Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: VNC over SSH on a reversible tunnel
Top Forums UNIX for Advanced & Expert Users VNC over SSH on a reversible tunnel Post 302590505 by chebarbudo on Monday 16th of January 2012 01:27:09 PM
Old 01-16-2012
Question VNC over SSH on a reversible tunnel
Hi there,

I have a situation in which one of my client have a few computers (MS Windows) behind a non routable box. They also have a tiny server (Debian).

Because the box is non routable, I cannot create any port forwarding :
  • neither on port 22 to the Debian server
  • nor on port 590X to each individual MS Windows client with TightVNC server.
I solved the problem of administrating the server remotely by creating a reversible tunnel from their Debian server to mine.
Note: The SSH tunnel is not continuously open. There's a cron job that checks every 5 minutes if I need to connect (because I create a file with a set name) and therefore create the reversible tunnel.

My second issue is the following. I read (and tried to understand) that one can create a TightVNC connection over an SSH tunnel. And I'm thinking :
Would it be possible to create a reversible tunnel from my customer's Debian server to my Debian server and use this tunnel to do VNC from my MS Windows workstation to my customer's MS Windows workstation ?

Image

Sounds weird hey?
Well let's not be afraid to ask...
Is there anything I can do close to this fantasy?

Thanks for your ideas.
Santiago
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

vnc over an ssh tunnel Linux to Linux to Windows

I *think* what I want to do is not only possible but easy, but as a "dummy" :) I can't figure it out. Here's what I have: Linux (Ubuntu 10.04) laptop that is not in my house, but has an Internet connection. Linux (Ubuntu 9.04) computer in my house that has unfettered access to the... (6 Replies)
Discussion started by: WesleyC
6 Replies

2. UNIX for Advanced & Expert Users

ssh decipher a tunnel

Two question here, but it's only one on the protocol point of view. If two persons use the same key to connect to a SSH server is there a risk they can decipher the other tunnel. In other terms is that less safe than if they have two separate keys. Same question if two persons use the same user... (2 Replies)
Discussion started by: moi
2 Replies

3. UNIX for Advanced & Expert Users

Stopping SSH tunnel

I have initiated a tunnel for vncserver. now i want to stop it. is there any way except sleep option? (2 Replies)
Discussion started by: majid.merkava
2 Replies

4. Cybersecurity

RDP over SSH Tunnel

Hi all, I'm trying have an alternative way of connecting into a Corporate network. Mostly in case the VPN down as I cannot also change the security policy. I want to expose windows RDP over ssh tunnel. I have 3 hosts in my scenario 1- Host a : Windows 2k8 has no internet access just only an... (3 Replies)
Discussion started by: h@foorsa.biz
3 Replies

5. UNIX for Dummies Questions & Answers

SSH tunnel working for ssh but not for sshfs

I'm trying to setup a link between my home pc (work-machine) and a server at work (tar-machine) that is behind a gateway (hop-machine) and not directly accessible. my actions: work-machine$ ssh -L 1234:tar-machine:22 hop-machine work-machine$ ssh -p 1234 user@127.0.0.1 - shh access on... (1 Reply)
Discussion started by: Vathau
1 Replies

6. IP Networking

Help with SSH tunnel?

I have a Java web app on machine (X) that needs to talk to an LDAP server (Y) on :636, but the LDAP server is only accessible on a particular network. I can login to a machine (Z) on that network from X, and this machine can talk to the LDAP server on :636. How can I tunnel so that X can... (2 Replies)
Discussion started by: spacegoose
2 Replies

7. UNIX for Advanced & Expert Users

Ssh tunnel question

Hi all I have a suite of scripts that ssh to remote servers within a cluster and run some tests. This is done from a central server so that all of the test results can be captured in one location. Problem is I now have 509 tests and the number is growing. The scripts work by establishing a... (2 Replies)
Discussion started by: steadyonabix
2 Replies

8. Proxy Server

WebSocket over SSH tunnel - is it possible?

