[Cialug] SSH Forwarding
D. Joe Anderson
cialug@cialug.org
Thu, 6 Jan 2005 11:24:55 -0600
On Thu, Jan 06, 2005 at 02:32:02PM +0000, timwilson011@mchsi.com wrote:
> I'm trying to forward ports to a remote machine at my work. The problem is that
> I have to go to a gateway machine first. I'm trying one of 2 different
> forwards, one VNC, and one X. It doesn't matter which one I get working.
>
> I'm trying to forward a local port to a remote machine running VNC. My command was:
> ssh -g -L5985:172.18.128.54:5900 -P -t -C username@gateway
>
> I used 5985 since I don't have a local VNC running on that port. The remote
> machine is a Win2k box run tightvnc. I then run vncviewer localhost:85. It
> connects to the remote machine, I enter the password, but then the session dies.
> If I turn on very very verbose, I get the following:
> debug1: channel_free: channel 2: direct-tcpip: listening port 5985 for
> 172.18.128.54 port 5900, connect from 127.0.0.1 port 42142, nchannels 3
> debug3: channel_free: status: The following connections are open:
> #1 client-session (t4 r0 i0/0 o0/0 fd 5/6)
> #2 direct-tcpip: listening port 5985 for 172.18.128.54 port 5900, connect from
> 127.0.0.1 port 42142 (t4 r2 i3/0 o3/0 fd 8/8)
> debug3: channel_close_fds: channel 2: r 8 w 8 e -1
> Any ideas?
Be sure that TightVNC allows connections on 5900 from localhost.
I've seen clients (not sure which one at the moment, might be
able to tell you later when I next get onto the machines in
question) that disallow this by default, for some reason. I've
had to change them such that, instead of disallowing that, that
that is the *only* thing they allow (ie, I don't want to allow a
non-tunneled connection from any other computer).
--
Joe