Is there any way to connect to a Windows machine that is behind a
firewall? e.g. the machine connects to my Linux machine, enabeling it to
connect from the Linux machine to the Windows machine.

--
houghi http://www.houghi.org
My experience with SuSE Linux 9.1

> The businessworld is like prison and M$ made everybody their bitch.

houghi wrote:

> Is there any way to connect to a Windows machine that is behind a
> firewall? e.g. the machine connects to my Linux machine, enabeling it to
> connect from the Linux machine to the Windows machine.
>
you can create a tunnel for a specific port (ssh for example) on a high port
number which is outside the firewall. With windows you can use putty for
this.
taco

taco wrote:
> you can create a tunnel for a specific port (ssh for example) on a high port
> number which is outside the firewall. With windows you can use putty for
> this.

OK, I will look into it.

houghi
--
You can have my keyboard ...
if you can pry it from my dead, cold, stiff fingers

houghi turned on the Etch-A-Sketch and wrote:

> taco wrote:
>> you can create a tunnel for a specific port (ssh for example) on a high
>> port number which is outside the firewall. With windows you can use putty
>> for this.
>
> OK, I will look into it.
>
> houghi

Typically you have to open the port in the firewall as well - or at least
allow it to access via ssh.

Once done, you can have your way with the guest machine - vnc, rdc,
telnet...


--
www.perfectreign.com || www.filesite.org

powered by the lizard: www.opensuse.org

PerfectReign wrote:
> houghi turned on the Etch-A-Sketch and wrote:
>
>> taco wrote:
>>> you can create a tunnel for a specific port (ssh for example) on a high
>>> port number which is outside the firewall. With windows you can use putty
>>> for this.
>>
>> OK, I will look into it.
>>
>> houghi
>
> Typically you have to open the port in the firewall as well - or at least
> allow it to access via ssh.
>
> Once done, you can have your way with the guest machine - vnc, rdc,
> telnet...

I can ssh. I can vnc. I just can't figure out how to do both at the same
time. Somehow I am thinking wrong and just don't get my head around it.

I understand the parts of the open ports, so no issue there. I can open
all ports I desire as I am now working on just my own network.

I can have root rights on both machines.
I am able to ssh from client 'penne' to server 'pizza'.
I am able to vnc from client 'penne' to server 'pizza'.
I use `vncviewer -fullscreen pizza:5901`

OK, I read the man page, start sshd on port 5599 on pizza, and I get an error:
houghi@penne : vncviewer -via ssh pizza:5901
ssh: connect to host ssh port 22: No route to host
vncviewer: Tunneling command failed: /usr/bin/ssh -f -L 5599izza:5901 ssh sleep 20.

I still get the same error. I am able to ssh to both 5599 and 5901, so
there is no firewall issue.

houghi
--
First we thought the PC was a calculator. Then we found out how to turn
numbers into letters with ASCII and we thought it was a typewriter. Then
we discovered graphics, and we thought it was television. With the World
Wide Web, we've realized it's a brochure. -- Douglas Adams.

houghi turned on the Etch-A-Sketch and wrote:

>
> I can have root rights on both machines.
> I am able to ssh from client 'penne' to server 'pizza'.
> I am able to vnc from client 'penne' to server 'pizza'.
> I use `vncviewer -fullscreen pizza:5901`
>
> OK, I read the man page, start sshd on port 5599 on pizza, and I get an
> error: houghi@penne : vncviewer -via ssh pizza:5901
> ssh: connect to host ssh port 22: No route to host
> vncviewer: Tunneling command failed: /usr/bin/ssh -f -L 5599izza:5901
> ssh sleep 20.
>
> I still get the same error. I am able to ssh to both 5599 and 5901, so
> there is no firewall issue.
>

Okay, from what I understand, if you have ssh open, then your vnc viewer
will automatically go through the ssh port when requested, you don't need
to specify it as in your second example.



--
www.perfectreign.com || www.filesite.org

powered by the lizard: www.opensuse.org

PerfectReign wrote:
>> OK, I read the man page, start sshd on port 5599 on pizza, and I get an
>> error: houghi@penne : vncviewer -via ssh pizza:5901
>> ssh: connect to host ssh port 22: No route to host
>> vncviewer: Tunneling command failed: /usr/bin/ssh -f -L 5599izza:5901
>> ssh sleep 20.
>>
>> I still get the same error. I am able to ssh to both 5599 and 5901, so
>> there is no firewall issue.
>>
>
> Okay, from what I understand, if you have ssh open, then your vnc viewer
> will automatically go through the ssh port when requested, you don't need
> to specify it as in your second example.

I misread the man page. Instead of `vncviewer -via ssh pizza:5901` it
should have been `vncviewer -via pizza pizza:5901`

houghi
--
First we thought the PC was a calculator. Then we found out how to turn
numbers into letters with ASCII and we thought it was a typewriter. Then
we discovered graphics, and we thought it was television. With the World
Wide Web, we've realized it's a brochure. -- Douglas Adams.

