From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1GXLbo-0007M7-B6 for garchives@archives.gentoo.org; Tue, 10 Oct 2006 17:41:40 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.8/8.13.6) with SMTP id k9AHdbaM032141; Tue, 10 Oct 2006 17:39:37 GMT Received: from nz-out-0102.google.com (nz-out-0102.google.com [64.233.162.207]) by robin.gentoo.org (8.13.8/8.13.6) with ESMTP id k9AHXR6U001091 for ; Tue, 10 Oct 2006 17:33:28 GMT Received: by nz-out-0102.google.com with SMTP id n1so488705nzf for ; Tue, 10 Oct 2006 10:33:27 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=YQJxTUc6SWu7hTYe5oATeO9ZQjbEHnDJ/NopmxInXRfhjJUQN3ld/bBw6y9v4RJ126t9xv78HujwgIh7YpwuuimoQJZFtbN7bptUgK4IKhJ2ZPpnoK+5pz6GtM/7K3sSlwrqsVfFyg7qd3SED7RnJmx7qNqPGlHEUHMeEzv52aY= Received: by 10.65.235.7 with SMTP id m7mr12106910qbr; Tue, 10 Oct 2006 10:33:26 -0700 (PDT) Received: by 10.65.218.13 with HTTP; Tue, 10 Oct 2006 10:33:26 -0700 (PDT) Message-ID: <642958cc0610101033h5d37d0cfh48367ea964f2db3@mail.gmail.com> Date: Tue, 10 Oct 2006 13:33:26 -0400 From: "Mark Shields" To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] VNC over SSH (VNC session is non-local to SSH) In-Reply-To: <7573e9640610101013l751c2da7wa2fb303727fb1db@mail.gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_11413_377328.1160501606524" References: <642958cc0610100946x6c263c88reb8dc79a2f71cf6e@mail.gmail.com> <7573e9640610101013l751c2da7wa2fb303727fb1db@mail.gmail.com> X-Archives-Salt: da105a60-83ff-4ddc-8226-b3eb94b9b8d3 X-Archives-Hash: ea53ee55120bcedfd0e9bd75991e637a ------=_Part_11413_377328.1160501606524 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline On 10/10/06, Richard Fish wrote: > > On 10/10/06, Mark Shields wrote: > > I have a gentoo box setup as a router with 3 servers behind it (all 4 > > servers are running gentoo). Right now I simply have port 5901 to > forward > > from the router to my vnc server so I can access it remotely. I've > looked > > on the gentoo forums and online but haven't been able to find any solid > > information on how to tunnel 5901 through ssh through the router to the > vnc > > server. Basically, client -> router -> vnc server port 5901, but over > ssh. > > Any ideas? > > You want ssh port forwarding....you can read the ssh man page, but > basically you want: > > # ssh -L localhost:5901:remotehost:5901 & > # vncviewer localhost:5901 > > HTH, > -Richard > -- > gentoo-user@gentoo.org mailing list > > Thank you Richard and Mauro, but this wasn't what I was looking for. The vnc and the ssh server are not the same. I am familiar with and have no problem using the particular setup you mention; however, it will not work for what I want to accomplish. I want to tunnel vnc traffic over ssh to my router, then forward that vnc traffic to the actual vnc server. I think the problem lies somewhere in my iptables rules. I did have: /sbin/iptables -t nat -A PREROUTING -p TCP --dport 5901 -i ${WAN} -j DNAT --to 192.168.0.235:5901 , which will forward it correctly if I connect through 5901, but tunneling via SSH doesn't work. Again, I want to tunnel the vnc connection to the router, which will then forward the port 5901 traffic to the vnc server. Btw, I'm using Putty and Tightvnc on a WinXP machine (work PC) to connect to the vnc server. -- - Mark Shields ------=_Part_11413_377328.1160501606524 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline On 10/10/06, Richard Fish <bigfish@asmallpond.org> wrote:
On 10/10/06, Mark Shields <laebshade@gmail.com> wrote:
> I have a gentoo box setup as a router with 3 servers behind it (all 4
> servers are running gentoo).  Right now I simply have port 5901 to forward
> from the router to my vnc server so I can access it remotely.  I've looked
> on the gentoo forums and online but haven't been able to find any solid
> information on how to tunnel 5901 through ssh through the router to the vnc
> server.  Basically, client -> router -> vnc server port 5901, but over ssh.
> Any ideas?

You want ssh port forwarding....you can read the ssh man page, but
basically you want:

# ssh -L localhost:5901:remotehost:5901 &
# vncviewer localhost:5901

HTH,
-Richard
--
gentoo-user@gentoo.org mailing list


Thank you Richard and Mauro, but this wasn't what I was looking for.  The vnc and the ssh server are not the same.  I am familiar with and have no problem using the particular setup you mention; however, it will not work for what I want to accomplish.  I want to tunnel vnc traffic over ssh to my router, then forward that vnc traffic to the actual vnc server.  I think the problem lies somewhere in my iptables rules.  I did have: /sbin/iptables -t nat -A PREROUTING -p TCP --dport 5901 -i ${WAN} -j DNAT --to 192.168.0.235:5901 , which will forward it correctly if I connect through 5901, but tunneling via SSH doesn't work.  Again, I want to tunnel the vnc connection to the router, which will then forward the port 5901 traffic to the vnc server.

Btw, I'm using Putty and Tightvnc on a WinXP machine (work PC) to connect to the vnc server.

--
- Mark Shields ------=_Part_11413_377328.1160501606524-- -- gentoo-user@gentoo.org mailing list