Java Eclipse Linux Operating Systems Web Technology Software Software Engineering Computing Societies

mykek.com OS Resources: Hints and Tips

VNC hints

Setting up RealVNC to tunnel through SSH on Windows

VNC is a very useful protocol for remotely controlling a machine. There are many free implementations, such as RealVNC and TightVNC. However, most of the free implementations are not secure. But it is possible to use the tunneling support of SSH to provide secure and encrypted access to the machine. (Note: commercial version of RealVNC and UltraVNC provides encryption. However, I have no first hand experience with them.)

Instructions for RealVNC v4 Free Edition

  1. On the machine that will be made accessible from the client machine, set up sshd, either by , or by downloading cygwin and then Setting up sshd Note:
  2. Set up your router and your firewalls to allow access to ssh port (22 by default, or whatever port sshd was configured to run on on your system) on the machine on which sshd is running. It is also a good idea to limit access to other ports on that machine for better security.
  3. On your client machine, set up a connection to ssh using ssh
    ssh -L 5901:127.0.0.1:5900 user@ssh-server-ip
    The 127.0.0.1 indicates that VNC is running on the same machine as the VNC server (if VNC is running on a different machine, substitute the address of the machine as seen by sshd). 5901 is the port on the client machine whose traffic is to be tunneled. 5900 is the port on which VNC server will listen for traffic on the VNC machine. user is the user name that we will connect to the ssh machine as, and ssh-sever-ip is the address of the machine on which sshd is running. Enter the password for user when prompted.
  4. From the client machine, invoke the VNC client and try to connect to localhost:1. Type in the VNC password as usual.

References: SSH VNC Tunneling


Written by Mike Kwong