Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the '10.5: How to use screen sharing remotely and securely' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.5: How to use screen sharing remotely and securely
Authored by: felix-fi on Nov 19, '07 11:42:51PM

My 2 cents:

I am always confused too by ssh tunnel... so I keep reading the man page each time :-). In any case the original proposed method (not using localhost) create a secure tunnel:

From man ssh:

-L [bind_address:]port:host:hostport
Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side. This works by allocat-
ing a socket to listen to port on the local side, optionally bound to the specified bind_address. Whenever a connection is made to this port, the
connection is forwarded over the secure channel, and a connection is made to host port hostport from the remote machine.

Local (client) host means the machine executing the ssh. However, the :host: (i.e. the vnc server then) and the ssh server (the machine name at the end of the ssh command) should be the same otherwise the data between them will be in clear...

Is it clearer? ( I am not even sure it is for me ;-) )

[ Reply to This | # ]
10.5: How to use screen sharing remotely and securely
Authored by: felix-fi on Nov 20, '07 03:21:36AM

Just to clarify a bit my previous post...

when host-X executes
ssh -L port:host-Y:hostport host-Z

then local packet sent to port are tunneled to host-Z which then decrypt them and pass them to host-Y in clear. Moreover, host-Y is "resolved" from host-Z point of view (so if it is localhost or, it means host-Z itself)

(I hope I did not add to much confusion again)

[ Reply to This | # ]