Verify a correctly configured tunnel - SSH

This is a discussion on Verify a correctly configured tunnel - SSH ; I am on an XP laptop trying to create a tunnel to a VNC server on a remote Linux machine. I think I have my laptop configured correctly (using SSH Secure Shell and tightVNC viewer). I started a vncserver on ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Verify a correctly configured tunnel

  1. Verify a correctly configured tunnel

    I am on an XP laptop trying to create a tunnel to a VNC server on a
    remote Linux machine. I think I have my laptop configured correctly
    (using SSH Secure Shell and tightVNC viewer). I started a vncserver on
    the remote machine via an SSH terminal. The whole VNC connection
    worked fine, I had a remote desktop and could work just fine.

    My question(s) is (are) basically: How can I verify that I am actually
    using the tunnel I think I set up? Is there a way to check that I am
    communicating securely? Also, it wasn't clear to me that I needed to
    set up some sort of SSH action on the remote machine. I don't
    administer that machine, so can't necessarily change any settings, but
    wondered if I needed to do some sort of 'ssh -R xxx:xxx:xxx' thing
    (clearly I am new at this!).

    I will gladly provide more information if it's helpful. Hope my
    questions are clear and would appreciate any guidance or links to
    further information. There was a good deal of info on VNC/SSH but all
    the setups described seemed quite platform/tool/port/etc dependent.

    Thanks in advance...


  2. Re: Verify a correctly configured tunnel


    Joseph wrote:

    > I am on an XP laptop trying to create a tunnel to a VNC server on a
    > remote Linux machine. I think I have my laptop configured correctly
    > (using SSH Secure Shell and tightVNC viewer). I started a vncserver on
    > the remote machine via an SSH terminal. The whole VNC connection
    > worked fine, I had a remote desktop and could work just fine.
    >
    > My question(s) is (are) basically: How can I verify that I am actually
    > using the tunnel I think I set up?


    If your client VNC is using as server "localhost:1" or "127.0.0.1:1"
    (the same thing) then you are using the tunnel. Any address of your PC
    can be used, if on the other hand you used your server's address, then
    you are not using the tunnel.

    > Is there a way to check that I am communicating securely?


    Yes, several.

    - On a terminal (a.k.a. command prompt) use netstat, you should see a
    connection between your server and your PC, and the connection is not
    using the VNC port (590x). To make sure it is a port used by ssh
    you'll have to use "netstat -b" to see the process using the port.

    - You could snoop on the traffic and see all the scrambled
    communications. For this you need to install a couple of packages, so
    it is not that easy.

    > Also, it wasn't clear to me that I needed to
    > set up some sort of SSH action on the remote machine.


    No.

    > I don't administer that machine, so can't necessarily change any settings, but
    > wondered if I needed to do some sort of 'ssh -R xxx:xxx:xxx' thing
    > (clearly I am new at this!).
    >
    > I will gladly provide more information if it's helpful. Hope my
    > questions are clear and would appreciate any guidance or links to
    > further information. There was a good deal of info on VNC/SSH but all
    > the setups described seemed quite platform/tool/port/etc dependent.


    A tunnel is so simple it looks like something else has to be done, but
    nothing is needed (other than setting the server).
    --
    René Berber


  3. Re: Verify a correctly configured tunnel

    Thanks Rene, I feel a bit better about my setup now. Much
    appreciated...

    Joey

    > > My question(s) is (are) basically: How can I verify that I am actually
    > > using the tunnel I think I set up?

    >
    > If your client VNC is using as server "localhost:1" or "127.0.0.1:1"
    > (the same thing) then you are using the tunnel. Any address of your PC
    > can be used, if on the other hand you used your server's address, then
    > you are not using the tunnel.


    >
    > A tunnel is so simple it looks like something else has to be done, but
    > nothing is needed (other than setting the server).
    > --
    > René Berber



+ Reply to Thread