Need help: VNCviewer exits on startup when tunneled via SSH

Markus Wollny Markus.Wollny "at" computec.de
Mon, 27 Aug 2001 15:30:09 +0000


Hi!

Mucked about with it all day - to no avail. But symptoms have changed a
little. VNCviewer now says "Connection failed". However, I get a telnet
connection now - well, sort of. It comes up with "RFB 003.003" - and
nothing more; no prompt, nothing. After pressing return six times, it
comes up with "connection to host lost" and I'm falling back to the
Windows command line. That's not too strange, as I don't have telnet
running and it wouldn't listen on port 5902 anyway, even if it was.

I started the SSH-client with verbose option and this gives me the
following:

Connection to port 5902 forwarding to 127.0.0.1:5902 requested.
Address 127.0.0.1 maps to myworkstation.isp.de, but this does not map
back to th
e address - POSSIBLE BREAKIN ATTEMPT!
Allocated channel 1.

Channel now open, status bits 0

Channel 1 receives input eof.
Channel 1 closes outgoing data stream.
Channel 1 sends oclosed.
Channel 1 closes incoming data stream.
Channel 1 sends ieof.
Channel 1 receives output closed.
Channel 1 terminates.

I'm using OpenSSH-9.2p2 and patched the channels.c with

nextstate = (c->type == SSH_CHANNEL_RPORT_LISTENER) ?
      SSH_CHANNEL_OPENING :
      (c->host_port == 0) ? SSH_CHANNEL_DYNAMIC :
      SSH_CHANNEL_OPENING;

(see
http://msgs.securepoint.com/cgi-bin/get/openssh-unix-dev-0107/8.html)

Now comes the strange bit: I tried the TightVNC viewer instead, as you
recommended - and succeeded in getting a connection (I haven't installed
the TightVNC Server yet, though, so that's still the original one). Now
I am quite happy about this fact and enjoy a secure VNC now, but I'd
still like to know if it's my fault (some config-error) or a bug or
incompatibility in the original VNC. This would allow me to judge if my
system is running clean and stable or if I need to worry about loosing
VNC when I just need it most. Does anybody know which changes from the
original to TightVNC might be responsible for fixing a bug like this?

Thanks for your help!

Regards,

	Markus

-----UrsprCB<ngliche Nachricht-----
	Von: Scott C. Best
	Gesendet: Sa 25.08.2001 06:30
	An: vnc-list "at" uk.research.att.com
	Cc: Markus Wollny
	Betreff: Re: Need help: VNCviewer exits on startup when tunneled
via SSH

	Markus:
	        Hello! Try this:

	1. Turn off SSH compression (the -C switch). Better/same/worse?
	2. Instead of connecting with the vncviewer, telnet into
	   localhost:5901. Does it connect to an "RFB" prompt?
	3. What version of viewer are you using? Might want to try
	   the Tridia or the TightVNC ones as alternatives.

	        Good luck!

> Hello!
>
> I'm using VNC to access a linux-box from my Win2k-workstation. I got
it
> to work so far - alas not quite satisfactorily for my needs.
> I'm using SuSE 7.0 on the linux box and OpenSSH for SSH on port 22.
The
> linux-box and the workstation have got internal IPs in our LAN as well
> as external IPs (via NAT). What I need to do is set up VNC as well as
> SSH Secure File Transfer to the box to the external IP.
>
> In a first step I just used the OpenSSH distribution that came with
SuSE
> 7.0 - everything was running fine except Secure File Transfer, which
> couldn't work because that version of OpenSSH didn't feature it. As
the
> SuSE 7.0 OpenSSH Distribution was suffering from a securitity flaw
> anyway, I got the latest RPM from SuSE (OpenSSH 2.9p1-17) and
installed.
> sFTP was running flawlessly now, but VNC behaved strangely now.
>
> Before upgrading, I set port-forwarding as follows:
> ssh -C -L 5901:localhost:5901 -l myusername external-ip.of.linux.box
> I logged myself in with my password and started the vncserver on the
> linux-box with
> vncserver -localhost :1
> Then I startet vncviewer on my workstation using
> vncviewer localhost:1
> It worked fine. So I didn't change anything about that, not even after
> the upgrade.
>
> Then I upgraded to OpenSSH 2.9p1-17. SFTP was now working. Afterwards
I
> followed the very same steps - started up the tunnel, then the server
> and then tried to invoke vncviewer - but when I call it, it just exits
> without any error-message whatsoever.
>
> When calling up a wrong IP or a wrong port intentionally when starting
> vncviewer, I do get the standard error-message "Failed to connect to
> server". As I don't even get this message, I conclude that there is a
> tunnel alright. Still, doesn't help... It must have something to do
with
> the upgrade to OpenSSH 2.9p1-17, as it was running fine before with
the
> very same configuration.
>
> Does anybody have a clue as to what I am doing wrong? I'd be very much
> obliged if anybody could help me with this one. I find VNC so very
> useful that I'd really hate considering working with the command-line
> only again...
>
> Tanks a lot,
>
> 		Markus
>
> This is my sshd_config:
> Port 22
> Protocol 2,1
> ListenAddress 0.0.0.0
> HostKey /etc/ssh/ssh_host_key
> HostKey /etc/ssh/ssh_host_dsa_key
> ServerKeyBits 768
> LoginGraceTime 600
> KeyRegenerationInterval 3600
> AllowTcpForwarding yes
> GatewayPorts yes
> PermitRootLogin yes
> IgnoreRhosts yes
> StrictModes yes
> X11Forwarding yes
> X11DisplayOffset 10
> PrintMotd yes
> KeepAlive yes
> SyslogFacility AUTH
> LogLevel INFO
> RhostsAuthentication no
> RhostsRSAAuthentication no
> HostbasedAuthentication no
> RSAAuthentication yes
> PasswordAuthentication yes
> PermitEmptyPasswords no
> ChallengeResponseAuthentication no
> Subsystem	sftp	/usr/lib/ssh/sftp-server
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------