ssh with localhost

Tim McGarry tim@mcgarry.ch
Mon Nov 18 21:26:00 2002


Yep

That should work too, I usually do it as follows because 1/ I dont have full
shell access on bob. 2/ Establishing a tunnel that allows an ssh connection
end-to-end means that scp can easily be used if file transfer is reqd.


> from alice:    ssh -L 4444:charlie:22 bob
>
> now from  alice again, leaving above session running
>
> ssh -p 4444 5901:localhost:5901 localhost
>
> then vncviewer localhost:1

Cheers

Tim McGarry

----- Original Message -----
From: "Robin Hill" <robin@robinhill.me.uk>
To: <vnc-list@realvnc.com>
Sent: Sunday, November 17, 2002 5:01 PM
Subject: Re: ssh with localhost


> On Sat Nov 16, 2002 at 03:49:01PM -0700, Scott Hyde
<hyde@gauss.math.montana.edu> wrote:
>
> > Suppose that Charlie is not available to the internet as a whole, but
Bob
> > is able to access Charlie through ssh.  Bob is connected to the internet
> > so Alice can connect to Bob through ssh.  However, Alice can't connect
to
> > Charlie directly, but through Bob.
> >
> > Suppose Charlie has vncserver with the -localhost option running.  How
can
> > Alice connect to Charlie with vncviewer?
> >
> You don't want vncserver running with the -localhost option here.  The
> ssh tunnel will link Alice to Bob, then a clear connection will be made
> from Bob to Charlie.  This means Charlie will see the connection as
> coming from Bob so needs to listen on the standard port.  You only want
> the -localhost option when the ssh server is running on the same machine
> as the vncserver.
>
> > I've tried the following two commands without luck
> >
> > ssh -L 5901:bob:8989 bob
> > then in the ssh shell for bob type
> >
> > ssh -L 8989:localhost:5901 charlie
> >
> > But it doesn't seem to work.
> >
> >
> > -Scott
>
> Try
>         ssh -L 5901:charlie:5901 bob
> so port 5901 locally is forwarded to port 5901 on Charlie, routed via
> the ssh tunnel to Bob.
>
> Of course, if you're trying to get the entire connection encrypted then
> it gets more complicated.  Then you do want the remote system running
> vncserver with -localhost and you'll need two tunnels:
>         ssh -L 5901:localhost:8989 bob
> and then, from bob:
>         ssh -L 8989:localhost:5901 charlie
> though I've not tried it myself.
>
> Cheers,
>         Robin
>
> --
>      ___
>     ( ' }     |       Robin Hill        <robin@robinhill.me.uk> |
>    / / )      | Little Jim says ....                            |
>   // !!       |      "He fallen in de water !!"                 |
> _______________________________________________
> VNC-List mailing list
> VNC-List@realvnc.com
> http://www.realvnc.com/mailman/listinfo/vnc-list