A couple more SSH / VNC questions
 

First I'd like to thank, in general, the ITT forum community, and specifically all the helpful NIT gurus that have responded to my previous questions. I have learned a lot and made a lot of progress.

Anyway . . .

What I want to do:

Access my XP PC via my n800 when I am out and about and using public wifi. I would like to connect to the machine through a VNC client/server setup and be able to access GUI, Windows explore system, and various apps running on the XP machine.

And I want to do this through an SSH so as to avoid all the nefarious predators lurking about the internets.

What I've done so far:

I have VNC viewer, x11VNC, and openssh installed on my n800. I have tightVNC, cygwin, and copSSh installed on my XP machine. I have connected my n800 as a VNC client to the XP VNC serve on my home WLAN.

I have also established a SSH tunnel (at least, I think that's what I did) from my n800 to the XP machine by going into xterm and entering the command "ssh username@external_ip_address" (where username and external_ip_address are the appropriate names for my setup).

What my question/problem is:

I don't know how to make these things work together. I'm assuming that once I have my tunnel open it's not simply a matter of firing up my VNC client and expecting the session to be secure. It would be awesome if that assumption is false. But if my assumption is correct, then I lack knowing what my next step is.

So if any of you tech gurus could provide some guidance, I would gladly provide my first born and eternal gratitude.

Re: A couple more SSH / VNC questions
 

Could you please provide a description of your first born?

Re: A couple more SSH / VNC questions
 

Twins. So it's a bogo.

Re: A couple more SSH / VNC questions
 

When you invoke ssh on your NIT, do so including a tunnel descriptoin, such as:
-L5901:localhost:5901

This will open a tunnel on port 5901 on both ends (maybe you will want a different port on each end). This causes the ssh client on your tablet to listen for local connections on port 5901.

Once the tunnel is established, you can VNC to localhost:1 and your traffic will run thru the secure tunnel.

Re: A couple more SSH / VNC questions
 

Thanks for the reply lethall.

Is it simply a matter of entering "ssh -L5901:local:5901" in xterm? I tried this, but I didn't get the impression that I accomplished anything. I'm totally missing something, aren't I?

Re: A couple more SSH / VNC questions
 

so, when you do

ssh -L5901:localhost:5901 user@targetIP

you are connecting to your home computer at "targetIP" and at the same time have created a tunnel. This tunnel makes it so that connecting to your local computer (presumable Nokia), port 5901 will get forwarded to "localhost" port 5901 on the remote end (hence, the comptuer you logged into via ssh).

Now, in VNC, you have to connect to the _NOKIA_ via "localhost", to VNC server :1 (the VNC server gets added to 5900 so this is in effect port 5901)

Martin

Re: A couple more SSH / VNC questions
 

I think I've got the "ssh -L5901:localhost:5901 user@targetIP" working. Can I assume that this establishes a secure ssh tunnel between my n800 (client) and the XP PC (server)?

This is what I'm confused about. Once I've got my ssh tunnel working as described above, how do I connect in VNC? Is this something I need to do in the xterm CLI, or can I do in the VNC Viewer app GUI?

There are two different VNC apps on my n800, the VNC Viewer and the x11VNC. Which should I be using to accomplish what is described above?

Thanks for all the help.

Re: A couple more SSH / VNC questions
 

Yes, tunnels are secure.

Use the VNC viewer (GUI) to connect to your (mobile client) end of the tunnel. if you have the VNC server listening at the other end, it will seem to that machine that the client is connecting locally.

The x11vnc app is not required.

Note that since the VNC server is a Windows machine - and Windows can only host one session (zero) - the real port at the server end is probably on port 5900 (ie server:0) That would be"-L5901:localhost:5900"

Be sure your Windows machine knows what 'localhost' is... if not, you could use: "-L5901:127.0.0.1:5900"

Re: A couple more SSH / VNC questions
 

Someone please correct me if I am wrong.

Once I have the tunnel established between client and server, all I have to do is launch my VNC viewer and (as long as the VNC server is active at the server end) the VNC session will be secure? I guess I've been working under the assumption that there was something more to it. Is it really that easy?

Re: A couple more SSH / VNC questions
 

That's it. Create a stronger password with at least a capital letter, number and characters, deviate from just using a simple word...