LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 11-25-2003, 08:28 PM   #1
ziggie216
Member
 
Registered: Oct 2003
Posts: 176

Rep: Reputation: 30
VNC with Putty Tunnel port


I found this post by Schreibg

Quote:
Here's a full walkthrough, enable tunnelling via PuTTY over SSH:

Download/install PuTTY on the local computer, and also the vncviewer.
Launch PuTTY. The opening window should have the Session option. Click on the SSH radio button. In the Host Name (or IP address) field, enter the IP address of the remote computer.
For the sake of argument, let's assume that the IP address is
123.456.789.123.
Choose Tunnels suboption in the SSH option.
In the Source port field, enter some arbitrary port number, e.g. 4901.
In the Destination field, enter the IP address of your remote computer and
the port, e.g. 123.456.789.123:5901.
The unix version of vnc uses the port 5900 + display number, so the
first display number is 5901 usually.
The format of the destination is the IP address, colon, port number, as
given in the example above. Make sure local is selected with the radio button at the bottom.
Now click on the Add button.
Go back and click on the Session option, and save this session so you
won't have to re-enter all the information.
Click on the Open button at the bottom of the window, and you'll be able
to connect to your home computer.
Enter the user name (case sensitive) and the password of your
user account (or passphrase for RSA/DSA keyusers)
If everything is fine, you'll be connected to your remote computer.
Now launch vncviewer on the local computer and enter localhost:4901 and
click the OK button.
If you're not prompted for the password for vnc, then either you're not
running vncserver on your remote computer or some information was
incorrectly entered in PuTTY setting.
Good luck.
if I want to remotely log into the server from work, what port do I need to open up on my router?
 
Old 11-25-2003, 09:39 PM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 418Reputation: 418Reputation: 418Reputation: 418Reputation: 418
If you're tunneling VNC through SSH, you need to open port 22. Actually, if you are using a router that isn't your linux box, you need to forward port 22 from your router to your linux box.

That said, your place of work may have its own firewall that blocks port 22 and that may be a tougher problem to solve. Most IT people I know aren't going to be willing to open a hole in the firewall unless there is a really good reason. And even then, they usually aren't too happy about it.
 
Old 11-26-2003, 03:15 AM   #3
ziggie216
Member
 
Registered: Oct 2003
Posts: 176

Original Poster
Rep: Reputation: 30
hmm.. strange when I replace his example ip 123.456.789.123 with my enternal ip, i am unable to connect when I connect the vnc to my localhost:4901

any other setting I am suppose to change?
 
Old 11-26-2003, 06:53 AM   #4
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 418Reputation: 418Reputation: 418Reputation: 418Reputation: 418
A couple of questions:
Did ssh connect? (like I said in my first post, your work firewall may be blocking port 22). If ssh isn't functioning, you aren't going to be able to tunnel through it.

Is vncserver running on the other end? If so, is it running on terminal 1 (you should be able to determine this with a netstat -al in the ssh terminal to see what port Xvnc is listening to).
 
Old 11-26-2003, 12:56 PM   #5
ziggie216
Member
 
Registered: Oct 2003
Posts: 176

Original Poster
Rep: Reputation: 30
I have no problem connecting w/ ssh.

I can connect using vnc behind the router, but when I use the external ip I can only connect only with the putty not the vnc viewer

The only way I can connect though the external ip is to open up port 5901 on my router, but that mean i'm not using ssh tunnel right?

Last edited by ziggie216; 11-26-2003 at 01:07 PM.
 
Old 11-26-2003, 02:22 PM   #6
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 418Reputation: 418Reputation: 418Reputation: 418Reputation: 418
OK, if you can make an SSH connection with Putty, 90% of the battle is won.

When I use Putty, I do everything in the Schreibg post EXCEPT


Quote:
In the Source port field, enter some arbitrary port number, e.g. 4901
Here I actually use 5901 rather than an arbitrary port number. Why? You'll see in a minute....

