Tunneling VNC over ssh

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I regularly connect from a Windows XP box to a SunOs 5.9 box.(*) via Real
VNC.  (VNC client lives on Windows XP box, server on SunOs box.)

I also regularly connect from the same Windows XP box to the same SunOs box
via ssh.  (Using the PuTTY client.)

Now I want to tunnel the VNC over SSH.  I repeated tried following the
instructions on setting up PuTTY to do this and never got it to work.

To put things concretely, suppose the SunOs host is called solaris1 and I'm
trying to connect to VNC desktop :3 there.  I should use
    X display location == localhost:0
    source port == 5903
    destination == localhost:5903
under the PuTTY tunnelling section, right?

(*) Yes, it's not Linux, but I cross-posted to comp.os.linux.networking as
this problem shouldn't be solaris-dependent, and groups.google.com showed a
very high relevance to the keywords "vnc" and "ssh".  [Gotta Linux box at
home, though.]

Re: Tunneling VNC over ssh

sinister wrote:

Quoted text here. Click to load it

If I rememeber correctly, SSH's TCP-forwarding (AllowTcpForwarding no) is
disabled by default in SunOs 5.9.

So, check SSH's TCP-forwarding settings from /etc/ssh/sshd_config, your
putty settings should be okay.

Kimmo Koivisto

Re: Tunneling VNC over ssh

Quoted text here. Click to load it

This is a good, plausible suggestion.  I googled up some Sun documents,
though, and it seems the default is "enabled."

Thanks for replying!

Quoted text here. Click to load it

Re: Tunneling VNC over ssh

sinister wrote:
Quoted text here. Click to load it

im not sure how your vnc settings are as I use tight vnc, but I can tell
you this is how i connect.

1. start putty and in putty i have in the tunnel page
source port: 5900

this 192 address is the address of my linux box from WITHIN the ssh
session.  I have a nat router at home, so putty is connecting to the
TRUE home IP address, but on this tunnel page it needs the actual
address of the computer, so that is why you see this address.  If you
not natting, its probably the same for both.

that is for channel 0

add a new tunnel for channel 1, 5901 and, etc...

and in tight vnc i have
localhost:0 as my vnc target.

hope that helps.  Also, I dont think vnc is doing anything with X.  Its
not like when you open a tunneled desktop from one linux box to another.

Also, you need a vncserver running.  is your server on by default, or
are you starting it through your ssh session?  not sure if it makes a
diff, but i start mine through an ssh session, but i let it run ever
after i am off so it can keep gettign my emails.  Im typing in it right


CL Gilbert

"Verily, verily, I say unto you, He that entereth not by the door() into
the sheepfold{}, but climbeth up some other *way, the same is a thief
and a robber."  John 10:1

GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD  19AE 55B2 4CD7 80D2 0A2D

For a free Java interface to Freechess.org see

Site Timeline