OK I tried this and, as I thought, it did not work. I believe this is the
reason:
How will my localhost web server know what a remore web server (on another
port) runs?
If we use the second vnc x-display as an example:
The java apps run on the remote host at port 5802. SSH forwards port 5902 to
remotehost:5902. Remotehost may know that the java vnc runs on port 5802 but
my localhost can never find this out as I try http://localhost:5802!
http://localhost:5902 will not work either as per the vnc documentation (I
tried it anyway). I get a server not found error in netscape and the page is
redirected to a search engine.
If I forward local port 5902 to remote port 5802, I get a netscape error telling
me I have a "network error: broken pipe". The ssh verbose tells me the same
"bla bla" message.
If I go directly to remoteport:5802, I get the vnc java application
(unencrypted, naturally).
I have verified my version of ssh as follow:
remote host runs Linux Mandrake 6.2 with:
SSH Version OpenSSH_2.1.1 Protocol version 1.5/2.0 compiled with SSL
(0x0090581f)
local host runs Linux RedHat 7.0 with:
SSH Version OpenSSH_2.2.0p1 protocol version 1.5/2.0 compiled with SSL
(0x0090581f)
ssh_config and sshd_config files on both workstations are the same.
Any more ideas?
Serge
On Wed, 20 Dec 2000, you wrote: > Two thoughts:
>
> 1. If you are run VNC Server on the same host as SSHD (which it appears you
> are), you have to enable "Loopback" connections with VNC. Because of the
> SSH tunnel, the VNC server sees that the connection is coming from the SSHD
> server. If they're the same host, it is a loopback connection.
>
> 2. If you are planning on using the Java viewer, you have to run VNC on the
> remote server on the same port you want to use for the redirection.
> For example:
> You run VNC Server on port 5920 (so HTTP server runs on port 5820). You
> make your ssh connection with "ssh -L 5920:remote_ip:5920 remote_ip" and
> then connection to http://localhost:5820/.
> The reasoning behind this is: the HTTP server that serves up the Java applet
> "knows" that VNC Server is running on a port 100 more than itself (5820 +
> 100 = 5920). If you are proxying the HTTP port as something like 5825, the
> server still sees that it is running on port 5820 even though the client
> sees it as running on port 5825. The client is expecting (because you
> proxied it that way with SSH) the VNC Server to be running on port 5925, but
> the Java applet will be redirected to port 5920 because that's what the HTTP
> server "knows" VNC to be running on. Since you haven't proxied port 5920,
> but 5925, it will not work.
>
> I know that's a weird concept to explain. If it doesn't make sense, let me
> know.
>
> Mike Erdely
> mailto:[EMAIL PROTECTED]
> http://mike.erdelynet.com/
>
> ----- Original Message -----
> From: "Serge Dutremble" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, December 18, 2000 1:22 PM
> Subject: VNC and SSH
>
>
> > I have been attempting to use VNC through SSH for a few weeks with no
> results.
> >
> > Some responses from the list have suggested I should redirect both the
> 58XX and
> > 59XX ports in order to get it to work but I get the same result. The
> > instructions in the VNC documentation do not suggest it may be necessary
> at all
> > anyway. I think I have to redirect port 59XX is I use the vnc viewer and
> port
> > 58XX if I want to use the http java viewer. I am not attemting to use
> both at
> > this time but would just like to get at least one going.
> >
> > I try the following on a Linux RH 7.0 workstation:
> >
> > ssh -L 5910:remote_ip:5901 remote_ip
> > I get validated by remote_ip (a Mandrake 6.2 workstation)
> >
> > Then I try on another terminal window:
> > vncviewer localhost:10
> >
> > I get a "vncviewer: VNC server closed connection" message locally while I
> get a
> > "channel_open_failure: 2: reason 1: bla bla" message on remote_ip.
> >
> > The command vncviewer remote_ip:1 works fine (but naturrally not
> encrypted).
> >
> > Doesn't make much sense to me.
> >
> > Can anyone help?
> >
> > Serge.
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
> ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> ---------------------------------------------------------------------
> ____________________________________________________________
> Get your free domain name and domain-based e-mail from
> Namezero.com. New! Namezero Plus domains now available.
> Find out more at: http://www.namezero.com
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
