Tunneling VNC over ssh
Lets say you have three systems:
1. Home laptop with vncviewer (home)
2. "Gateway" server (gateway)
3. Private server (private)
You have connectivity from home to gateway, and from gateway to private, but not from home to private due to firewall concerns etc.
You need to access VNC on private from home.
1. First get VNC running on private. On my OEL server it listens on port 5901. Probably likewise for RHEL, CentOS etc.
2. Run the following command on gateway:
ssh -g -L 6901:localhost:5901 -N -f user@private
Here are what the various options mean:
-g says allow remote hosts (i.e. home) to access local forwarded ports.
-L 6901:localhost:5901 says take a connection to port 6901 on localhost and forward to port 5901 on user@private
-N says don't execute a remote command, just forward ports.
-f says go into the background.
1. Home laptop with vncviewer (home)
2. "Gateway" server (gateway)
3. Private server (private)
You have connectivity from home to gateway, and from gateway to private, but not from home to private due to firewall concerns etc.
You need to access VNC on private from home.
1. First get VNC running on private. On my OEL server it listens on port 5901. Probably likewise for RHEL, CentOS etc.
2. Run the following command on gateway:
ssh -g -L 6901:localhost:5901 -N -f user@private
Here are what the various options mean:
-g says allow remote hosts (i.e. home) to access local forwarded ports.
-L 6901:localhost:5901 says take a connection to port 6901 on localhost and forward to port 5901 on user@private
-N says don't execute a remote command, just forward ports.
-f says go into the background.
Makes things a lot easier if you set things up for password-less ssh logins from gateway to private.
3. On home, bring up vncviewer and point it to gateway::6901 (note the double colon "::" between gateway and 6901) You should be prompted for the vnc credentials for private.
posted by Sandeep at
2:27 PM
0 Comments
