LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 01-01-2005, 08:40 PM   #1
pH*
Member
 
Registered: Nov 2003
Distribution: Slackware 10
Posts: 40

Rep: Reputation: 15
Remote admin of parents linux w/ krfb


I'm *pretty* sure I understand how to do this, but I'd like to ask just in case I'm misunderstanding something.

Switched my dad over to linux at christmas time after I found out that he had right around 100 virus & mal-ware programs on his windows system making it generally unusable (10 minute boot-up times??). Put him behind a linksys router, closed all ports except 22, ssh is set up to only accept key exchange (no password authentication), and am running an ip-tables firewall script on his box dropping everything except established/related, 127.0.0.1, and port 22 for ssh.

Obviously, I'd like his box to stay relatively secure, and I've taken up the task of admin. Occassionally, I think it would be helpful to be able to *show* him exactly what I'm talking about, rather than try to explain in an email or over the phone. krfb looks like it's exactly what I need, and I'd like to tunnel it through ssh to make sure it's secure. The pertinent information on that is here , near the bottom under "Desktop Sharing through SSH Tunnel".

Quote:
Desktop Sharing through SSH Tunnel

You need to use local port forwarding through an SSH tunnel to secure connect through a firewall to a host running KDE desktop sharing, e.g. from home to office. Assuming that krfb is running on pcXXXX.psi.ch, use the following commands to view the desktop on pcXXXX.psi.ch with a client outside of PSI:

ssh -l user_name llc.psi.ch -L 5900:pcXXXX.psi.ch:5900
vncviewer -geometry 640x400 localhost:5900

For further detail about using an SSH tunnel see Accessing VNC through SSH.
The bit I'm not exactly sure about is whether I'll need to open port 5900 on our routers and firewalls? I'd *like* to think that tunneling it through ssh would allow me to just use the currently forwarded port 22 on both our boxes, which then passes the data off to to port 5900... obviously I could stand to learn a bit more on the subject.

So, is this how it works and will I be able to do this using only port 22 open? Or am I going to have to go through the hassle of telling him how to forward port 5900 at his router?
 
Old 01-02-2005, 09:05 AM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,791
Blog Entries: 1

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Quote:
So, is this how it works and will I be able to do this using only port 22 open?
Yup, you only need port 22 open to do this. In essence, ssh takes over port 5900 and funnels traffic through port 22. In fact, if you have to open 5900 on your router and firewall to get this to work, you aren't tunneling through ssh.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Remote Admin IllEatUrHeart Mandriva 1 09-06-2004 06:52 PM
remote admin program on linux? taoweijia Linux - Software 1 09-05-2003 09:59 AM
remote admin epeus General 15 02-26-2003 12:33 AM
Remote Admin... kobe Linux - General 1 08-09-2002 09:52 AM
Remote admin. How? Q25 Linux - General 5 05-17-2001 04:02 PM


All times are GMT -5. The time now is 05:02 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration