Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 03-26-2006, 12:16 PM   #1
Le Hara
LQ Newbie
Registered: Jan 2005
Posts: 4

Rep: Reputation: 0

Hi there,

I try to establish the most simple ssh tunnel:

I have a box running Fedora Core with a SSH server on it. The box is firewalled and permits access only on port 22. I want the users to access FTP service or VNC or whatever using ssh tunneling (I can`t open any more than port reasons...). I use WINXP with PUTTY to access the server.
The problem is that no traffic is forwarded in the tunnel. Whatever port I try to forward....putty ignores it. I don`t understand why?
This is configuration for sshd:
Port 22
Protocol 2
ServerKeyBits 2048
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 60
PermitRootLogin no
RSAAuthentication no
PubkeyAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
PAMAuthenticationViaKbdInt no
Compression yes
KeepAlive yes
ClientAliveInterval 30

and I use dsa key.

On putty:

I use Source Port: 5901; Destination: localhost:5901 - ex for VNC. The check boxes : local and Auto are enabled; and X diplsay location : localhost:0.

I connect with a user...everything is ok, then try to connect using VNC (or FTP) and nothing...traffic does not go in the tunnel; it access the server as normal TCP flow. I can see that because I spy with ethreal.
Does anyone have any idea why is not working? Do I have to enable something else in WIN or modify SSHD_conf?

Old 03-26-2006, 01:06 PM   #2
Senior Member
Registered: Dec 2005
Distribution: Slackware -current, 14.1
Posts: 1,066

Rep: Reputation: 184Reputation: 184
I've just tried to duplicate your situation, and there's good news and bad news. Sometimes it works, and sometimes it doesn't. I, being a mere mortal in a land of many gurus, have no explanation, but here's a few thoughts.

If you're running the vncviewer binary on the windows machine, there's no need to set the x11 display in putty, because you're not forwarding the display, per se - the vncviewer is looking after that aspect of thing. This may present a conflict.

Secondly, even though I can't explain why, I had more success when I checked the first two boxes in the tunnel dialog - local ports accept connections from other hosts, and remote ports do the same (i can't see the first making a difference, but the second might...) I might add that a couple of times I succeeded even when these boxes weren't checked.

Thirdly, in your vncviewer dialog, ensure that the server address is localhost:1, and not localhost:5901; also, though I believe more recent vnc distros allow simply " :1 " and the viewer assumes localhost, my windows version doesn't.

As stated, sometimes identical settings provided different results, so I'm lost as to what the reasoning is. I'd reboot both machines to start fresh, but I've got great music playing.....

hope this helps some...

Old 03-26-2006, 02:22 PM   #3
Le Hara
LQ Newbie
Registered: Jan 2005
Posts: 4

Original Poster
Rep: Reputation: 0
stiil not working

Thank You but it didn`t help a lot. But as I metioned it`s not only for VNC....ftp behaves the same way. I forward the traffic on port 21 to localhost:21 and traffic is not using the tunnel it just passes as a regular ftp connection.

Any iddeas....cuz Linux starts to make me sick
Old 03-26-2006, 11:34 PM   #4
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,124

Rep: Reputation: 164Reputation: 164
What command line are you using from the Windows box? If you are using port 5901 in your forwarding settings for putty, you should type vncviewer at the command prompt.

Ethereal should not show any packets going to the Linux box for VNC because you don't use its IP address (or hostname) in the command. Don't let it make you sick - it's not a Linux problem, it's just configuration


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
tunnel vnc through openssh disorderly Linux - Security 9 08-22-2005 03:56 PM
SSH tunnel using PuTTy - Samba jackster Linux - Security 4 02-12-2005 05:07 PM
VNC with Putty Tunnel port ziggie216 Linux - Software 10 12-02-2003 09:32 PM
putty and openssh issue Robin01 Linux - Newbie 6 12-02-2003 07:32 PM
VNC with Putty Tunnel LinuxHaven Linux - Security 15 08-30-2003 02:16 AM

All times are GMT -5. The time now is 12:19 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration