On Mon, 29 Jan 2001 00:15:13 -0500 (EST), Jerry Coker <[EMAIL PROTECTED]> wrote:
>
> machine windows1:
> Runs vncviewer connecting to linux1, actually sees display of windows2
> ->
> machine linux1:
> Runs SSHD
> ->
> machine windows2:
> Runs WinVNC server as display 0
>
> Can the above be done? If so, does it retain both a 'secure local' and
> 'secure remote' network? My example above eliminates the linux machine
> running ssh and forwarding a port to another linux machine (given in
> the example at the url above). So I suspect that *my* example can't be
> done, thus I'd be forced to build another Linux box.
It can be done even when another machine is in the middle (running any
kind of proxy, clear or encrypted like SSH). You've got one answer from
Erdely, Michael <[EMAIL PROTECTED]> with the command line example (BTW,
the AllowLoopback is not needed because the connection is from the Linux
to the Windoz [10.10.10.2 ==> 10.10.10.1 ] which is not a loopback).
I work with with connection like this every day. Here is my net
configuration (the machine names are on the local net of each and are
not recognized by the remote net).
H o m e W o r k
ekc-1 <---- Dial-Up ---> linux
| |
ekc-5 --+ bsw1 ----- win1
The dial-up is thru an ISP and I have firewall at work that permit only
port 22 to the linux (no other machine can be reached from the outside).
ekc-1, ekc-5 and win1 are all W95, linux and bsw1 are Linux machines.
I have 2 VNC servers running on bsw1, 1 on linux and 1 on win1.
here are the relevant line (with comments) of my ~/.ssh/config :
Host rlnx # name for using on the ssh command
HostName linux.sw.co.il # real name of host
Compression yes # use compression
GatewayPorts yes # allow connecting from local net to
# forwarded ports (i.e. from ekc-5)
LocalForward 5910 bsw1:5910 # use ekc-1:10 to access bsw1:10
LocalForward 5911 bsw1:5911 # use ekc-1:11 to access bsw1:11
LocalForward 5944 linux:5944 # use ekc-1:44 to access linux:44
LocalForward 5909 win1:5900 # use ekc-1:9 to access win1:0
I run the SSH on ekc-1 with the command: ssh rlnx
(actually I run it with rxvt under my run-nw program to get an xterm
like window instead of a console. For the run-nw source see
http://cygwin.com/ml/cygwin/2001-01/msg00849.html ).
Some notes on using SSH and VNC on W95.
1. The W95/W98 has very limited socket support, I'm not sure if it
just listening sockets or also connecting sockets, but if you
try to (local ?) forward too much sockets (about 10-15) you'll
run into trouble.
2. There is a very big difference in the speed of Linux VNC and the
WinVNC (the Linux VNC is much more speedier). I can work with
Emacs on the the Linux VNC almost as if I'm connected directly
but working on the Windoz machine is very annoying.
As for the security on the local nets on either side (ekc-5 --- ekc-1
or linux --- win1), these connection are NOT secure at all, they are
done in clear text. If a local net security is needed, you must
establish a local SSH (e.g. from win1 to linux with RemoteForward).
Ehud.
--
@@@@@@ @@@ @@@@@@ @ @ Ehud Karni Simon & Wiesel Insurance agency
@ @ @ @@ @ Tel: +972-3-6212-757 Fax: +972-3-6292-544
@ @ @ @ @ @@ (USA) Fax and voice mail: 1-815-5509341
@ @ @ @ @ @ Better Safe Than Sorry
http://www.simonwiesel.co.il mailto:[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
