It's common, yes. It's called "TCP tunnelling". You have the app connect to an ssh client that's listening on a local port, then the ssh client forwards it through an encrypted tunnel to the remote end, where it's connected to a local or remote port. It's useful because the app doesn't have to "understand" anything about ssh or encryption.
-----Original Message----- From: Alex Angelopoulos [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 10:56 AM To: [EMAIL PROTECTED] Subject: Re: SSH, VNC, Windows A semi-topical clarification question... Is this the standard method for settting apps up to use SSH? "relay" through a loopback to a local SSH service? ----- Original Message ----- From: "Michael Ossmann" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday/2002 January 08 19:56 Subject: Re: SSH, VNC, Windows : On Tue, Jan 08, 2002 at 04:36:19PM -0500, Boyd D. Mills wrote: : > : > The requirement is to ENFORCE secure access to VNC through the web : > browser. The first thing is to configure OpenSSH on the server : > machine to effectively sit between VNC server and the remote browser : > machine. The second (hopefully two in the same) is to disable : > unsecure connections to VNC. : : Take a look at the AllowLoopback and AuthHosts advanced options: : : http://www.uk.research.att.com/vnc/winvnc.html : : If you allow loopback access and deny all hosts except 127.0.0.1, you : can limit network access to those being forwarded by SSH. This will : also allow unencrypted connections from the localhost, but that probably : is not a problem. : : -- : Mike Ossmann, Tarantella/UNIX Engineer/Instructor : Alternative Technology, Inc. http://www.alttech.com/ : --------------------------------------------------------------------- : To unsubscribe, mail [EMAIL PROTECTED] with the line: : 'unsubscribe vnc-list' in the message BODY : See also: http://www.uk.research.att.com/vnc/intouch.html : --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
