Difference between revisions of "Tunnel VNC through SSH"

From CDOT Wiki
Jump to: navigation, search
(Setup the tunnel options: Added more information about port numbers and recommended localhost as the destination IP (required if a firewall is active on remote system).)
 
Line 15: Line 15:
  
 
==Setup the tunnel options==  
 
==Setup the tunnel options==  
The default VNC port on Mac is 5900. On linux is often 5900 or 5901. The source port is a free and open port on your local machine. (You may need to open that port on your firewall). The 'local' radio button should be selected. Click add, go back to sessions and save the session for next time. Then login to the remote SSH server as you normal would with your userid and password:
+
VNC uses a 'display number' which, when added to 5900, yields the port number used by the VNC server.
  
[[Image:Putty3.JPG]]
+
The default VNC display number on single-users systems (such as Mac OSX, Windows, and Linux when mirror the local X Window session remotely) is 0, so the VNC server port on is 5900. On Linux systems where additional displays are started, the display number will start at 1 and increase with each server started, yielding port numbers of 5901, 5902, 5903, and so forth. The 'destination' port configured in the screen below should be 127.0.0.1:X where X is the VNC server port number.
  
 +
The source port is any free and open port on your local machine. The 'local' radio button should be selected. Click add, go back to sessions and save the session for next time. Then login to the remote SSH server as you normal would with your userid and password:
  
 +
[[Image:Putty3.JPG]]
  
 
==Launch vncviewer==  
 
==Launch vncviewer==  

Latest revision as of 18:43, 21 February 2009

How to connect to a VNC session through a tunnel using putty

Create a session profile

Use the IP address of the remote computer you are connecting to. The ssh port is 22 by default.

Putty1.JPG


Enable compression to make the session faster

Putty2.JPG


Setup the tunnel options

VNC uses a 'display number' which, when added to 5900, yields the port number used by the VNC server.

The default VNC display number on single-users systems (such as Mac OSX, Windows, and Linux when mirror the local X Window session remotely) is 0, so the VNC server port on is 5900. On Linux systems where additional displays are started, the display number will start at 1 and increase with each server started, yielding port numbers of 5901, 5902, 5903, and so forth. The 'destination' port configured in the screen below should be 127.0.0.1:X where X is the VNC server port number.

The source port is any free and open port on your local machine. The 'local' radio button should be selected. Click add, go back to sessions and save the session for next time. Then login to the remote SSH server as you normal would with your userid and password:

Putty3.JPG

Launch vncviewer

Using a vnc client such as TightVNC, select locahost:50005 (or whatever local port you use):

Vnc1.JPG


You will need the VNC server password, naturally. You'll need to ask someone who knows what it is!

Getting the VNC Viewer to Set Up the Tunnel

Many of the vncviewer programs know how to set up an ssh tunnel automatically. You can use the -via option to enable this from the command line:

vncviewer -via username@142.204.133.122 localhost:0

This instructs vncviewer to set up an ssh tunnel to the account username on the specified host, and then to connect the VNC server for display 0 on localhost (from the point of view of the far end of the connection, i.e., 142.204.133.122 in this case).

In order for this to work successfully, ssh must be installed on the same system as vncviewer, and it should be called "ssh" (as exists in OSX and Linux systems, and in mozilla-build on Windows). If you're using putty, copy or rename it to ssh.exe, or use the VNC_VIA_CMD environment variable to specify the ssh command name (see the vncviewer documentation for details).