Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: VNC over SSH on a reversible tunnel
Top Forums UNIX for Advanced & Expert Users VNC over SSH on a reversible tunnel Post 302590505 by chebarbudo on Monday 16th of January 2012 01:27:09 PM
Old 01-16-2012
Question VNC over SSH on a reversible tunnel
Hi there,

I have a situation in which one of my client have a few computers (MS Windows) behind a non routable box. They also have a tiny server (Debian).

Because the box is non routable, I cannot create any port forwarding :
  • neither on port 22 to the Debian server
  • nor on port 590X to each individual MS Windows client with TightVNC server.
I solved the problem of administrating the server remotely by creating a reversible tunnel from their Debian server to mine.
Note: The SSH tunnel is not continuously open. There's a cron job that checks every 5 minutes if I need to connect (because I create a file with a set name) and therefore create the reversible tunnel.

My second issue is the following. I read (and tried to understand) that one can create a TightVNC connection over an SSH tunnel. And I'm thinking :
Would it be possible to create a reversible tunnel from my customer's Debian server to my Debian server and use this tunnel to do VNC from my MS Windows workstation to my customer's MS Windows workstation ?

Image

Sounds weird hey?
Well let's not be afraid to ask...
Is there anything I can do close to this fantasy?

Thanks for your ideas.
Santiago
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

vnc over an ssh tunnel Linux to Linux to Windows

I *think* what I want to do is not only possible but easy, but as a "dummy" :) I can't figure it out. Here's what I have: Linux (Ubuntu 10.04) laptop that is not in my house, but has an Internet connection. Linux (Ubuntu 9.04) computer in my house that has unfettered access to the... (6 Replies)
Discussion started by: WesleyC
6 Replies

2. UNIX for Advanced & Expert Users

ssh decipher a tunnel

Two question here, but it's only one on the protocol point of view. If two persons use the same key to connect to a SSH server is there a risk they can decipher the other tunnel. In other terms is that less safe than if they have two separate keys. Same question if two persons use the same user... (2 Replies)
Discussion started by: moi
2 Replies

3. UNIX for Advanced & Expert Users

Stopping SSH tunnel

I have initiated a tunnel for vncserver. now i want to stop it. is there any way except sleep option? (2 Replies)
Discussion started by: majid.merkava
2 Replies

4. Cybersecurity

RDP over SSH Tunnel

Hi all, I'm trying have an alternative way of connecting into a Corporate network. Mostly in case the VPN down as I cannot also change the security policy. I want to expose windows RDP over ssh tunnel. I have 3 hosts in my scenario 1- Host a : Windows 2k8 has no internet access just only an... (3 Replies)
Discussion started by: h@foorsa.biz
3 Replies

5. UNIX for Dummies Questions & Answers

SSH tunnel working for ssh but not for sshfs

I'm trying to setup a link between my home pc (work-machine) and a server at work (tar-machine) that is behind a gateway (hop-machine) and not directly accessible. my actions: work-machine$ ssh -L 1234:tar-machine:22 hop-machine work-machine$ ssh -p 1234 user@127.0.0.1 - shh access on... (1 Reply)
Discussion started by: Vathau
1 Replies

6. IP Networking

Help with SSH tunnel?

I have a Java web app on machine (X) that needs to talk to an LDAP server (Y) on :636, but the LDAP server is only accessible on a particular network. I can login to a machine (Z) on that network from X, and this machine can talk to the LDAP server on :636. How can I tunnel so that X can... (2 Replies)
Discussion started by: spacegoose
2 Replies

7. UNIX for Advanced & Expert Users

Ssh tunnel question

Hi all I have a suite of scripts that ssh to remote servers within a cluster and run some tests. This is done from a central server so that all of the test results can be captured in one location. Problem is I now have 509 tests and the number is growing. The scripts work by establishing a... (2 Replies)
Discussion started by: steadyonabix
2 Replies

8. Proxy Server

WebSocket over SSH tunnel - is it possible?

Hello, I have a video streaming application that utilizes a WebSocket for the server <-> client communication. My goal is to make the video streaming service available over the internet in the cases where neither the server nor client have public IPs. One way to do this is over a VPN... (8 Replies)
Discussion started by: Vladislav
8 Replies

9. Solaris

Tunnel X over ssh for 11.3

Hello Solaris experts: Trying to bring the 11.3 gdm screen over ssh to a Linux Box: I did the following: 1. made chanes to /etc/ssh/sshd_config & bounced ssh daemon: # X11 tunneling options X11Forwarding yes X11DisplayOffset 10 X11UseLocalhost yes 2. From the remote Linux box: ... (6 Replies)
Discussion started by: delphys
6 Replies

10. UNIX for Advanced & Expert Users

Tunnel using SSH

I am not clear with the part of concept of Tunneling using ssh. ssh -f -N -L 1029 192.168.1.47:25 james@192.168.1.47 I found out that above code works for me . but didn't quite well understood how ti works and need to ask you guys some questions. since we are using tunnel through ssh ... (2 Replies)
Discussion started by: lobsang
2 Replies

LEARN ABOUT DEBIAN

iodine-client-start

IODINE-CLIENT-START(8)					  System Administration Utilities				    IODINE-CLIENT-START(8)

NAME

       iodine-client-start - start an iodine IPv4-over-DNS tunnel

SYNOPSIS

       iodine-client-start [option]

DESCRIPTION

       'iodine-client-start' starts an iodine IP-over-DNS tunnel.

       -h, --help
	      Print help and exit

       -v, --version
	      Print version info and exit

       Invoking  the  program  without	options  attempts to set up and configure an iodine IP-over-DNS tunnel using the configuration in the file
       /etc/default/iodine-client or by querying the user. It tries to figure out the right way to set things up by observing the network, and	if
       all else fails by guessing.

       QUICK CONFIGURATION

       Put two lines in the file /etc/default/iodine-client

	      subdomain=your.tunnel.sub.domain

	      passwd=password_for_that_tunnel

       or invoke the script with those environment variables set:

	      env subdomain=xxx passwd=xxx iodine-client-start

       If these are not set, the script will query the user for them.

       DETAILS

       The configuration file consists of lines which are either comments starting with '#', or settings of the form VAR="val". Valid VARs are:

       subdomain

	      Sample value: your.tunnel.sub.domain (no default, must be set)

       passwd

	      Sample value: password_for_that_tunnel (no default, must be set)

       testhost

	      Hostname to ping when testing if network is working (default: slashdot.org)

       bounce_localnet

	      Take the local network down and then up again before starting tunnel (default: false)

       test_ping_localnet

	      Test if the local network is working by pinging the gateway (default: true)

       test_ping_tunnel

	      Test if the iodine tunnel is working after it has been set up by pinging the host at the other end (default: true)

       test_ping_final

	      Test if the tunnel is working after everything is ostensibly set up by trying to ping an external host (default: true)

       default_router

	      IP address of router on the local network---should be found automatically, set this if that fails and the program guesses wrong.

       interface

	      Interface  to  use  (e.g., eth1, eth0, etc) for connection to DNS server used for the iodine tunnel---should be found automatically,
	      set this if that fails and the program guesses wrong.

       mtu

	      Set if tunnel MTU needs to be manually changed (lowered). Should not be necessary anymore, as recent versions of iodine negotiate an
	      appropriate  MTU	during	tunnel setup. But if that negotiation does not happen, or if you are using an older version of iodine, the
	      default tunnel MTU is 1024, and if the local DNS server restricts to 512 byte packets you might need to use an MTU of 220.

       skip_raw_udp_mode

	      Set "-r" option in iodine command line. With this option, iodine does not try to establish a direct UDP socket to the iodine  server
	      on port 53. (default: true).

       continue_on_error

	      Set  if  the script should continue even if a command fails.  Use to test script when running as non-root. Defaults to false if run-
	      ning as root, true otherwise.

iodine-client-start 1.0.4					     June 2014						    IODINE-CLIENT-START(8)
All times are GMT -4. The time now is 07:54 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy