Java client troubles...

Steven S. Macfarlane steven@9d8.com
Fri Dec 20 17:25:59 2002 

Steve Palocz wrote:

>Question,
>I think that the machine you are trying to hit and the ssh server are
>not the same?
>
>I have been using this config for some time now without problem.
>
>Steve
>
>-----Original Message-----
>From: vnc-list-admin@realvnc.com [mailto:vnc-list-admin@realvnc.com] On
>Behalf Of Steven S. Macfarlane
>Sent: Tuesday, December 17, 2002 3:40 PM
>To: VNC-List@realvnc.com
>Subject: Java client troubles...
>
>Q: What might I try to get this connection to work over ssh?
>
>Given: Windows2000 Professional running Mozilla v1.2.1 with Sun's JRE 
>1.4.0_02 accessing Linux box running RedHat v7.2 with X tunneling via 
>OpenSSH v3.4p1 to Slackware 8.0 running OpenSSH v3.5p1 to variety of 
>windows clients.  All systems are running RealvNC v.3.3.6 for their 
>respective platforms.	
>
>Details: Ok, I have been successfully piping vNC sessions through ssh 
>for some time, using the vncviewer program.  I started having too much 
>fun with Mozilla v1.x and the tabbed browsing so I decided to start 
>managing my client's PCs using the Java viewer.  It works great on my 
>local LAN, but when I start getting fancy with things like 'ssh -g -X -L
>
>5814:192.168.1.14:5800 xx6.15x.1x7.x3x -v' I can get to the VNC 
>Authentication window in my browser but when I enter the password, it 
>fails with the Java exception following...
>
>OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
>debug1: Reading configuration data /usr/local/etc/ssh_config
>debug1: Rhosts Authentication disabled, originating port will not be 
>trusted.
>debug1: ssh_connect: needpriv 0
>debug1: Connecting to xx6.15x.1x7.x3x [xx6.15x.1x7.x3x] port 22.
>debug1: Connection established.
>
>	blah blah blah
>
>OpenSSH_3.5p1
>debug1: match: OpenSSH_3.5p1 pat OpenSSH*
>Enabling compatibility mode for protocol 2.0
>debug1: Local version string SSH-2.0-OpenSSH_3.4p1
>debug1: SSH2_MSG_KEXINIT sent
>debug1: SSH2_MSG_KEXINIT received
>
>	blah blah blah
>
>debug1: Connections to local port 5814 forwarded to remote address 
>192.168.1.14:5800
>socket: Address family not supported by protocol
>debug1: Local forwarding listening on 0.0.0.0 port 5814.
>debug1: fd 4 setting O_NONBLOCK
>debug1: channel 0: new [port listener]
>debug1: channel 1: new [client-session]
>debug1: send channel open 1
>debug1: Entering interactive session.
>debug1: ssh_session2_setup: id 1
>debug1: channel request 1: pty-req
>debug1: Requesting X11 forwarding with authentication spoofing.
>debug1: channel request 1: x11-req
>debug1: channel request 1: shell
>debug1: fd 3 setting TCP_NODELAY
>debug1: channel 1: open confirm rwindow 0 rmax 32768
>
>	blah blah blah
>
>Then upon opening the browser:
>
>steven@hoss:~$ debug1: Connection to port 5814 forwarding to 
>192.168.1.14 port 5800 requested.
>debug1: fd 8 setting TCP_NODELAY
>debug1: fd 8 setting O_NONBLOCK
>debug1: channel 2: new [direct-tcpip]
>debug1: channel 2: open confirm rwindow 131072 rmax 32768
>debug1: channel 2: rcvd eof
>debug1: channel 2: output open -> drain
>debug1: channel 2: obuf empty
>debug1: channel 2: close_write
>debug1: channel 2: output drain -> closed
>debug1: channel 2: read<=0 rfd 8 len 0
>debug1: channel 2: read failed
>debug1: channel 2: close_read
>debug1: channel 2: input open -> drain
>debug1: channel 2: ibuf empty
>debug1: channel 2: send eof
>debug1: channel 2: input drain -> closed
>debug1: channel 2: send close
>debug1: channel 2: rcvd close
>debug1: channel 2: is dead
>debug1: channel 2: garbage collecting
>debug1: channel_free: channel 2: direct-tcpip: listening port 5814 for 
>192.168.1.14 port 5800, connect from 192.168.3.100 port 3602, nchannels
>3
>
>and here is the Java output...
>
>
>java.net.ConnectException: Connection refused: connect
>
>	at java.net.PlainSocketImpl.socketConnect(Native Method)
>
>	at java.net.PlainSocketImpl.doConnect(Unknown Source)
>
>	at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
>
>	at java.net.PlainSocketImpl.connect(Unknown Source)
>
>	at java.net.Socket.connect(Unknown Source)
>
>	at java.net.Socket.connect(Unknown Source)
>
>	at java.net.Socket.<init>(Unknown Source)
>
>	at java.net.Socket.<init>(Unknown Source)
>
>	at rfbProto.<init>(rfbProto.java)
>
>	at vncviewer.connectAndAuthenticate(vncviewer.java)
>
>	at vncviewer.run(vncviewer.java)
>
>	at java.lang.Thread.run(Unknown Source)
>
>java.net.ConnectException: Connection refused: connect
>_______________________________________________
>VNC-List mailing list
>VNC-List@realvnc.com
>http://www.realvnc.com/mailman/listinfo/vnc-list
>
>
>
>  
>
Isn't it ok for the machine I am trying to hit and the sshd machine to 
not be the same?  When I use the vNC viewer client they are not the same 
and that works fine.  What I am trying to do over the Java client is 
similar to the illustration at  
http://www.uk.research.att.com/vnc/sshvnc.html

*machine windows1* ------ *machine*
*linux1*    
Runs vncviewer connecting to linux1:1, actually sees display of windows2 
 secure local network Runs ssh to linux2, fowards local port 5901 via 
link to windows2:5900
 


|
|
insecure public network
|
|

    *machine*
*linux2* ---- *machine*
*windows2*


Runs sshd secure remote
network Runs WinVNC server as display 0

To do this, you need to run the following on machine linux1;
   ssh -g -L 5901:windows2:5900 linux2

Lastly, remember  that if you want to use the Java VNC viewer, you will 
need to forward the 58xx ports as well as the 59xx ports.  See the FAQ 
for info on how these ports are used.