Yep That should work too, I usually do it as follows because 1/ I dont have full shell access on bob. 2/ Establishing a tunnel that allows an ssh connection end-to-end means that scp can easily be used if file transfer is reqd.
> from alice: ssh -L 4444:charlie:22 bob > > now from alice again, leaving above session running > > ssh -p 4444 5901:localhost:5901 localhost > > then vncviewer localhost:1 Cheers Tim McGarry ----- Original Message ----- From: "Robin Hill" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, November 17, 2002 5:01 PM Subject: Re: ssh with localhost > On Sat Nov 16, 2002 at 03:49:01PM -0700, Scott Hyde <[EMAIL PROTECTED]> wrote: > > > Suppose that Charlie is not available to the internet as a whole, but Bob > > is able to access Charlie through ssh. Bob is connected to the internet > > so Alice can connect to Bob through ssh. However, Alice can't connect to > > Charlie directly, but through Bob. > > > > Suppose Charlie has vncserver with the -localhost option running. How can > > Alice connect to Charlie with vncviewer? > > > You don't want vncserver running with the -localhost option here. The > ssh tunnel will link Alice to Bob, then a clear connection will be made > from Bob to Charlie. This means Charlie will see the connection as > coming from Bob so needs to listen on the standard port. You only want > the -localhost option when the ssh server is running on the same machine > as the vncserver. > > > I've tried the following two commands without luck > > > > ssh -L 5901:bob:8989 bob > > then in the ssh shell for bob type > > > > ssh -L 8989:localhost:5901 charlie > > > > But it doesn't seem to work. > > > > > > -Scott > > Try > ssh -L 5901:charlie:5901 bob > so port 5901 locally is forwarded to port 5901 on Charlie, routed via > the ssh tunnel to Bob. > > Of course, if you're trying to get the entire connection encrypted then > it gets more complicated. Then you do want the remote system running > vncserver with -localhost and you'll need two tunnels: > ssh -L 5901:localhost:8989 bob > and then, from bob: > ssh -L 8989:localhost:5901 charlie > though I've not tried it myself. > > Cheers, > Robin > > -- > ___ > ( ' } | Robin Hill <[EMAIL PROTECTED]> | > / / ) | Little Jim says .... | > // !! | "He fallen in de water !!" | > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
