VNC via SSH - loopbackonly & allowloopback problem

David Steele david.steele "at" nasdaqeurope.com
Fri, 22 Jun 2001 09:13:31 +0000


Miro,

Thanks for that - it was doing my head in. Yes, I understand about the
LoopbackOnly setting overriding other settings - now that I have it working
I have removed the AllowLoopback key completely from the server.

Rgds,
Dave.

-----Original Message-----
From: Miroslav Luptak [mailto:luptak "at" snt.sk]
Sent: 21 June 2001 23:00
To: vnc-list "at" uk.research.att.com
Subject: Re: VNC via SSH - loopbackonly & allowloopback problem


> Miroslav,
> 
> Thanks - I wasn't certain exactly what you meant below, as I have been
> setting my forward to a.b.c.d exactly like I said.
> 
> However, I decided to set up a forward to 127.0.0.1, and it worked.
> 
> Here are my current, working settings:
> AllowLoopback - 0
> LoopbackOnly - 1
> 
> TTSSH port forwarding window - 
> Forward local port: 5901
> to remote machine: 127.0.0.1
> port: 5900
> 
> This goes against the logic that I have been working with - 'remote
machine'
> to me should be the IP address of the server - a.b.c.d. Obviously I am
> wrong. 
> 
> Can you explain the logic of what is happening?

You should think about the "remote machine" from the point of 
view of the SSHD SERVER! It is the SSHD who will connect
to remote_machine:remote_port.

When you used remote machine=a.b.c.d, then the SSHD SERVER tried to 
connect to VNC Server on IP address a.b.c.d and with LoopbackOnly=1
this was refused by the VNC Server and the TeraTerm reported what
it reported.

I am glad it's working now.

Please note that setting LoopbackOnly to 1, "overrides the AllowLoopback 
and AuthHosts settings." (quote taken from the manual).

Best regards,

Miro
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------