Assume that you have user 'vncuser' on a remote host, here is how you get it to work:
1) ssh -L 5801:vncserver:5900 -N -T -c blowfish [EMAIL PROTECTED] -L sets up a dummy listening port on localhost ,which in this case 5801, relays the traffic to vncserver port 5900 -c uses a blowfish encryption algorithm -N disables remote command execution on remote host -T disable pseudo-tty allocation on remote host 2) vncviewer 127.0.0.1:5801 :) Nawapong Nakjang IT Security Specialist Security Team, Network Operation Center KSC Commercial Internet Co, Ltd. E-Mail: [EMAIL PROTECTED] -----Original Message----- From: Jose Guevarra [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 15, 2003 11:09 AM To: Security-Basics Subject: SSH port forwarding not working? Hi, I was using SSH to encrypt a VNC session. For some reason, even though I seem to encrypt the session it doesn't work. I do $> ssh -2C -L 5801:vncserver:5801 localhost this opens a port on my machine ( port 5801) to the vnc port on the vncserver. I try to connect to it via vncviewer $> vncviewer localhost:1 That doesn't work. Decided to do the same thing with the SMTP port on the same machine just to test if it worked and it was encrypted. I loaded up Ethereal, started a capture, then sent an email via commandline SMTP commands. when I looked at the session packets, they were all in plain-text? So is this working or not? I also noticed that connecting to the SMTP port sort of took a while to initiate. Could VNCviewer be timing out before the session could be made. thanx, ------------------------------------------------------------------------ --- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
