I don't use SSH Secure Shell, but my guess is you have two problems here: The window-in-a-window effect happens when you connect to a VNC server on the same machine as the viewer you're running. You must have a server running on display 0?
You probably want to set your OUTGOING tunnel to listen on port 5901, then try connecting to 127.0.0.1:1. To test, you can try telnetting into the tunnel. You should see a brief message starting with "RFB" if you've connected to a VNC server. -----Original Message----- From: Leite, Keith [mailto:[EMAIL PROTECTED]] Sent: Monday, December 31, 2001 2:00 PM To: '[EMAIL PROTECTED]' Subject: RE: SSH Windows to Linux Greetings, I have been following the this message thread and I would like to say that I am trying to accomplish the same thing here. I am using SSH Secure Shell for Windows and I think I configured it correctly. I set my OUTGOING Tunnel to listen on Port 22 and the DEST Host is localhost and the DEST Port is 5900, I set it up to allow Local connections only. It seems to make the connection but when I launch VNC from the PC running Windows and point to the localhost or 127.0.0.1:5900 it seems to launch almost a Window within a Window meaning it seems like I am connecting to myself and it doesn't seem like my data is being forwarded through the Tunnel. Do I have to make a INCOMING Tunnel also ??? Not too sure ... I understand the concept of connecting locally and let the tunnel forwared traffic from the PC to the Linux box but it doesn't seem to be forwarding .... Is there any test I can perform to verify that port 5900 is open for business ??? ThanX Keith ... -----Original Message----- From: David Brodbeck [mailto:[EMAIL PROTECTED]] Sent: Monday, December 31, 2001 1:12 PM To: '[EMAIL PROTECTED]' Subject: RE: SSH Windows to Linux When you make the connection through SSH, it will probably appear to come from lo (the local interface), though it may depend on how you specify the forwarding -- whether you use the loopback address or the machine's actual IP. Try it and find out; if you deny all to port 5900 and it doesn't work, you may have to add an allow rule for connections from the machine itself. I use TeraTerm Pro and the SSH plugin, and it works pretty well for me. You should be able to use a host entry something like this to do what you want: remotemachine.foo.net:22/ssh /ssh-L5900:127.0.0.1:5900 This tells it to connect to remotemachine.foo.net, port 22, using the ssh protocol. It then requests that port 5900 on the local machine be forwarded to locahost port 5900 on the remote end. (I haven't tested this specifically, since I connect *through* the remote machine to a third one, but it should work.) You would then fire up the VNC viewer and tell it to connect to localhost:0. -----Original Message----- From: James Pifer [mailto:[EMAIL PROTECTED]] Sent: Monday, December 31, 2001 12:58 PM To: [EMAIL PROTECTED] Subject: RE: SSH Windows to Linux Have you gotten this to work? If so, what SSH client? I'm trying the ssh-win32 that the VNC docs point you to. I set it up to forward the ports but can't seem to make a connection. I get nothing. VNC doesn't ever come back. No erros, nothing. Very weird. I am using ipchains. When you make a connection through SSH does Linux think it's coming from the local trusted NIC? Not sure if that was clear. Can I just completely block that port with ipchains and as long as I can make the SSH connection I should be able to connect to VNC? Thanks, James At 12:09 PM 12/31/2001 -0500, you wrote: >You need to ask your SSH client to do port forwarding. How you do that will >depend on the client. Generally you'll ask it to, say, forward local port >5900 to remote port 5900. Then you tell VNC to connect to port 5900 on your >local machine, and SSH forwards it from there. > >Since you're running RedHat, the quickest way to keep VNC from accepting >outside connections would probably be to block that port off with ipchains >or iptables. > >-----Original Message----- >From: James Pifer [mailto:[EMAIL PROTECTED]] >Sent: Monday, December 31, 2001 11:41 AM >To: [EMAIL PROTECTED] >Subject: SSH Windows to Linux > > >I know this has been asked before, but I'm not finding my answer so far. >I've also read through the docs, but the holiday drinking must have made my >brain a little mushy. > >I have a Redhat 7.2 server that I'm going to stick on the net. For this >reason I obviously need it secure. Like many others, we're a windows shop >not Linux. I can't figure out how to connect from a windows PC to a VNC >session on Linux over SSH. > >I have SSH running on Redhat and can connect to it from two different >Windows SSH clients. When I connect I get the $ prompt like a terminal >session. > >How to a make a VNC connection? > >Also, how do I make sure that VNC will not accept normal connections? > >I've used Zebedee on windows in the past and then used the authosts >registry setting to limit only connections from the local machine. > >Thanks. >James >--------------------------------------------------------------------- >To unsubscribe, mail [EMAIL PROTECTED] with the line: >'unsubscribe vnc-list' in the message BODY >See also: http://www.uk.research.att.com/vnc/intouch.html >--------------------------------------------------------------------- >--------------------------------------------------------------------- >To unsubscribe, mail [EMAIL PROTECTED] with the line: >'unsubscribe vnc-list' in the message BODY >See also: http://www.uk.research.att.com/vnc/intouch.html >--------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
