Don't entirely give up on SSH. It's not too hard to script a connection. I currently use my *nix firewall as a middle point. I connect to it from both the client and the server. I do a server initiated connect to a listening vncviewer.
I am not clear on the requirements for your process. Is it many to many or 1 server to many viewers or the reverse? In my environment the goal was end user initiated, many to many (1 admin connection at a time, but to and from anywhere in the world). By using vncviewer, putty, and my scripts for each side, I have the user log into my firewall (there are ways to limit the shell access) and initiate a server connect to localhost. I then meet them from any workstation by having my tunnel running with my vncviewer listening on localhost. It does not matter, whether I am within my network, home or abroad, I can get access. It works, even, when your user is behind a nat box in a remote office. I use passwords by phone, but keys are easily done, too. The added advantage is my firewall does not need to port forward anymore, I am now using SSH to do the forward on demand, with a password, much safer! And if you do not need standard client initiated connections, use the LoopbackOnly key and force the need for the tunnel. !!! I have found one issue, though. My scripts use the command line for putty and the window locks up when I use the mouse on it. I don't know why, yet. Just never touch the putty command box from the remote ( such as minimize ), right click on the taskbar box for the window and adjust it from there!!! I have posted my issue, but no one has replied. Joe Kexel -- VNC and SSH, an explosive combination!! -- Apologies to Captain James Tiberius Kirk, USS Enterprise. Michael Kreykenbohm said: >> Because of the situation I am in, I need to be able to run a secure >> VNC channel across the internet, from any computer, not >> just one with special software. The setup is that it can be >> turned on only when required. >> >> This lead me to chose https as the secure protocol to the apache server, >> the apache server and firewall then pipe this via http to the VNC >> server. >> Return packets use the proxy. >> >> My test environment is from a another private network using NAT to get >> to >> the web server >> >> I get to enter the password screen, then I get the Java message about >> "no Route to Host". No message traffic is going through the firewall >> between the client and >> the server so it must be the applet itself that is having problems, >> resolving between the >> 2 private networks. >> >> I would appreciate any advice on teaking this to get it working and >> maintaining a high level of >> security. >> >> I considered VPN, and SSH, but this would require special setups. >> >> Mike. > > [demime 0.99d.1 removed an attachment of type application/ms-tnef which > had a name of winmail.dat] > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
