1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

SSH tunnel in Cygwin

Discussion in 'Linux and Unix' started by jiml8, Dec 4, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. jiml8

    jiml8 Guest Thread Starter

    Joined:
    Jul 2, 2005
    Messages:
    2,634
    Has anyone here successfully established an ssh tunnel using sshd in Cygwin on Windows and then established a connection with a Windows app using it?

    I have been trying to do just that on a server of mine that does not have a keyboard, working across a LAN using ssh from linux and it doesn't seem to be working, and I can't tell exactly why. Cygwin on Windows does some environment things that seem unusual, so perhaps I could set up the tunnel from an ordinary windows command line. I have not yet tried that because it makes me scrounge up a keyboard and mouse for this server...
     
  2. Squashman

    Squashman Trusted Advisor

    Joined:
    Apr 4, 2003
    Messages:
    19,731
    I have see people tunnel Remote Desktop over SSH. I have never done it myself but have seen it.
     
  3. jiml8

    jiml8 Guest Thread Starter

    Joined:
    Jul 2, 2005
    Messages:
    2,634
    I got it working. What I actually wanted to do was tunnel VNC so that I could securely do a remote desktop. I misunderstood the FAQs that I ran across.

    Problem was this. I had to set TightVNC server to accept loopback connections and only loopback connections. This I did by setting a couple of registry values (I later found some checkboxes on the Properties requester that would have done it for me). I interpreted this as limiting where TightVNC would accept connections from, but I thought I had to set up a local tunnel to actually make the connection.

    This was an error; setting the requirement for only loopback connections caused the TightVNC server to take care of the local tunnel automatically for me. So, having the local tunnel explicitly set up was causing me to try to connect (on my client) to a port that VNC was no longer watching.

    The proper way to set up the TighVNC server on a windows box for SSH tunneling is to simply set the "allow loopback connections" and the "allow only loopback connections" checkboxes (TightVNC 1.3.7) or to set the relevant registry entries in HKLM\software\ORL\WinVNC3 (earlier versions of TightVNC) and do nothing else except have an SSH daemon running in Windows (and the Cygwin sshd works fine).

    Now, on my Linux client box, I was using TightVNC viewer version 3.3 and it has a bug. I should have been able to connect with the server by this command:

    vncviewer -via localhost myserverid

    This command *should* set up the proper tunnel then connect to myserverid, but this did not work, at all.

    Instead, I set up a batch file that explicitly builds the tunnel then connects. Here is the batch file:

    ssh -f -L 5901:localhost:5900 myserverid sleep 20
    vncviewer localhost:1

    And this works. I get prompted twice for passwords; once from sshd on the server, then again from VNC on the server. I'll probably just get rid of the VNC password; not needed when the only allowed connections are SSH tunnels.

    This took awhile to figure out because I misunderstood what to do on the server and I had a bug on the client. I suppose that if I don't require loopback connections on the server, then I would have to explicitly set up the server tunnel. However, I don't think I'll bother playing with it.

    Now, using SSH tunneling makes TightVNC noticeably slower than not tunneling, but security is paramount when this thing is going to be working across the internet.
     
  4. Squashman

    Squashman Trusted Advisor

    Joined:
    Apr 4, 2003
    Messages:
    19,731
    I have always wanted to try using SSHD with cygwin but haven't had the time. I have mostly been playing with alot of free VPN servers. I really like SSL Explorer. I also just started setting up OpenVPN. Both will run on Linux or Windows.

    http://www.sshtools.com/showSslExplorer.do
    http://openvpn.net/
     
  5. jiml8

    jiml8 Guest Thread Starter

    Joined:
    Jul 2, 2005
    Messages:
    2,634
    sshd was easy to set up in cygwin. Went right in. I generated the keys and it worked right away. I don't recall what I did to make it a windows service, but it was simple to do. I think that it was an option in the install script. In any case I can sc start it and sc stop it.

    proftpd was the hard one in cygwin, but I found a batch file that made it into a windows service.
     
  6. Squashman

    Squashman Trusted Advisor

    Joined:
    Apr 4, 2003
    Messages:
    19,731
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/422287