Date: Fri, 12 Dec 2003 09:01:31 +0100 From: Marco Molteni <molter@tin.it> To: paul van den bergen <pvandenbergen@swin.edu.au> Cc: freebsd-net@freebsd.org Subject: Re: ssh tunnels and Xvnc - (yes, I know... What? not again!?) Message-ID: <20031212080131.GB962@cobweb.example.org> In-Reply-To: <200312121233.43680.pvandenbergen@swin.edu.au> References: <200312121233.43680.pvandenbergen@swin.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Paul,
I guess we already met on the mip6 mailing list... :-)
paul van den bergen wrote [2003-12-12]:
> Hi all,
>
> I have a situation that has not been fully addressed by the excellent
> documentation on getting ssh tunnels and remote X-windows display managers
> (like VNC) running. And my feeble brain is too damaged by the dreaded lurgy
> to make heads or tails of it.
>
> home machine (home) ---- ISP --- internet --- work firewall --- work machine1
> (additional firewall?) (work1) --- work machine 2 (desktop) (work2).
>
> I can ssh from home to the work1 and ssh from there to work2.
> home runs windows 2k and I have (full) admin access
> work1 and 2 run FreeBSD
> I have root access on work2 but not work 1
you should be able to do it in one step, no need to log into work1,
no need to run the listener... you just need your ssh public keys
in work1 and work2
from home you double tunnel:
LOCALPORT=6333
REMOTEPORT=5901
ssh -t -L $LOCALPORT:localhost:12945 work1 \
ssh -L 12945:localhost:$REMOTEPORT work2
then, always from home, you use vncviewer. You have to force the
encodings otherwise vncviewer thinks it is local and will not
compress. This syntax works fine for tightvnc
LOCALPORT=6333
vncviewer -bgr233 \
-encodings "copyrect tight hextile zlib corre rre raw" \
localhost::$LOCALPORT
marco
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031212080131.GB962>