LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Mandriva
User Name
Password
Mandriva This Forum is for the discussion of Mandriva (Mandrake) Linux.

Notices


Reply
  Search this Thread
Old 08-22-2003, 09:04 PM   #1
norikage
LQ Newbie
 
Registered: Aug 2003
Distribution: Mandrake 9.1
Posts: 19

Rep: Reputation: 0
how to use vnc with ssh ?


I think the subject says everithing. I can't find how to make it work. I've been searching the net for some time and didn't find anything that is clear enough for me to understand.
 
Old 08-22-2003, 11:46 PM   #2
gnunderdog
LQ Newbie
 
Registered: Aug 2003
Posts: 7

Rep: Reputation: 0
I use tightVNC, works great, runs on any OS, etc. It might even be in the repository, so try "urpmi tightvnc" before googling.

So your question is about tunneling ssh with vnc, here's how:

0. Install tightvnc on _both_ machines. The rpm contains "vncserver", "vncviewer", and a couple of others, these two are the ones you need.

1. ssh into the remote machine and start a "vncserver" session. There are a number of options to pay attention to, such as "--depth" which is bit depth (16, 24, 32, etc) and "-geometry" for size (do "vncserver --help" to see them all). These are the values that the vncviewer will see, and the window size and depth that will appear on you desktop remotely. Here's an example:

<code>vncserver -depth 16 -geometry 1280x1024</code>

Smaller values will have less lag over the net, depending on your connection.

You will see something like the following output:

<code>New 'X' desktop is my.server.net:1</code>

The ":1" is the desktop number. you will need this later when opening the local viewer. You can always find it again with "ps -aux", listed after the process "Xvnc".

NOTE: You should only have to do this first step once, as long as the vncserver session stays up on the server machine. In future sessions, you can skip this step.

2. Now, on the local system, set ssh to create a "Listening" (-L) port link to the server.

<code>ssh -L 5091:my.server.net:5901 my.server.net</code>

This says "set up an ssh Listen connection from local port 5901 to port 5901 (this is Xvcn desktop #1, 5092 would be #2, 5093 would be 3, etc) on my.server.net".

You are now set to tunnel ssh!

3. Start the vncviewer localy using the remote Xvcn desktop #.

<code>vncviewer my.system.net:1</code>

This says, "open vncviewer into my.system.net on desktop #1.

You should get a desktop now, using the depth and geometry sizes you specified on the server. You can change these, or simply create another vncserver on the remote system. TightVNC will just make a desktop #2, #3, #4, etc.

Best of luck, I hope this is clear.

G
 
Old 08-22-2003, 11:47 PM   #3
gnunderdog
LQ Newbie
 
Registered: Aug 2003
Posts: 7

Rep: Reputation: 0
oops

Haha, this forum must not accept <code> tags!

Everything surrounded by <code> </code> is intended to be entered in a shell. Sorry.

G
 
Old 08-23-2003, 04:22 PM   #4
norikage
LQ Newbie
 
Registered: Aug 2003
Distribution: Mandrake 9.1
Posts: 19

Original Poster
Rep: Reputation: 0
" ssh -L 5091:my.server.net:5901 my.server.net " is all I have to do to make a ssh tunnel ? after one is created, how can I remove it ? And how can i use the desktop currently used on the server ?
 
Old 08-23-2003, 04:39 PM   #5
norikage
LQ Newbie
 
Registered: Aug 2003
Distribution: Mandrake 9.1
Posts: 19

Original Poster
Rep: Reputation: 0
and how can we know that we are using a ssh tunnel ?
 
Old 08-23-2003, 05:10 PM   #6
tisource
Member
 
Registered: Feb 2002
Posts: 322

Rep: Reputation: 30
VNC doesn't have to be this complicated.

Mandrake comes with tightvnc. You can use Mandrake's control center to add software that came on the CD's. Go into the software management section, click on the "add software" icon and search for Vnc.

From a SSH prompt, you can create a vnc session. Many of the parameters are optional. The command is "vncserver". The "display" starts at 0 or 1 (can't remember which) and increments based on the number of existing sessions. "vncserver" alone will create a default session, if I recall. Whatever user you're logged into on the console is the user the Xvnc session will run under.

The "display" or "socket" determines what port VNC listens on. If you create a session on display 1, the port is 5901. If you create a session on display 54, then the port will be 5954 (ex. "vncserver :54"). You don't have to specify port when you connect, but if you need the port forwarded through a firewall, that is how you determine which port to send through.

You do need "vncviewer" on the computer you are connecting FROM and the complete VNC software package on the computer you are connecting TO. If the source machine is a windows workstation, the VNC viewer on www.realvnc.com works wonders (my fav. implementation of VNC).

Once the viewer pops up, just type the address in, and the display or socket (ex. "100.2.10.5:1" or whatever). If your target machine is using socket/display 0, then specifying the socket/port isn't necessary (ex. "100.2.10.5").

If you have questions, send me a note...

