the man page for vncviewer presents the -via gateway option to use ssh through a gateway.
I understand if I want a secure vnc connection to server.foo.com I can use the command:
vncviewer localhost -via server.foo.com
But I have moved my SSHD services from port 22 to port n. So according to the man pages, I need an environment variable of VNC_VIA_CMD and override the default command with:
/usr/bin/ssh -p 7722 -f -L "$L":"$H":"$R" "$G" sleep 20
where 7722 is the port for sshd.
How do I set up this environment variable on my notebook. Would I modify my .bash_profile file, and is the format of the added line:
VNC_VIA_CMD=/usr/bin/ssh -p 7722 -f -L "$L":"$H":"$R" "$G" sleep 20
???
On Mon, Jul 14, 2008 at 9:18 PM, Robert Moskowitz rgm@htt-consult.com wrote:
How do I set up this environment variable on my notebook. Would I modify my .bash_profile file, and is the format of the added line:\ VNC_VIA_CMD=/usr/bin/ssh -p 7722 -f -L "$L":"$H":"$R" "$G" sleep 20
You could actually do this a little bit easier, by defining a user ssh config file in ~/.ssh
You could do something similar to:
Host myvncgateway HostName server.com User backupuser #default username Port 2222 # Use this port instead of 22.
There's a whole mess of other options you can drop in here. man ssh_config for all the goodies.
Jim Perrin wrote:
On Mon, Jul 14, 2008 at 9:18 PM, Robert Moskowitz rgm@htt-consult.com wrote:
How do I set up this environment variable on my notebook. Would I modify my .bash_profile file, and is the format of the added line:\ VNC_VIA_CMD=/usr/bin/ssh -p 7722 -f -L "$L":"$H":"$R" "$G" sleep 20
You could actually do this a little bit easier, by defining a user ssh config file in ~/.ssh
You could do something similar to:
Host myvncgateway HostName server.com User backupuser #default username Port 2222 # Use this port instead of 22.
neat, but...
This simplified my ssh commands, not having to include the -p ____
But I could not get vncviewer working. For the command:
vncviewer gate.foo.com:5902 -via gate.foo.com
I get:
VNC Viewer Free Edition 4.1.2 for X - built Mar 14 2007 22:51:02 Copyright (C) 2002-2005 RealVNC Ltd. See http://www.realvnc.com for information on VNC. me@gate.foo.com's password:
Tue Jul 15 07:54:27 2008 CConn: connected to host localhost port 5599 channel 3: open failed: connect failed: Connection refused main: End of stream
Where did port 5599 come from?
So I kind of gave up, I set up a SSH port forwarding and ran through that.
All this to make a change to my firewall rules. My firewall would not accept an external admin connection, so I had to get an internal Firefox client running on this system. Hop, Hop, Hop....
On Tue, Jul 15, 2008 at 10:36, Robert Moskowitz rgm@htt-consult.com wrote:
VNC_VIA_CMD=/usr/bin/ssh -p 7722 -f -L "$L":"$H":"$R" "$G" sleep 20
You could actually do this a little bit easier, by defining a user ssh config file in ~/.ssh
This simplified my ssh commands, not having to include the -p ____
Actually that will be the default for VNC_VIA_CMD, so if you don't need to specify the port number you don't need to include that variable specification in your .bashrc/.bash_profile.
vncviewer gate.foo.com:5902 -via gate.foo.com
Actually it seems to me you are specifying a port number after the server name, when it should in fact be a *display* number.
When you start the vncserver, you specify which display you want it to bind, or it will tell you which one it used. That is the number you have to use on your vncviewer command.
Probably something like:
$ vncviewer gate.foo.com:2 -via gate.foo.com
The 5599 port is probably the local port chosen by the -via option, it will probably look up a free port in that range.
Let us know how that works for you.
HTH, Filipe
-
Filipe Brandenburger -
Jim Perrin -
Robert Moskowitz