On Sun, 24 Aug 2008 10:10:10 +0200
houghi wrote:

>vncviewer: Tunneling command failed: /usr/bin/ssh -f -L
>5599izza:5901 ssh sleep 20.

I use 'x11vnc' program on the target boxes with generally good results.
For connecting to my work computer from home, through a gateway
machine, I use the following (substitute appropriate values for your
boxes), all on one line of course:

ssh -t -L 127.0.0.1:5900:gatewayIP:5900 username@remoteIP
'DISPLAY=:0 x11vnc'

and then the view command on my local box (all on one line):

vncviewer -encodings "copyrect tight hextile zlib corre rre raw"
localhost

I've just used that today and still works under openSUSE 11.0.

For my local network, I use something similar:

ssh -t -L 127.0.0.1:5900:targetIP:5900 username@targetIP 'DISPLAY=:0
x11vnc'

and the view command on my local box:

vncviewer localhost

*That*, however, doesn't work from 11.0 to 10.3 -- I just discovered
that when researching this response. It used to work before I upgraded
to 11.0. I will try some more research on it to see if I can figure out
what the difference is. In the meantime, you might get some good info
from:

http://www.karlrunge.com/x11vnc/#tunnelling


Sorry I couldn't be of more help on this.


--
Kevin Nathan (Arizona, USA)
Linux Potpourri and a.o.l.s. FAQ -- (temporarily offline)

Open standards. Open source. Open minds.
The command line is the front line.
Linux 2.6.25.11-0.1-pae
8:47am up 5 days 12:36, 18 users, load average: 0.45, 0.54, 0.81

Kevin Nathan wrote:
> On Sun, 24 Aug 2008 10:10:10 +0200
> houghi wrote:
>
>>vncviewer: Tunneling command failed: /usr/bin/ssh -f -L
>>5599izza:5901 ssh sleep 20.
>
> I use 'x11vnc' program on the target boxes with generally good results.
> For connecting to my work computer from home, through a gateway
> machine, I use the following (substitute appropriate values for your
> boxes), all on one line of course:

I must be staring at the screen for too long. I am able to connect to
`penne`. I can not connect to `pizza` and I can't change the settings
for the connection so now even if I would lie to change the standard
screen size, it goes for 1920x1200.

If I am not even able to change that, I am not even going to try and go
on with tunneling.

I also can't get the different ports closed that I opend. Strange.

houghi
--
First we thought the PC was a calculator. Then we found out how to turn
numbers into letters with ASCII and we thought it was a typewriter. Then
we discovered graphics, and we thought it was television. With the World
Wide Web, we've realized it's a brochure. -- Douglas Adams.

On Sun, 24 Aug 2008 18:54:55 +0200
houghi wrote:

>I can't change the settings for the connection so now even if I would
>lie to change the standard screen size, it goes for 1920x1200.
>

I've never tried changing the screen size -- it's not a problem going
from home to work, but going the other direction involves a lot of
screen scrolling because my work screen is smaller than my home screen.


>I also can't get the different ports closed that I opend. Strange.
>

Does

rpcinfo -p

give you any help? (As root, of course.)


--
Kevin Nathan (Arizona, USA)
Linux Potpourri and a.o.l.s. FAQ -- (temporarily offline)

Open standards. Open source. Open minds.
The command line is the front line.
Linux 2.6.25.11-0.1-pae
10:13am up 5 days 14:02, 19 users, load average: 0.86, 1.03, 1.37

Kevin Nathan wrote:
>>I can't change the settings for the connection so now even if I would
>>lie to change the standard screen size, it goes for 1920x1200.
>>
>
> I've never tried changing the screen size -- it's not a problem going
> from home to work, but going the other direction involves a lot of
> screen scrolling because my work screen is smaller than my home screen.

The changing of the screen size is one of the things I did first. This
gives me 1920x1200 on my screen, while my portable is not able to do it
in that size.

Now I can'y change it back.

>>I also can't get the different ports closed that I opend. Strange.
>>
>
> Does
>
> rpcinfo -p
>
> give you any help? (As root, of course.)

It doesn't even show me the connections that I am connected at, like
ssh. So no, doesn't give me any help.

houghi
--
First we thought the PC was a calculator. Then we found out how to turn
numbers into letters with ASCII and we thought it was a typewriter. Then
we discovered graphics, and we thought it was television. With the World
Wide Web, we've realized it's a brochure. -- Douglas Adams.

houghi turned on the Etch-A-Sketch and wrote:


>> Okay, from what I understand, if you have ssh open, then your vnc viewer
>> will automatically go through the ssh port when requested, you don't need
>> to specify it as in your second example.
>
> I misread the man page. Instead of `vncviewer -via ssh pizza:5901` it
> should have been `vncviewer -via pizza pizza:5901`

You *read* man pages?

Wow, you're a brave soul!


--
www.perfectreign.com || www.filesite.org

powered by the lizard: www.opensuse.org