My goal is NOT to use the java client.
OK. I tried this and got again the same error:
I did:
1. "ssh -L 5910:RemoteServerIP:5902 RemoteServerIP"
2. got validated by SSH.
3. on a separate terminal, I did "vncviewer localhost:10"
4. got the "bla bla" error on the ssh server window
5. got a "vncviewer: vncserver closed connection" message on the client window.
I have the same result when using the vnc from orl and the tight encoder
version with the -tunnel switch.
I seem to get the connection but it fails because the "channel" can not be
opened. I do not know why. Note that I seem NOT to be able to redirect ANY
ports so this may not be a vnc problem but a ssh problem after all.
Now, although I am not pursuing the java client connection at this time, I do
not think your method would actually connect to the java server if you use the
command http://remotehost:5902 This seems to me to be just a straight
connection to the remote java vnc server without even using the ssh tunnel.
If I do that command without even bothering with the ssh redirection, I do get
the response from the server as expected. Did you jsut do a type there or am I
just confused.
Serge.
On Wed, 20 Dec 2000, you wrote:
> Is your goal to use the java client from a web browser? If not, let's
> abandon that line of thinking now.
>
> First of all, find out what port VNC Server is running on. Make sure that
> "Allow Loopback" is enabled.
> >From the client, run "ssh -L 5920:localhost:5902 remotehost" This assumes
> that VNC Server is running on port 5902 on the remote host. Also,
> localhost, in this context, is referring to "localhost" from the SSH
> Server's point of view... meaning: itself. Now, connect, from the client,
> to localhost:20 using the vncviewer.
>
> Now, if your goal _IS_ to use the java client from a web browser, make sure
> that 1. VNC Server _IS_ running on 5902. Also make sure that nothing is
> running on the client machine on ports 5902 or 5802. Now, make your ssh
> connection like this: ssh -L 5902:localhost:5902 -L 5802:localhost:5802
> remotehost. Next, use your web browser and connect to
> http://remotehost:5802/. Bingo.
>
> -ME
>
> ----- Original Message -----
> From: "Serge Dutremble" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, December 20, 2000 10:30 AM
> Subject: Re: VNC and SSH
>
>
> > OK I tried this and, as I thought, it did not work. I believe this is the
> > reason:
> >
> > How will my localhost web server know what a remore web server (on another
> > port) runs?
> >
> > If we use the second vnc x-display as an example:
> > The java apps run on the remote host at port 5802. SSH forwards port 5902
> to
> > remotehost:5902. Remotehost may know that the java vnc runs on port 5802
> but
> > my localhost can never find this out as I try http://localhost:5802!
> > http://localhost:5902 will not work either as per the vnc documentation (I
> > tried it anyway). I get a server not found error in netscape and the page
> is
> > redirected to a search engine.
> >
> > If I forward local port 5902 to remote port 5802, I get a netscape error
> telling
> > me I have a "network error: broken pipe". The ssh verbose tells me the
> same
> > "bla bla" message.
> >
> > If I go directly to remoteport:5802, I get the vnc java application
> > (unencrypted, naturally).
> >
> > I have verified my version of ssh as follow:
> >
> > remote host runs Linux Mandrake 6.2 with:
> > SSH Version OpenSSH_2.1.1 Protocol version 1.5/2.0 compiled with SSL
> > (0x0090581f)
> >
> > local host runs Linux RedHat 7.0 with:
> > SSH Version OpenSSH_2.2.0p1 protocol version 1.5/2.0 compiled with SSL
> > (0x0090581f)
> >
> > ssh_config and sshd_config files on both workstations are the same.
> >
> > Any more ideas?
> >
> > Serge
> >
> > On Wed, 20 Dec 2000, you wrote: > Two thoughts:
> > >
> > > 1. If you are run VNC Server on the same host as SSHD (which it appears
> you
> > > are), you have to enable "Loopback" connections with VNC. Because of
> the
> > > SSH tunnel, the VNC server sees that the connection is coming from the
> SSHD
> > > server. If they're the same host, it is a loopback connection.
> > >
> > > 2. If you are planning on using the Java viewer, you have to run VNC on
> the
> > > remote server on the same port you want to use for the redirection.
> > > For example:
> > > You run VNC Server on port 5920 (so HTTP server runs on port 5820).
> You
> > > make your ssh connection with "ssh -L 5920:remote_ip:5920 remote_ip" and
> > > then connection to http://localhost:5820/.
> > > The reasoning behind this is: the HTTP server that serves up the Java
> applet
> > > "knows" that VNC Server is running on a port 100 more than itself (5820
> +
> > > 100 = 5920). If you are proxying the HTTP port as something like 5825,
> the
> > > server still sees that it is running on port 5820 even though the client
> > > sees it as running on port 5825. The client is expecting (because you
> > > proxied it that way with SSH) the VNC Server to be running on port 5925,
> but
> > > the Java applet will be redirected to port 5920 because that's what the
> HTTP
> > > server "knows" VNC to be running on. Since you haven't proxied port
> 5920,
> > > but 5925, it will not work.
> > >
> > > I know that's a weird concept to explain. If it doesn't make sense, let
> me
> > > know.
> > >
> > > Mike Erdely
> > > mailto:[EMAIL PROTECTED]
> > > http://mike.erdelynet.com/
> > >
> > > ----- Original Message -----
> > > From: "Serge Dutremble" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>
> > > Sent: Monday, December 18, 2000 1:22 PM
> > > Subject: VNC and SSH
> > >
> > >
> > > > I have been attempting to use VNC through SSH for a few weeks with no
> > > results.
> > > >
> > > > Some responses from the list have suggested I should redirect both the
> > > 58XX and
> > > > 59XX ports in order to get it to work but I get the same result. The
> > > > instructions in the VNC documentation do not suggest it may be
> necessary
> > > at all
> > > > anyway. I think I have to redirect port 59XX is I use the vnc viewer
> and
> > > port
> > > > 58XX if I want to use the http java viewer. I am not attemting to use
> > > both at
> > > > this time but would just like to get at least one going.
> > > >
> > > > I try the following on a Linux RH 7.0 workstation:
> > > >
> > > > ssh -L 5910:remote_ip:5901 remote_ip
> > > > I get validated by remote_ip (a Mandrake 6.2 workstation)
> > > >
> > > > Then I try on another terminal window:
> > > > vncviewer localhost:10
> > > >
> > > > I get a "vncviewer: VNC server closed connection" message locally
> while I
> > > get a
> > > > "channel_open_failure: 2: reason 1: bla bla" message on remote_ip.
> > > >
> > > > The command vncviewer remote_ip:1 works fine (but naturrally not
> > > encrypted).
> > > >
> > > > Doesn't make much sense to me.
> > > >
> > > > Can anyone help?
> > > >
> > > > Serge.
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > > > to [EMAIL PROTECTED]
> > > > See also: http://www.uk.research.att.com/vnc/intouch.html
> > > > ---------------------------------------------------------------------
> > > ---------------------------------------------------------------------
> > > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > > to [EMAIL PROTECTED]
> > > See also: http://www.uk.research.att.com/vnc/intouch.html
> > > ---------------------------------------------------------------------
> > > ____________________________________________________________
> > > Get your free domain name and domain-based e-mail from
> > > Namezero.com. New! Namezero Plus domains now available.
> > > Find out more at: http://www.namezero.com
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
> ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> ---------------------------------------------------------------------
> ____________________________________________________________
> Get your free domain name and domain-based e-mail from
> Namezero.com. New! Namezero Plus domains now available.
> Find out more at: http://www.namezero.com
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
