On Mon, 4 Feb 2002, Alex Angelopoulos wrote: > It's a Linux system, and the keys are different from Windows VNC it > turns out. > > Normally it appears that he should be using the "vncserver" script to > start it up. You should change the vncserver launch to: > > vncserver -localhost > > to require connections come from localhost only.
I have the same setup: vncservers and sshd on linux, vncviewers on windows. I tried following the ssh instructions at http://www.uk.research.att.com/vnc/sshvnc.html and also invoked vncserver with -localhost, but am unable to connect over ssh or clear. If I don't specify -localhost, I'm able to connect over both ssh and clear. I only want to allow over ssh connections. On the windows client side, I'm using the new putty 0.52 ssh that supports tunneling and believe I have it correctly configured. Suppose the linux vncserver is on display :1. A cleartext connection would open to linuxbox:5901. If I configure the ssh client to forward its local port 5902 to linuxbox:5901, then on the client I'd need to open vncviewer to windowsbox:2 (or localhost:2) in order to connect over the tunnel. However, if vncserver on linuxbox is -localhost, why would it accept connections over the tunnel at all, since the tunnel originated outside linuxbox? Also, does the client need a bidirectional forward (ie remote 5901 to local 5902) or are tunnels automatically bidirectional? I tried configuring this in my windows ssh client but it still didn't let me open to linuxbox:5901. If, however, I don't use -localhost at the server, the client is able to connect in the clear (linuxbox:5901) and over tunnel (windowsbox:5902). The former is undesirable. I want to require vnc connections over ssh. --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
