> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Polak, Jon > A question for the experts.... > > I have successfully set up the ssh tunnel to my Xvnc server > using plink as > follows: > > C:\Program Files\putty\plink.exe -ssh2 -C xxx.xxx.xxx.xxx -L > 5901:xxx.xxx.xxx.xxx:5901 > > Xvnc is configured to reply in inetd mode using this inetd.conf entry: > > vnc-med stream tcp nowait root /usr/local/bin/Xvnc Xvnc > -localhost -inetd > -query localhost -once -geometry 1280x1024 -depth 24 -dpi 100 > > The problem is that although I am using the -localhost > parameter on the > inetd.conf entry, I can still connect directly to the port > 5901 Xvnc server > which would allow my users to bypass the ssh tunnel. > > Can someone tell me if I am doing something obviously wrong > here? Is there > a conflict using "-localhost" as well as "-query localhost" > > Thanks > Jon Polak
I would think that -localhost would be ignored under inetd because the communication is through a socket to inetd and Xvnc doesn't listen to any ports (if I understand correctly). Why not use the inetd functionality to only allow localhost to connect (as suggested at http://www.dei.isep.ipp.pt/~andre/extern/ixvnc.htm )? I would offer an example, but it has been a while since I've used inetd instead of Xinetd. -- William Hooper _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
