|
|
more info
I finally had a chance to try this out and experiment. Here's what I found, that might helps others. (sorry if it duplicates info in other ssh tunneling hints) First, the details of the ssh tunnel in the script: (this is what I had trouble wrapping my brain around)
tunnel_server is the computer acting as the go-between. It is visible to the client computer (ie on the internet). It can be the same as the computer one is tunneling to. username is a user on the tunnel_server. tunnel_dest is the ultimate goal. And where it gets tricky. If one follows this hint, so that it's another computer than the tunnel server, then the destination must have the VNC port open on its firewall and the VNC server must accept outside connections (not just local connections), and it will be an unsecure connection from the tunnel server to the destination, only the tunnel from the client through the tunnel server is encrypted. At least this is how I figure it. To make a secure connection all the way thru to the destination, one would have to do a double-tunnel, or some such thing. I haven't got to the point of trying that, tho I have done that in the past with a plain ssh terminal session (ssh to server visible on internet, within that connection ssh to Mac behind the firewall). Another possibility is directly tunneling to a Mac, on the same network as the client. This will be a secure connection to the destination, and doesn't require the intermediate server. This would be:
The destination acts as the tunnel server, and localhost (127.0.0.1) on the destination computer is now the destination address. One still connects to 127.0.0.1 in the VNC client. A couple of these is what I'm guessing would be needed to do the double-tunnel trick, unless there is a more direct way that an ssh guru knows about. A note on the OSXvnc server app - make sure to turn on the Allow Only Connections option for the best security, unless you are using the original hint straight. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.09 seconds |
|