Actions

VNC over SSH: Difference between revisions

From Rabbi Blog

(Migration - VNC over SSH)
 
mNo edit summary
Line 41: Line 41:
[[Category:Programs]]
[[Category:Programs]]
[[Category:Security]]
[[Category:Security]]
[[Category:2006-07]]

Revision as of 09:40, 1 May 2007

History

I did this as a side project months ago to see if I could connect to a Windows machine running VNC and an SSH server securely. I've done this on linux in the past, so the only unknown was SSH on Windows. I was suprised to not find it here, so I'm adding it.

By installing OpenSSH for windows and then configuring VNC to accept Loopback connections, I am able to establish a secure session with Putty, create the port forward for the VNC port (5905 in this example) and then connect to the vnc server remotely.

OpenSSHWindows Putty VNC.jpg

The Ingredients

Installation

  • Install & config sshwindows (RTFM)
  • Install VNC server on the receiver & config (allow loopbacks!)
  • Install VNC viewer on the client
  • Run putty on the client to the receiver & log in
    • Right Click the tool bar for putty and select CHANGE SETTINGS
    • Under connection, select SSH and then TUNNELS
    • Source port: 5900 & Destination: <receivers local ip>:5900
    • hit APPLY
  • open VNC viewer: 127.0.0.1:5900
  • Connect

Done!

Why?

(I was asked this elsewhere)

If you ever used VNC to connect another PC, you've probably thought about connecting back to your home computer at some point for some reason. Most of the time, people just poke the port in their firewall and forward port 5900 to whatever box they want to access. This is bad for two reasons: 1) it's unencrypted and 2) it leads straight to your box and only has one password between the world and the desktop.

Using SSH provides both an encrypted and secure solution. You still need to port fwd (port 22) to the SSH server, but now there are two things that are possible: 1) access needs a user and password or 2) you can setup a pre-shared key that if you don't have on the clients end, you don't get in at all. So for that alone you are more secure in accessing your PC remotely.

Taking it one step further and using tunnels, once you are connected you can run your VNC session through the SSH session. So now you are encrypted and secure while using VNC.

Related Articles

Proxy over SSH