[TriLUG] access without compromise?

David McDowell turnpike420 at gmail.com
Sun Oct 9 13:25:33 EDT 2005


No one has mentioned using Putty on your WinXP workstation yet.  Then
you can setup a tunnel for your VNC.  I use this in 2 different ways.

- At work, ssh home, tunnel VNC into another box in my internal home network

- At home on my wifi segment (separated from my internal home network)
I ssh in from there and tunnel VNC for the same purpose

1.  google putty and download putty.exe to your desktop (or wherever)
2.  launch putty
3.  enter in hostname or your home IP address, choose ssh and port 22
(presuming you are leaving ssh on port 22)
4.  enter a saved sessions name and click save, the choice should
appear in the list
5.  while those settings are still loaded, goto left menu, navigate to
Connection > SSH > Tunnels
(my presumption here is your VNC display is on display:1 or port 5901)
6.  in Source port, enter 5901
7.  in Destination, enter 192.168.1.5:5901 (fill in the internal IP of
your machine running VNC server)
8.  click Add
9.  go back and click the Session menu on the left menu
10.  click Save
11.  click Open (answer yes if first time to host like any ssh connection)
12.  login
13.  open vncviewer.exe on your WinXP desktop
14.  in the Server field, enter localhost:1 (if your display was #1 on
port 5901)
15.  enter your VNC password and enjoy VNC tunnelel through SSH

Now your only detectable session is from your WinXP box ssh'd to your
Debian box at home.  There are tons of other things people in this
group tunnel through SSH, this just happens to be the one thing I do
and use all the time.

enjoy,
David McD



On 10/8/05, Cristobal Palmer <cristobalpalmer at gmail.com> wrote:
> I'm sitting at computer foo and want to access computer bar.
>
> Bar is my home computer (debian box behind cheap-cheap motorolla
> 802.11g router behind TWC modem--and yes, I can easily set up port
> forwarding on the router) and foo is a cheap-cheap WinXP workstation.
> I don't trust the network foo is on. More importantly, it is
> *possible* that Big Brother will poke in and see what I'm doing (or
> have done) with foo, but I can install software & modify settings on
> foo.
>
> I want to be able to log into bar without compromising passwords or
> leaving anything from bar on foo that I didn't intentionally put
> there.
>
> I should mention that I regularly use a rather locked-down install of
> "RealVNC" (Win32 VNCViewer version 3.3.7, http://www.realvnc.com) to
> do what I need to do on foo, but that it won't work for accessing
> servers outside the local network. While accessing an X session on bar
> would be nice, that's not really necessary--probably a waste of
> bandwidth that isn't mine to play with, too.
>
> Mainly I want to do this to access my music from home without wasting
> money on media.
>
> :P
>
> I was thinking something like openSSH (http://sshwindows.sourceforge.net/).
>
> Is there another (easier, secure) way to access my music on bar?
>
> Thoughts/objections?
>
> TIA,
> CMP
>
> --
>
> Cristobal M. Palmer
> UNC-CH SILS Student
> cristobalpalmer at gmail.com
> cmpalmer at ils.unc.edu
> ils.unc.edu/~cmpalmer
> "Television-free since 2003"
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>



More information about the TriLUG mailing list