Sep 07

VPN on the cheap… Using PUTTY to tunnel VNC through SSH (Part 2)

Tag: Infrastructure — September 7, 2009 @ 2:31 pm
Author:

Jason Cooper

I’ve been a C/D/H consultant for five years. I have the dual distinction of being both C/D/H’s first Southeast Michigan consultant AND our first VMware Certified Professional. Specializing in desktop management and virtualization, projects involving MetaFrame or ZENworks or VMware expose me to almost every corner of the enterprise, from messaging to networking to collaboration.

Technology is what I work at. Family and music are what I work for. In my copious spare time I enjoy gardening, camping, and cycling. I play guitar and a little harmonica, sometimes simultaneously. It occurs to me that I could duct tape a tambourine to my knee, but that would just be too weird.

More about Jason
Articles by Jason Cooper

 

Linux SSH combined with PUTTY offers a low cost, secure method for accessing unsecured protocols remotely.  Using secured port 22 and a SSH enabled server, you can access a Windows host running VNC (and other services) on the same protected LAN as the Linux host.

 

At this point, you have an SSH host, a router, and VNC host.  The configuration of PUTTY is actually quite simple.   You have to know the ports in use, in this case by VNC (TCP 5900).   I’ve successfully used this method with Citrix ICA (TCP 1494), FTP (TCP 21), TELNET (TCP 23) and SMTP (TCP 25) sessions. 

 

I’ve not been successful getting Novell Remote Manager to work (using HTTP or HTTPS).  I’ve also failed to connect to Dell Remote Access Controller (DRAC) sessions, again using HTTP and HTTPS.  I believe this is related to the routers in question, not so much the applications themselves.

 

In the PUTTY configuration “Session” category, enter the router IP Address.  The connection type is SSH using port 22.  (It’s a good idea to save this session for future use.  Assign a unique name and Save the session.  Use the Load button later to recall saved settings.)

 

 

putty part 2 pic 1 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

In the Connection category, expand SSH and select Tunnels.  In the “Add new forwarded port” section, enter the “Source port” (5900).  For Destination, enter the IP address of the VNC host followed by the port (in this example 10.22.70.103:5900).  Click Add to apply the settings.

 

 

putty part 2 pic 2 

 

 

 

 

 

 

Correctly configured, the Tunnel session should look like this:

 

 

putty 2 pic 3 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

At this point, you should scroll back up to Session in the Category pane and Save the session.  Open the saved session to initiate the SHH connection.  Login to the shell running on the SSH host.  When you’re at the shell prompt, you can minimize PUTTY–you have to keep the session open for the tunnel to be maintained.

 

In Part 3, the “trick” that makes the VNC client connect to the proxied connection.  I’ll also talk about Remote Desktop and a couple of tricks that expand the usefulness of this tool even further.

Leave a Reply