Tunneling VNC connections over SSH – Howto

Virtual Network Computing (VNC) is a desktop sharing system which uses the RFB (Remote FrameBuffer) protocol to remotely control another computer. It transmits the keyboard presses and mouse clicks from one computer to another relaying the screen updates back in the other direction, over a network.

Step by step procedure

You can easily tunnel VNC connections over ssh so that entire traffic get encrypted. Type the following command to tunnel VNC connections over SSH (you need to type command on your computer):

$ ssh -L 5901:localhost:5901 -N -f -l rocky sshserver.mydomain.com
OR

$ ssh -L 5901:127.0.0.1:5901 -N -f -l rocky 192.168.1.100

Where,

• -L 5901:localhost:5901 : Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side. Here you are using port 5901 on the localhost to be forward to sshserver.mydomain.com on the 5901 port.
• -N : Do not execute a remote command i.e. just forward ports.
• -f : Requests ssh to go to background just before command execution. Requests ssh to go to background just before command execution. Once password supplied it will go to background and you can use prompt for type commands on local system.
• -l rocky : rocky is the user to log in as on the remote machine (sshserver.mydomain.com).
• sshserver.mydomain.com (192.168.1.100): Remote system with VNC server

In your localhost VNC client use 127.0.0.1:5901 for connection. Make sure you use appropriate port i.e. 5901 (VNC server was running on display 1).

This tunnel will provide nice enhanced security.

Featured Articles:

• 20 Linux System Monitoring Tools Every SysAdmin Should Know
• 20 Linux Server Hardening Security Tips
• 10 Greatest Open Source Software Of 2009
• My 10 UNIX Command Line Mistakes
• Top 5 Email Client For Linux, Mac OS X, and Windows Users
• Top 20 OpenSSH Server Best Security Practices
• Top 10 Open Source Web-Based Project Management Software
• Top 5 Linux Video Editor Software