MSN messenger..."jasonsbailey@hotmail.com"
email..."tisource_webmaster@yahoo.com"
 
Old 08-23-2003, 05:17 PM   #7
gnunderdog
LQ Newbie
 
Registered: Aug 2003
Posts: 7

Rep: Reputation: 0
answers

As long as the server is running on the remote system, all you have to do to tunnel ssh with vnc is:

Code:
ssh -L 5901:myserver.net5901 myserver.net
Then in another shell:

Code:
vncserver mysever.net:1
The 59xx ports are what VNC uses on its own (or at least tighVNC, others may be different). The "xx" should match the vncserver desktop number, so:

5900 == desktop 0
5901 == desktop 1
etc

In my experience, VNC on Linux uses 1 (5901) first, whereas the MSFT versions uses 0 ( 5900). Just a default, and likely becasue MSFT is not great at hosting multiple instance of almost anything. I'm sure there is also a way to specify the port/desktop# if needed.

How do you know that you are tunneling ssh? You can, if you want, do a port scan and see that port 22 (ssh) is the only one available. ssh is creating a listening connection over the port you specify in the "ssh -L" command. As far as I know, it can be used to tunnel all sorts of other protocols as needed. 80 is httpd, 21 is ftp, etc.

If you wanted, you could also open the appropriate ports (59xx) and do it directly, but you'de be creating a potential security risk. Some people do this in a LAN setup behind a firewall. I did this for a while when I had a headless MSFT box at home.

G
 
Old 08-23-2003, 05:18 PM   #8
gnunderdog
LQ Newbie
 
Registered: Aug 2003
Posts: 7

Rep: Reputation: 0
code

Note that the code tags are working...it uses a "[" instead of "<",

G
 
Old 08-30-2003, 01:20 AM   #9
SchreibG
LQ Newbie
 
Registered: Aug 2003
Posts: 3

Rep: Reputation: 0
The solution above isn't tunneling, as you arent' connecting to vnc over an ssh tunnel, your connecting directly to the vncserver on 5901... To "tunnel", you'd have to connect to your localhost on a port, which then tunnels through via SSH to the vncserver port...

Here's how:

well, first, zaseny's option isn't actually tunnelling vnc... Since all you did at the end was open vnc and connect to remoteort, you're just connecting directly through to the vnc server.

Here's a full walkthrough, enable tunnelling via PuTTY over SSH:

Download/install PuTTY on the local computer, and also the vncviewer.
Launch PuTTY. The opening window should have the Session option. Click on the SSH radio button. In the Host Name (or IP address) field, enter the IP address of the remote computer.
For the sake of argument, let's assume that the IP address is
123.456.789.123.
Choose Tunnels suboption in the SSH option.
In the Source port field, enter some arbitrary port number, e.g. 4901.
In the Destination field, enter the IP address of your remote computer and
the port, e.g. 123.456.789.123:5901.
The unix version of vnc uses the port 5900 + display number, so the
first display number is 5901 usually.
The format of the destination is the IP address, colon, port number, as
given in the example above. Make sure local is selected with the radio button at the bottom.
Now click on the Add button.
Go back and click on the Session option, and save this session so you
won't have to re-enter all the information.
Click on the Open button at the bottom of the window, and you'll be able
to connect to your remote computer.
Enter the user name (case sensitive) and the password of your
user account (or passphrase for RSA/DSA keyusers)
If everything is fine, you'll be connected to your remote computer.
Now launch vncviewer on the local computer and enter localhost:4901 and
click the OK button.
If you're not prompted for the password for vnc, then either you're not
running vncserver on your remote computer or some information was
incorrectly entered in PuTTY setting.
 
Old 08-30-2003, 12:40 PM   #10
gnunderdog
LQ Newbie
 
Registered: Aug 2003
Posts: 7

Rep: Reputation: 0
Unhappy Yikes

Right. I'm looking at my post again and realizing my error. The last step is wrong.

So for Linux (non-putty), assuming your remote machine "myserver" is already running a vncserver session (on "desktop #1", default).

Code:
ssh -L 5901:myserver:5901 myserver
Tells ssh, essentially, to forward connections to port 5901 on the local machine to port 5901 on myserver.

So now we connect vncviewer to our localhost 5901, not myserver's 5901 directly:

Code:
vcnviewer localhost:1
This was the wrong step.

VNC now thinks we are connecting to our local 5901 port, but ssh is forwarding (tunneling) this port connection to myserver's 5901.

G
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh with vnc Dillius Linux - Security 1 03-11-2005 04:53 PM
VNC over SSH or ????? alirezan1 Mandriva 2 01-04-2005 10:55 AM
vnc with ssh lawkh Linux - Newbie 1 02-10-2004 01:12 AM
ssh and VNC linuxnube Linux - Security 4 01-28-2004 10:12 PM
VNC on SSH??? Jerry78 Linux - Newbie 3 07-17-2003 03:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Mandriva

All times are GMT -5. The time now is 03:53 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration