SSH Windows to Linux

James Pifer jamesvnclist "at" tnjinfl.com
Wed, 02 Jan 2002 16:25:12 +0000


Problem turned out to be the login. I was not logging in as root in the SSH 
session. Once I did that it works. Not sure where to give a different user 
the same functionality, but at least I know where the problem is.

Thanks.
James

At 10:53 AM 1/2/2002 -0500, you wrote:
>I don't use SSH Secure Shell, but my guess is you have two problems here:
>
>The window-in-a-window effect happens when you connect to a VNC server on
>the same machine as the viewer you're running.  You must have a server
>running on display 0?
>
>You probably want to set your OUTGOING tunnel to listen on port 5901, then
>try connecting to 127.0.0.1:1.
>
>To test, you can try telnetting into the tunnel.  You should see a brief
>message starting with "RFB" if you've connected to a VNC server.
>
>-----Original Message-----
>From: Leite, Keith [mailto:Keith.Leite "at" GDC4S.Com]
>Sent: Monday, December 31, 2001 2:00 PM
>To: 'vnc-list "at" uk.research.att.com'
>Subject: RE: SSH Windows to Linux
>
>
>Greetings,
>
>I have been following the this message thread and I would like
>to say that I am trying to accomplish the same thing here.
>
>I am using SSH Secure Shell for Windows and I think I configured
>it correctly. I set my OUTGOING Tunnel to listen on Port 22 and the DEST
>Host is localhost and the DEST Port is 5900, I set it up to allow Local
>connections only.
>
>It seems to make the connection but when I launch VNC from the PC running
>Windows and point to the localhost or 127.0.0.1:5900 it seems to launch
>almost a Window within a Window meaning it seems like I am connecting to
>myself and it doesn't seem like my data is being forwarded through the
>Tunnel.
>
>Do I have to make a INCOMING Tunnel also ???
>
>Not too sure ... I understand the concept of connecting locally and let the
>tunnel forwared traffic from the PC to the Linux box but it doesn't seem to
>be forwarding ....
>
>Is there any test I can perform to verify that port 5900 is open for
>business ???
>
>ThanX Keith ...
>
>-----Original Message-----
>From: David Brodbeck [mailto:DavidB "at" mail.interclean.com]
>Sent: Monday, December 31, 2001 1:12 PM
>To: 'vnc-list "at" uk.research.att.com'
>Subject: RE: SSH Windows to Linux
>
>
>When you make the connection through SSH, it will probably appear to come
>from lo (the local interface), though it may depend on how you specify the
>forwarding -- whether you use the loopback address or the machine's actual
>IP.  Try it and find out; if you deny all to port 5900 and it doesn't work,
>you may have to add an allow rule for connections from the machine itself.
>
>I use TeraTerm Pro and the SSH plugin, and it works pretty well for me.  You
>should be able to use a host entry something like this to do what you want:
>
>remotemachine.foo.net:22/ssh /ssh-L5900:127.0.0.1:5900
>
>This tells it to connect to remotemachine.foo.net, port 22, using the ssh
>protocol.  It then requests that port 5900 on the local machine be forwarded
>to locahost port 5900 on the remote end.
>
>(I haven't tested this specifically, since I connect *through* the remote
>machine to a third one, but it should work.)
>
>You would then fire up the VNC viewer and tell it to connect to localhost:0.
>
>-----Original Message-----
>From: James Pifer [mailto:jamesvnclist "at" tnjinfl.com]
>Sent: Monday, December 31, 2001 12:58 PM
>To: vnc-list "at" uk.research.att.com
>Subject: RE: SSH Windows to Linux
>
>
>Have you gotten this to work? If so, what SSH client? I'm trying the
>ssh-win32 that the VNC docs point you to. I set it up to forward the ports
>but can't seem to make a connection. I get nothing. VNC doesn't ever come
>back. No erros, nothing. Very weird.
>
>I am using ipchains. When you make a connection through SSH does Linux
>think it's coming from the local trusted NIC? Not sure if that was clear.
>Can I just completely block that port with ipchains and as long as I can
>make the SSH connection I should be able to connect to VNC?
>
>Thanks,
>James
>
>At 12:09 PM 12/31/2001 -0500, you wrote:
> >You need to ask your SSH client to do port forwarding.  How you do that
>will
> >depend on the client.  Generally you'll ask it to, say, forward local port
> >5900 to remote port 5900. Then you tell VNC to connect to port 5900 on your
> >local machine, and SSH forwards it from there.
> >
> >Since you're running RedHat, the quickest way to keep VNC from accepting
> >outside connections would probably be to block that port off with ipchains
> >or iptables.
> >
> >-----Original Message-----
> >From: James Pifer [mailto:jamesvnclist "at" tnjinfl.com]
> >Sent: Monday, December 31, 2001 11:41 AM
> >To: vnc-list "at" uk.research.att.com
> >Subject: SSH Windows to Linux
> >
> >
> >I know this has been asked before, but I'm not finding my answer so far.
> >I've also read through the docs, but the holiday drinking must have made my
> >brain a little mushy.
> >
> >I have a Redhat 7.2 server that I'm going to stick on the net. For this
> >reason I obviously need it secure. Like many others, we're a windows shop
> >not Linux. I can't figure out how to connect from a windows PC to a VNC
> >session on Linux over SSH.
> >
> >I have SSH running on Redhat and can connect to it from two different
> >Windows SSH clients. When I connect I get the $ prompt like a terminal
> >session.
> >
> >How to a make a VNC connection?
> >
> >Also, how do I make sure that VNC will not accept normal connections?
> >
> >I've used Zebedee on windows in the past and then used the authosts
> >registry setting to limit only connections from the local machine.
> >
> >Thanks.
> >James
> >---------------------------------------------------------------------
> >To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
> >'unsubscribe vnc-list' in the message BODY
> >See also: http://www.uk.research.att.com/vnc/intouch.html
> >---------------------------------------------------------------------
> >---------------------------------------------------------------------
> >To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
> >'unsubscribe vnc-list' in the message BODY
> >See also: http://www.uk.research.att.com/vnc/intouch.html
> >---------------------------------------------------------------------
>---------------------------------------------------------------------
>To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
>'unsubscribe vnc-list' in the message BODY
>See also: http://www.uk.research.att.com/vnc/intouch.html
>---------------------------------------------------------------------
>---------------------------------------------------------------------
>To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
>'unsubscribe vnc-list' in the message BODY
>See also: http://www.uk.research.att.com/vnc/intouch.html
>---------------------------------------------------------------------
>---------------------------------------------------------------------
>To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
>'unsubscribe vnc-list' in the message BODY
>See also: http://www.uk.research.att.com/vnc/intouch.html
>---------------------------------------------------------------------
>---------------------------------------------------------------------
>To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
>'unsubscribe vnc-list' in the message BODY
>See also: http://www.uk.research.att.com/vnc/intouch.html
>---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------