through the forwarded port similarly fails - the telenet session hangs waiting for a response from the server. As soon as I remove the connect to local ports only the WinXP VNC viewer connects happily again. Is this a WinXP bug? -- Regards, Mick pgp0at3ABNOxm.pgp Description: PGP signature
Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
On 10/10/06, Mark Shields [EMAIL PROTECTED] wrote: I have a gentoo box setup as a router with 3 servers behind it (all 4 servers are running gentoo). Right now I simply have port 5901 to forward from the router to my vnc server so I can access it remotely. I've looked on the gentoo forums and online but haven't been able to find any solid information on how to tunnel 5901 through ssh through the router to the vnc server. Basically, client - router - vnc server port 5901, but over ssh. Any ideas? You want ssh port forwardingyou can read the ssh man page, but basically you want: # ssh -L localhost:5901:remotehost:5901 # vncviewer localhost:5901 HTH, -Richard -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
On Tuesday 10 October 2006 13:46, Mark Shields wrote: I have a gentoo box setup as a router with 3 servers behind it (all 4 servers are running gentoo). Right now I simply have port 5901 to forward from the router to my vnc server so I can access it remotely. I've looked on the gentoo forums and online but haven't been able to find any solid information on how to tunnel 5901 through ssh through the router to the vnc server. Basically, client - router - vnc server port 5901, but over ssh. Any ideas? if you want to connect to a vnc session on the ssh server: ssh -L 5901:localhost:5901 [EMAIL PROTECTED] then: vncviewer localhost:1 if you want to connect to another box at the same network of the ssh server: ssh -L 5901:ip_of_another_box:5901 [EMAIL PROTECTED] then: vncviewer localhost:1 got the idea? hope it helps. []'s .m -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
On 10/10/06, Richard Fish [EMAIL PROTECTED] wrote:
On 10/10/06, Mark Shields [EMAIL PROTECTED] wrote: I have a gentoo box setup as a router with 3 servers behind it (all 4 servers are running gentoo).Right now I simply have port 5901 to forward
from the router to my vnc server so I can access it remotely.I've looked on the gentoo forums and online but haven't been able to find any solid information on how to tunnel 5901 through ssh through the router to the vnc
server.Basically, client - router - vnc server port 5901, but over ssh. Any ideas?You want ssh port forwardingyou can read the ssh man page, butbasically you want:# ssh -L localhost:5901:remotehost:5901
# vncviewer localhost:5901HTH,-Richard--gentoo-user@gentoo.org mailing listThank you Richard and Mauro, but this wasn't what I was looking for. The vnc and the ssh server are not the same. I am familiar with and have no problem using the particular setup you mention; however, it will not work for what I want to accomplish. I want to tunnel vnc traffic over ssh to my router, then forward that vnc traffic to the actual vnc server. I think the problem lies somewhere in my iptables rules. I did have: /sbin/iptables -t nat -A PREROUTING -p TCP --dport 5901 -i ${WAN} -j DNAT --to
192.168.0.235:5901 , which will forward it correctly if I connect through 5901, but tunneling via SSH doesn't work. Again, I want to tunnel the vnc connection to the router, which will then forward the port 5901 traffic to the vnc server.
