On 3/23/2012 11:40 AM, William Hooper wrote:
On Thu, Mar 22, 2012 at 11:03 PM, Bob Hoffmanbob@bobhoffman.com wrote: [snip]
opened port 5902 in iptables, restarted iptables |INPUT -m state --state NEW -m tcp -p tcp --dport 5902 -j ACCEPT
[snip]
in putty I made a saved session called 'vnc to my server' went to connections, ssh, tunnels in putty explorer added source port, 5902 destination I put in localhost:5902 click add then save the whole session (go back to session page)
[snip]
Note if you are exclusively using an SSH tunnel to access your VNC, you don't need to open a port for VNC in the firewall. In fact, not opening a direct port for VNC is a good way of enforcing the tunnel to secure the connection.
well, that makes sense. And I like that alot. Less ports the better. This is only for my host so I can run virt-manager. Thanks for the great tip.
bob