>>>>> "Joseph" == Joseph A Knapka <[EMAIL PROTECTED]> writes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
OT: is that your actual email address or did somebody's mail
client/server muck things up. ('cuz I just looked in the passwd file
at work and you don't have an account there! :)
>> 1. Forward a local port on my home machine to the remote machine on
>> which the Xvnc server is running. But I don't see how since I need
>> to specify the machine on the _inside_ of a firewall which is (de
>> facto) not addressable directly.
Joseph> Doesn't matter. The forward host is contacted by the
Joseph> server, not the client, so its reachability from the
Joseph> client is irrelevant. So in your case where an ssh
Joseph> connection to "work" gets randomly forwarded to "workN"
Joseph> for some N, you can VNC to "work3" by:
Joseph> ssh -L 5910:work3:5900 work
Joseph> and then connect your vncviewer to localhost:0. If you get
Joseph> connected, say, to "work5", "work5" will happily forward
Joseph> the connection to "work3".
Good point. I tried it. I didn't realize that the name resolution for
the -L option to ssh occurs on the remote end, not the local
end. (Not an intuitive way for things to work, IMHO). Thanks for the
tip.
The local forward works, but now I'm certain that there's a triple
connection going on. Consider your example. The viewer connects to
localhost port 5900 (a poor choice since my local X server is running
there, but that's neither here nor there :) which is tunneled through
ssh to work5 which forwards the contents to work3:5920. Or, did I get
it wrong.
Whereas, in the reverse case, I know there's a separate connection
established to handle a direct (pseudo-direct, there's a pair of
firewalls involved which add two layers of forwarding, in both cases)
between work3 and my home box. I know, because I just used a packet
analysis tool (ethereal) to prove it to myself.
If all the original commenters were worried about was the length of my
command line, let me assure everyone that I have scripts for
this. OTOH, I'm pretty sure that I've reduced the number of
connections as far as possible. Do y'all think not?
Bill.
--
Bill Barth | Home: (512) 797-3045
[EMAIL PROTECTED] | Work: (512) 471-4069
Office: WRW 111 | Fax: (512) 232-3357
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