Btw, I'm using Putty and Tightvnc on a WinXP machine (work PC) to connect to the vnc server.-- - Mark Shields
Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
On 10/10/06, Mark Shields [EMAIL PROTECTED] wrote: Thank you Richard and Mauro, but this wasn't what I was looking for. The vnc and the ssh server are not the same. ssh port forwarding is not limited to just the machine you are logging into. It will forward the connection to another host. So I think this is still what you want: # ssh -L localhost:5901:vnchost:5901 routerhost This will cause the ssh client to forward any connections to 5901 on localhost to be forwarded to the server on routerhost, which will then make the connection to vnchost port 5901. No need to muck with iptables rules at all here. -Richard -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
On 10/10/06, Richard Fish [EMAIL PROTECTED] wrote: On 10/10/06, Mark Shields [EMAIL PROTECTED] wrote: Thank you Richard and Mauro, but this wasn't what I was looking for.The vnc and the ssh server are not the same. ssh port forwarding is not limited to just the machine you are logginginto.It will forward the connection to another host.So I thinkthis is still what you want:# ssh -L localhost:5901:vnchost:5901 routerhost This will cause the ssh client to forward any connections to 5901 onlocalhost to be forwarded to the server on routerhost, which will thenmake the connection to vnchost port 5901.No need to muck with iptables rules at all here.-Richard--gentoo-user@gentoo.org mailing listOk, how can I do that with putty?-- - Mark Shields
Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
On 10/10/06, Mark Shields [EMAIL PROTECTED] wrote: On 10/10/06, Richard Fish [EMAIL PROTECTED] wrote: # ssh -L localhost:5901:vnchost:5901 routerhost Ok, how can I do that with putty? I don't use putty, but I believe pretty much the same way. You should be able to enter vnchost as the destination host name even while logging into your router. [1] Putty also supports many of the same command line options as ssh [2], so you could also try: # putty -L 5901:vnchost:5901 routerhost [1] http://the.earth.li/~sgtatham/putty/0.58/htmldoc/Chapter3.html#using-port-forwarding [2] http://the.earth.li/~sgtatham/putty/0.58/htmldoc/Chapter3.html#using-general-opts HTH, -Richard -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
[EMAIL PROTECTED] wrote: I don't use putty, but I believe pretty much the same way. You should be able to enter vnchost as the destination host name even while logging into your router. [1] You can do it via the command line, or you can create a saved session too. Under Connection-SSH-Tunnels you can enter ports to forward.. then, once you've set your key up and the machine c c, you can save the session--then every time you connect to that saved session, you have your VNC ports all ready. Best, --Glenn -- Glenn E. Sieb, MTS Bell Laboratories [EMAIL PROTECTED] +1 732 949 5453 -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
On Tuesday 10 October 2006 20:27, Sieb, Glenn E (Glenn) wrote: [EMAIL PROTECTED] wrote: I don't use putty, but I believe pretty much the same way. You should be able to enter vnchost as the destination host name even while logging into your router. [1] You can do it via the command line, or you can create a saved session too. Under Connection-SSH-Tunnels you can enter ports to forward.. then, once you've set your key up and the machine c c, you can save the session--then every time you connect to that saved session, you have your VNC ports all ready. You should be able to set up the whole string under the field called Destination and after you click add, edit it manually in the field above. However, I wonder if since you are traversing machines and you keep forwarding ports, what you want to use is PuTTY's agent forwarding? -- Regards, Mick pgpDD7pfjZjIK.pgp Description: PGP signature
Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
On 10/10/06, Mick [EMAIL PROTECTED] wrote: On Tuesday 10 October 2006 20:27, Sieb, Glenn E (Glenn) wrote: [EMAIL PROTECTED] wrote: I don't use putty, but I believe pretty much the same way. You should be able to enter vnchost as the destination host name even while logging into your router. [1] You can do it via the command line, or you can create a saved session too. Under Connection-SSH-Tunnels you can enter ports to forward.. then, once you've set your key up and the machine c c, you can save the session--then every time you connect to that saved session, you have your VNC ports all ready.You should be able to set up the whole string under the fieldcalled Destination and after you click add, edit it manually in the fieldabove.However, I wonder if since you are traversing machines and you keep forwarding ports, what you want to use is PuTTY's agent forwarding?--Regards,MickGuys, there's no need to keep replying. Thanks for the help, but I'm able to do it now (have been for the past 4 e-mails) -- - Mark Shields
Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH)
Check out zebedee - unlike ssh, its designed specifically for this type of thing (esp VNC) and as a consequence is more flexible. Also works with doze etc. Billk On Tue, 2006-10-10 at 12:46 -0400, Mark Shields wrote: I have a gentoo box setup as a router with 3 servers behind it (all 4 servers are running gentoo). Right now I simply have port 5901 to forward from the router to my vnc server so I can access it remotely. I've looked on the gentoo forums and online but haven't been able to find any solid information on how to tunnel 5901 through ssh through the router to the vnc server. Basically, client - router - vnc server port 5901, but over ssh. Any ideas? -- - Mark Shields -- gentoo-user@gentoo.org mailing list
