Quick guide to VNC over an SSH tunnel

I recently needed to do a secure VNC connection to a colleagues machine. This was the first time I’ve had to do this, and seeing as I like SSH (and had passwordless key authentication already setup between these machines) I thought I’d investigate SSH tunnels.

Well basically you just link up a local port number with a port number on the remote machine. Then any traffic that get’s put onto this local port get’s put into the SSH tunnel and piped into the remote port number. Exactly the same as if you were on that remote machine.

You form the port redirection using the -L option.  The command line is then finished with the username servername combination you would normally connect to the remote machine with.

e.g.
ssh -L LOCALPORT:REMOTEADDRESS:REMOTEPORT USERNAME:REMOTEADDRESS

For VNC you want to put port 5901 on the local machine to port 5901 on the remote machine

ssh -L 5901:SERVERNAME:5901 ferg@SERVERNAME

Then simply launch the VNC client of your choice (I like COTC, Cool name, cooler app!) and point it to 127.0.0.1 instead of a remote address. All traffic pointed 127.0.0.1:5901 gets pushed across the SSH tunnel to the remote machine.

Dead easy and secure!!

This entry was posted in Computergeekery. Bookmark the permalink.