Is your goal to use the java client from a web browser? If not, let's
abandon that line of thinking now.
First of all, find out what port VNC Server is running on. Make sure that
"Allow Loopback" is enabled.
>From the client, run "ssh -L 5920:localhost:5902 remotehost" This assumes
that VNC Server is running on port 5902 on the remote host. Also,
localhost, in this context, is referring to "localhost" from the SSH
Server's point of view... meaning: itself. Now, connect, from the client,
to localhost:20 using the vncviewer.
Now, if your goal _IS_ to use the java client from a web browser, make sure
that 1. VNC Server _IS_ running on 5902. Also make sure that nothing is
running on the client machine on ports 5902 or 5802. Now, make your ssh
connection like this: ssh -L 5902:localhost:5902 -L 5802:localhost:5802
remotehost. Next, use your web browser and connect to
http://remotehost:5802/. Bingo.
-ME
----- Original Message -----
From: "Serge Dutremble" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 20, 2000 10:30 AM
Subject: Re: VNC and SSH
> OK I tried this and, as I thought, it did not work. I believe this is the
> reason:
>
> How will my localhost web server know what a remore web server (on another
> port) runs?
>
> If we use the second vnc x-display as an example:
> The java apps run on the remote host at port 5802. SSH forwards port 5902
to
> remotehost:5902. Remotehost may know that the java vnc runs on port 5802
but
> my localhost can never find this out as I try http://localhost:5802!
> http://localhost:5902 will not work either as per the vnc documentation (I
> tried it anyway). I get a server not found error in netscape and the page
is
> redirected to a search engine.
>
> If I forward local port 5902 to remote port 5802, I get a netscape error
telling
> me I have a "network error: broken pipe". The ssh verbose tells me the
same
> "bla bla" message.
>
> If I go directly to remoteport:5802, I get the vnc java application
> (unencrypted, naturally).
>
> I have verified my version of ssh as follow:
>
> remote host runs Linux Mandrake 6.2 with:
> SSH Version OpenSSH_2.1.1 Protocol version 1.5/2.0 compiled with SSL
> (0x0090581f)
>
> local host runs Linux RedHat 7.0 with:
> SSH Version OpenSSH_2.2.0p1 protocol version 1.5/2.0 compiled with SSL
> (0x0090581f)
>
> ssh_config and sshd_config files on both workstations are the same.
>
> Any more ideas?
>
> Serge
>
> On Wed, 20 Dec 2000, you wrote: > Two thoughts:
> >
> > 1. If you are run VNC Server on the same host as SSHD (which it appears
you
> > are), you have to enable "Loopback" connections with VNC. Because of
the
> > SSH tunnel, the VNC server sees that the connection is coming from the
SSHD
> > server. If they're the same host, it is a loopback connection.
> >
> > 2. If you are planning on using the Java viewer, you have to run VNC on
the
> > remote server on the same port you want to use for the redirection.
> > For example:
> > You run VNC Server on port 5920 (so HTTP server runs on port 5820).
You
> > make your ssh connection with "ssh -L 5920:remote_ip:5920 remote_ip" and
> > then connection to http://localhost:5820/.
> > The reasoning behind this is: the HTTP server that serves up the Java
applet
> > "knows" that VNC Server is running on a port 100 more than itself (5820
+
> > 100 = 5920). If you are proxying the HTTP port as something like 5825,
the
> > server still sees that it is running on port 5820 even though the client
> > sees it as running on port 5825. The client is expecting (because you
> > proxied it that way with SSH) the VNC Server to be running on port 5925,
but
> > the Java applet will be redirected to port 5920 because that's what the
HTTP
> > server "knows" VNC to be running on. Since you haven't proxied port
5920,
> > but 5925, it will not work.
> >
> > I know that's a weird concept to explain. If it doesn't make sense, let
me
> > know.
> >
> > Mike Erdely
> > mailto:[EMAIL PROTECTED]
> > http://mike.erdelynet.com/
> >
> > ----- Original Message -----
> > From: "Serge Dutremble" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Monday, December 18, 2000 1:22 PM
> > Subject: VNC and SSH
> >
> >
> > > I have been attempting to use VNC through SSH for a few weeks with no
> > results.
> > >
> > > Some responses from the list have suggested I should redirect both the
> > 58XX and
> > > 59XX ports in order to get it to work but I get the same result. The
> > > instructions in the VNC documentation do not suggest it may be
necessary
> > at all
> > > anyway. I think I have to redirect port 59XX is I use the vnc viewer
and
> > port
> > > 58XX if I want to use the http java viewer. I am not attemting to use
> > both at
> > > this time but would just like to get at least one going.
> > >
> > > I try the following on a Linux RH 7.0 workstation:
> > >
> > > ssh -L 5910:remote_ip:5901 remote_ip
> > > I get validated by remote_ip (a Mandrake 6.2 workstation)
> > >
> > > Then I try on another terminal window:
> > > vncviewer localhost:10
> > >
> > > I get a "vncviewer: VNC server closed connection" message locally
while I
> > get a
> > > "channel_open_failure: 2: reason 1: bla bla" message on remote_ip.
> > >
> > > The command vncviewer remote_ip:1 works fine (but naturrally not
> > encrypted).
> > >
> > > Doesn't make much sense to me.
> > >
> > > Can anyone help?
> > >
> > > Serge.
> > > ---------------------------------------------------------------------
> > > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > > to [EMAIL PROTECTED]
> > > See also: http://www.uk.research.att.com/vnc/intouch.html
> > > ---------------------------------------------------------------------
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
> > ____________________________________________________________
> > Get your free domain name and domain-based e-mail from
> > Namezero.com. New! Namezero Plus domains now available.
> > Find out more at: http://www.namezero.com
> ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> ---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
