Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Here's a full walkthrough, enable tunnelling via PuTTY over SSH:
Download/install PuTTY on the local computer, and also the vncviewer.
Launch PuTTY. The opening window should have the Session option. Click on the SSH radio button. In the Host Name (or IP address) field, enter the IP address of the remote computer.
For the sake of argument, let's assume that the IP address is
123.456.789.123.
Choose Tunnels suboption in the SSH option.
In the Source port field, enter some arbitrary port number, e.g. 4901.
In the Destination field, enter the IP address of your remote computer and
the port, e.g. 123.456.789.123:5901.
The unix version of vnc uses the port 5900 + display number, so the
first display number is 5901 usually.
The format of the destination is the IP address, colon, port number, as
given in the example above. Make sure local is selected with the radio button at the bottom.
Now click on the Add button.
Go back and click on the Session option, and save this session so you
won't have to re-enter all the information.
Click on the Open button at the bottom of the window, and you'll be able
to connect to your home computer.
Enter the user name (case sensitive) and the password of your
user account (or passphrase for RSA/DSA keyusers)
If everything is fine, you'll be connected to your remote computer.
Now launch vncviewer on the local computer and enter localhost:4901 and
click the OK button.
If you're not prompted for the password for vnc, then either you're not
running vncserver on your remote computer or some information was
incorrectly entered in PuTTY setting.
Good luck.
if I want to remotely log into the server from work, what port do I need to open up on my router?
If you're tunneling VNC through SSH, you need to open port 22. Actually, if you are using a router that isn't your linux box, you need to forward port 22 from your router to your linux box.
That said, your place of work may have its own firewall that blocks port 22 and that may be a tougher problem to solve. Most IT people I know aren't going to be willing to open a hole in the firewall unless there is a really good reason. And even then, they usually aren't too happy about it.
A couple of questions:
Did ssh connect? (like I said in my first post, your work firewall may be blocking port 22). If ssh isn't functioning, you aren't going to be able to tunnel through it.
Is vncserver running on the other end? If so, is it running on terminal 1 (you should be able to determine this with a netstat -al in the ssh terminal to see what port Xvnc is listening to).
OK, if you can make an SSH connection with Putty, 90% of the battle is won.
When I use Putty, I do everything in the Schreibg post EXCEPT
Quote:
In the Source port field, enter some arbitrary port number, e.g. 4901
Here I actually use 5901 rather than an arbitrary port number. Why? You'll see in a minute....
Now in VNC, when I connect, I connect to localhost:1. Here is where the 5901 bit comes in. The number after the : in this box is the display number, not the port number. In essence, since VNC works on the 5900 series of ports, display 0 is at 5900, display 1 is at 5901, display 2 is at 5902..... And I have no idea where display 4901 would be. I know I'm cutting a fine line here between display and port, but VNC is obviously doing some math with the value after the : and I think that is why you are having trouble.
So, as long as SSH is connected, the tunnel is established and vncserver is running on display 1 (Xvnc should be listening to port 5901 and you can check this with the netstat -al command), there should be no problem connecting. Port 22 should be the ony one you have to forward. And yes, if you have to open port 5901 on your router, you aren't using the ssh tunnel.
I think that you are very, very close. It looks like SSH is set up to tunnel properly but I think you've got the VNC client connection wrong. Here is my config that I use on a daily basis. The Slackware box that acts as my ssh and vnc server has an IP address of 192.168.1.10
Putty
Session page:
Host Name box: 192.168.1.10
SSH radio button checked (port 22 in the Port box)
Connections->SSH->Tunnels
Source Port Box has 5901
Destination box has 192.168.1.10:5901
Click on the Add button so that L5901 192.168.1.10:5901 appears in the Forwarded Ports box
Go back to Sessions, save the configuration, then Open.
Once logged into the Slackware box, start vncserver if it isn't already.
Start Windows VNC client. In the VNC server box I put
localhost:1
Note that I do NOT put in localhost:5901. I think that is where you've gone wrong.
are you able to connect from an outside your router? I have no problem connecting in the lan but when I change the ips eg. 192.168.0.10 to the ip of my wan, thats where I can only connect the ssh but not the vnc.
I think I know what is going wrong.....I made the same mistake when I first started doing this and it drove me nuts for about a week.
When you want to connect from outside your lan, you need to change the IP on the Sessions page to your WAN ip but you need to leave the tunnel IP exactly the way it is for your network.
So lets say your router has a WAN ip of 1.2.3.4 and your linux box has an ip of 192.168.1.10
In the Host Name box on the Session page you would have 1.2.3.4 and you would of course have the SSH button selected.
On the Tunnels page, the source port box should have 5901 and the destination box should have 192.168.1.10:5901. So after you click the add button, you still have L5901 192.168.1.10:5901, just as if you were connecting from behind your router.
Then the VNC connection should still be to localhost:1. That bit doesn't change at all.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.