Hello, I have a video streaming application that utilizes a WebSocket for the server <-> client communication. My goal is to make the video streaming service available over the internet in the cases where neither the server nor client have public IPs. One way to do this is over a VPN... (8 Replies)
Discussion started by: Vladislav
8 Replies

9. Solaris

Tunnel X over ssh for 11.3

Hello Solaris experts: Trying to bring the 11.3 gdm screen over ssh to a Linux Box: I did the following: 1. made chanes to /etc/ssh/sshd_config & bounced ssh daemon: # X11 tunneling options X11Forwarding yes X11DisplayOffset 10 X11UseLocalhost yes 2. From the remote Linux box: ... (6 Replies)
Discussion started by: delphys
6 Replies

10. UNIX for Advanced & Expert Users

Tunnel using SSH

I am not clear with the part of concept of Tunneling using ssh. ssh -f -N -L 1029 192.168.1.47:25 james@192.168.1.47 I found out that above code works for me . but didn't quite well understood how ti works and need to ask you guys some questions. since we are using tunnel through ssh ... (2 Replies)
Discussion started by: lobsang
2 Replies

LEARN ABOUT OPENSOLARIS

svnserve

svnserve(8)						      System Manager's Manual						       svnserve(8)

NAME

       svnserve - Server for the 'svn' repository access method

SYNOPSIS

       svnserve [options]

DESCRIPTION

       svnserve  allows  access  to Subversion repositories using the svn network protocol.  It can both run as a standalone server process, or it
       can run out of inetd.  You must choose a mode of operation when you start svnserve.  The following options are recognized:

       -d, --daemon
	    Causes svnserve to run in daemon mode.  svnserve backgrounds itself and accepts and serves TCP/IP connections on the svn  port  (3690,
	    by default).

       --listen-port=port
	    Causes svnserve to listen on port when run in daemon mode.

       --listen-host=host
	    Causes svnserve to listen on the interface specified by host, which may be either a hostname or an IP address.

       --foreground
	    When used together with -d, this option causes svnserve to stay in the foreground.	This option is mainly useful for debugging.

       -i, --inetd
	    Causes svnserve to use the stdin/stdout file descriptors, as is appropriate for a daemon running out of inetd.

       -h, --help
	    Displays a usage summary and exits.

       -r root, --root=root
	    Sets  the  virtual root for repositories served by svnserve.  The pathname in URLs provided by the client will be interpreted relative
	    to this root, and will not be allowed to escape this root.

       -R --read-only
	    Force all write operations through this svnserve instance to be forbidden, overriding all other access policy configuration.   Do  not
	    use  this  option  to set general repository access policy - that is what the conf/svnserve.conf repository configuration file is for.
	    This option should be used only to restrict access via a certain method of invoking svnserve - for example, to allow write access  via
	    SSH, but not via a svnserve daemon, or to create a restricted SSH key which is only capable of read access.

       -t, --tunnel
	    Causes  svnserve to run in tunnel mode, which is just like the inetd mode of operation (serve one connection over stdin/stdout) except
	    that the connection is considered to be pre-authenticated with the username of the current uid.  This flag is selected by  the  client
	    when running over a tunnel agent.

       --tunnel-user=username
	    When  combined with --tunnel, overrides the pre-authenticated username with the supplied username.	This is useful in combination with
	    the ssh authorized_key file's "command" directive to allow a single system account to be used by multiple committers,  each  having  a
	    distinct ssh identity.

       -T, --threads
	    When  running  in daemon mode, causes svnserve to spawn a thread instead of a process for each connection.	The svnserve process still
	    backgrounds itself at startup time.

       -X, --listen-once
	    Causes svnserve to accept one connection on the svn port, serve it, and exit.  This option is mainly useful for debugging.

       Once the client has selected a repository by transmitting its URL, svnserve reads a file named conf/svnserve.conf in the repository  direc-
       tory  to  determine repository-specific settings such as what authentication database to use and what authorization policies to apply.  See
       the svnserve.conf(5) man page for details of that file format.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +--------------------+-----------------+
       |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
       +--------------------+-----------------+
       |Availability	    | SUNWsvn	      |
       +--------------------+-----------------+
       |Interface Stability | Committed       |
       +--------------------+-----------------+
NOTES

       Source for Subversion is available on http://opensolaris.org.

																       svnserve(8)
All times are GMT -4. The time now is 02:52 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy