Sunday, May 31, 2009

Tunneling VNC through SSH

VNC is great for accessing remote machines, but it is inherently insecure. By tunneling through SSH, you can get the security of SSH with almost all of the speed of VNC.

1. Create the tunnel:

ssh -L 5901:localhost:5901 USER@SERVER_ADDRESS -C

This will open up a new ssh session. Use this session to start the VNC server. The first 5901 is the port to use on the local machine and the second 5901 is the port to use on the remote machine. The -C switch turns on compression; without it, the VNC session is intolerably slow.

2. Start the VNC viewer:

vncviewer localhost:1

You're telling the VNC client to connect to your own machine. But the VNC port on your machine has been forwarded to the remote server, so the connection is made.

