http://briancarper.net/tag/53/vncSome guy's blog about programming and Linux and cows.http://briancarper.net/blog/ssh-tunneling-vnchttp://briancarper.net/blog/ssh-tunneling-vncTue, 14 Mar 2006 12:50:48 -0800<p>Just so I don't forget this: How to SSH-tunnel VNC. It took me forever to figure out. (This will work with any service, not just VNC.)</p> <p>Home: 2 computers, both behind a firewall. Linux = 192.168.15.15, OS X = 192.168.15.16. The Linux computer is running sshd (but you can only SSH to the Linux box via the LAN, i.e. it's behind the firewall). The OS X computer is running sshd too; port 22 is the only port open on the firewall, and it's forwarded to the OS X machine only. Remote: 1 computer, Windows. Can't run any services, but can run TightVNC viewer. Goal: Run VNC on the home Linux computer and use TightVNC at the remote site to view it.</p> <p>Here's how I did it. First SSH to my home IP using PuTTY on the remote computer, which takes me to the OS X machine. SSH from there to the Linux box. Run VNC on the Linux computer:</p> <pre>x11vnc -display :0</pre> <p>This shares an already-running X session. To run an independent session I could've run</p> <pre>vncserver :1</pre> <p>Leave that running. Now, I SSH again in a separate session to my home IP. In the Tunnels section, put Source port 5900 (or 5901, whatever port VNC is using on the Linux machine). For Destination put 192.168.15.15:5900 (or 5901). Open the connection and login.</p> <p>Now on the remote machine, run TightVNC and connect to 127.0.0.1::5900 (or 5901). That's it! Now I see my Linux desktop on the remote machine. The whole "local" vs. "remote" distinction for SSH tunnels is a bit confusing, especially when you're bouncing around to a bunch of different computers.</p>