Thin client security presentation

Michael Ossmann michael.ossmann "at" alttech.com
Wed, 06 Mar 2002 19:17:02 +0000


On Wed, Mar 06, 2002 at 10:00:14AM -0500, Janyne Kizer wrote:
> What are you thoughts on the security of running from Windows PC ->
> Linux via SSH?  
> 
> For example, from Windows:
> 
> ssh2 -L 5901:my.vnc.server:5900 my.vnc.server -l userid
> 
> Then fire up VNC and connect to localhost:1

That is arguably the most secure way you could use VNC, as long as you
prevent direct (non-ssh) connections with the -localhost option of
Xvnc/vncserver.  Also, you'll have to use "localhost" as the remote host
name in your forwarding:

  ssh2 -L 5901:localhost:5900 my.vnc.server -l userid

-- 
Mike Ossmann, Tarantella/UNIX Engineer/Instructor
Alternative Technology, Inc.  http://www.alttech.com/
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------