Beginner VNC User - About to have a baby!
Fri Sep 19 23:08:00 2003
> Regarding your remote-access question: you can't do it
> (with VNC) without the support of your company's IT staff. Sorry.
> You have to admit it'd question the integrity of your company's
> IT policy if "ordinary" users could arbitrarily install VNC and
> access their PC's externally. :) Also, please know that while
> SSH can secure VNC traffic and improve the authentication of the
> connection, it doesn't help at all with "breeching" the firewall
> defenses of your company.
SSH most certainly can help with this!!
I have an ADSL router at home with no 'holes' in it (i.e. I have no port
forwards through it to computers inside my NAT), yet I regularly connect
to my two laptops from outside (using VNC onto port 5900, and
straight-forward SSH onto port 22, of any machine I choose).
The key is to use a *remote* port forward, initiated beforehand using
SSH (client) from the machine(s) within the NAT/firewall, onto an
external machine which is running an SSH server (-you don't even need an
SSH server on your own machine). Then, later on when outside the
NAT/firewall, you point the viewer to the appropriate port on the
external machine instead of trying to contact your own machine. The
remote port forward which is set up on that external machine then sends
all data back to your machine residing behind the apparently
This requires *no* support from 'company IT staff', and no configuration
of ports on your/their router/NAT/firewall.
If anyone needs more details, let me know...