Hi Simon, On Fri, 12 Mar 2004 17:03:26 -0000
you wrote: > im using VNC quite happily over the internet to another PC no probs. > > but this is not secure (so i read) > > so im trying to set up a SSh tunnel using Putty. > > Can someone please expalin what i need to do on the server and viewer side cos > its the first time ive heard of SSH and i think im configuring the viewer side > to use Putty but i get the error message 'network error connection refused'. > > im not sure if i have to configure the server end as well for SSH??? How are the two computers connected to the internet? I will assume that both are separated via firewalling routers. That would mean that you have both routers set up to pass connections on the vnc port through. This does two things which are not as secure as might be desired. First, it opens up the possibility for an attack on the VNC server port on your server machine. Second, when you have an active connection, it is possible to intercept the IP packets and "spy" on what you are doing. Some background on using ssh to make a more secure connection: An ssh server (or daemon) needs to run on the machine running VNC server. The ssh client (PuTTY) can then initiate an ssh session which can serve as a "tunnel" to shield your VNC connection from prying eyes. You will set it up to "listen" on the VNC sever port and to ask the ssh daemon to "pass" the connection to your VNC server process. Then you will connect the vnc client to localhost:5900+display# which causes the daemon to connect to the server process on that port. Now, assuming: PC1->router1->internet->router2->PC2 You will set up router1 and router2 to no longer allow connections on 5900+display#. Set up router1 to allow outgoing connections on port 22, the ssh port number. Set up router2 to allow incoming connections on port 22. Now you can do one of two things. First, you may run the ssh daemon on router2 or on PC2. If router2 is a unix variant, that may already be the case and, if not, it is easy to set up with an entry in the inet daemon configuration. If PC2 is a Windows machine someone else should advise you how to set up an ssh daemon service. I don't know off hand so would have to look it up. In that case you would set up router2 to pass the ssh connection on to PC2. Finally, some details can be gotten here: http://faq.gotomyvnc.com/fom-serve/cache/28.html Carlyle -- Diese E-Mail enthdlt vertrauliche und/oder rechtlich gesch|tzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrt|mlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