Now in VNC, when I connect, I connect to localhost:1. Here is where the 5901 bit comes in. The number after the : in this box is the display number, not the port number. In essence, since VNC works on the 5900 series of ports, display 0 is at 5900, display 1 is at 5901, display 2 is at 5902..... And I have no idea where display 4901 would be. I know I'm cutting a fine line here between display and port, but VNC is obviously doing some math with the value after the : and I think that is why you are having trouble.

So, as long as SSH is connected, the tunnel is established and vncserver is running on display 1 (Xvnc should be listening to port 5901 and you can check this with the netstat -al command), there should be no problem connecting. Port 22 should be the ony one you have to forward. And yes, if you have to open port 5901 on your router, you aren't using the ssh tunnel.
 
Old 11-26-2003, 04:38 PM   #7
ziggie216
Member
 
Registered: Oct 2003
Posts: 176

Original Poster
Rep: Reputation: 30
Hmm.. ok here are the configuration for putty:
Session -> Logging
Host Name: <my external ip>
Protocal: SSH

Forward Port:
L5901 <my external ip>:5901

I have the vncserver on display :1

After I connect w/ putty, load the vnc client, in the area for VNC Server: localhost:5901

it doesnt do anything when I connect with the vnc client. there wasnt even a message about can not connect.
 
Old 11-26-2003, 07:00 PM   #8
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 418Reputation: 418Reputation: 418Reputation: 418Reputation: 418
I think that you are very, very close. It looks like SSH is set up to tunnel properly but I think you've got the VNC client connection wrong. Here is my config that I use on a daily basis. The Slackware box that acts as my ssh and vnc server has an IP address of 192.168.1.10

Putty
Session page:
Host Name box: 192.168.1.10
SSH radio button checked (port 22 in the Port box)
Connections->SSH->Tunnels
Source Port Box has 5901
Destination box has 192.168.1.10:5901
Click on the Add button so that L5901 192.168.1.10:5901 appears in the Forwarded Ports box

Go back to Sessions, save the configuration, then Open.

Once logged into the Slackware box, start vncserver if it isn't already.

Start Windows VNC client. In the VNC server box I put

localhost:1


Note that I do NOT put in localhost:5901. I think that is where you've gone wrong.
 
Old 11-26-2003, 07:08 PM   #9
ziggie216
Member
 
Registered: Oct 2003
Posts: 176

Original Poster
Rep: Reputation: 30
are you able to connect from an outside your router? I have no problem connecting in the lan but when I change the ips eg. 192.168.0.10 to the ip of my wan, thats where I can only connect the ssh but not the vnc.
 
Old 11-26-2003, 09:33 PM   #10
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 418Reputation: 418Reputation: 418Reputation: 418Reputation: 418
I think I know what is going wrong.....I made the same mistake when I first started doing this and it drove me nuts for about a week.

When you want to connect from outside your lan, you need to change the IP on the Sessions page to your WAN ip but you need to leave the tunnel IP exactly the way it is for your network.

So lets say your router has a WAN ip of 1.2.3.4 and your linux box has an ip of 192.168.1.10

In the Host Name box on the Session page you would have 1.2.3.4 and you would of course have the SSH button selected.

On the Tunnels page, the source port box should have 5901 and the destination box should have 192.168.1.10:5901. So after you click the add button, you still have L5901 192.168.1.10:5901, just as if you were connecting from behind your router.

Then the VNC connection should still be to localhost:1. That bit doesn't change at all.
 
Old 12-02-2003, 09:32 PM   #11
ziggie216
Member
 
Registered: Oct 2003
Posts: 176

Original Poster
Rep: Reputation: 30
Thanks! it's working now
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
tunnel vnc through openssh disorderly Linux - Security 9 08-22-2005 03:56 PM
cannot SFTP to SUSE 9.2 box, port 22 open, can putty in though using same port. jgrady Linux - Networking 6 03-29-2005 09:44 AM
SSH tunnel using PuTTy - Samba jackster Linux - Security 4 02-12-2005 05:07 PM
Help with VNC and PuTTY rfkhickory Linux - Newbie 5 04-14-2004 11:16 PM
VNC with Putty Tunnel LinuxHaven Linux - Security 15 08-30-2003 02:16 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 09:17 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration