SSH, VNC, Windows

Michael Ossmann michael.ossmann "at" alttech.com
Wed, 09 Jan 2002 17:24:16 +0000


Yes, at least when you are using SSH for TCP port forwarding (which is
generally the case).

On Wed, Jan 09, 2002 at 10:56:19AM -0500, Alex Angelopoulos wrote:
> A semi-topical clarification question...
> 
> Is this the standard method for settting apps up to use SSH? "relay" through a loopback to a local SSH service?
> 
> ----- Original Message ----- 
> From: "Michael Ossmann" <michael.ossmann "at" alttech.com>
> To: <vnc-list "at" uk.research.att.com>
> Sent: Tuesday/2002 January 08 19:56
> Subject: Re: SSH, VNC, Windows
> 
> 
> : On Tue, Jan 08, 2002 at 04:36:19PM -0500, Boyd D. Mills wrote:
> : > 
> : > The requirement is to ENFORCE secure access to VNC through the web
> : > browser.  The first thing is to configure OpenSSH on the server
> : > machine to effectively sit between VNC server and the remote browser
> : > machine.  The second (hopefully two in the same) is to disable
> : > unsecure connections to VNC.
> : 
> : Take a look at the AllowLoopback and AuthHosts advanced options:
> : 
> : http://www.uk.research.att.com/vnc/winvnc.html
> : 
> : If you allow loopback access and deny all hosts except 127.0.0.1, you
> : can limit network access to those being forwarded by SSH.  This will
> : also allow unencrypted connections from the localhost, but that probably
> : is not a problem.
> : 
> : -- 
> : Mike Ossmann, Tarantella/UNIX Engineer/Instructor
> : Alternative Technology, Inc.  http://www.alttech.com/
> : ---------------------------------------------------------------------
> : To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
> : 'unsubscribe vnc-list' in the message BODY
> : See also: http://www.uk.research.att.com/vnc/intouch.html
> : ---------------------------------------------------------------------
> ---------------------------------------------------------------------
> To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
> 'unsubscribe vnc-list' in the message BODY
> See also: http://www.uk.research.att.com/vnc/intouch.html
> ---------------------------------------------------------------------

-- 
Mike Ossmann, Tarantella/UNIX Engineer/Instructor
Alternative Technology, Inc.  http://www.alttech.com/
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------