0

I am trying to secure my VNC session using OpenSSH(ssshd) and Putty(client)(everything is on windows)

First I establish a tunnel using putty and then log into my server PC using username and password

Second, I turn on my VNC client and server on the respective sides.

The problem i am facing is that my vnc session is not going through the tunnel.

1 - Following is the command which i am using to establish the tunnel:

putty.exe -ssh w21821@10.31.128.23 -L 5900:10.31.128.23:5900

My sshd_config file

Port 22
Protocol 2
LogLevel DEBUG3
PermitRootLogin yes
StrictModes no
AuthorizedKeysFile  .ssh/authorized_keys
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication yes
AllowAgentForwarding yes
AllowTcpForwarding yes
X11Forwarding yes
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
PermitTunnel yes
Subsystem   sftp    sftp-server.exe
hostkeyagent \\.\pipe\openssh-ssh-agent

When I give this command ond on the client side, netstat -aon | find ":5900" I get this

screenshot

In this picture, first is the example of vnc session through the tunnel, whereas the others are not going through the tunnel.

I got the 1st output only once, since then the same output appears again and again.

The second method was using inbuilt ssh.

Using the command ssh -vvv w21821@10.31.128.23 -L 7934:10.31.128.23:5900 i have been able to establish a tunnel

C:\Users\w21821> netstat -aon | find ":7934"

TCP 127.0.0.1:7934 0.0.0.0:0 ABHÖREN 5488
TCP [::1]:7934 [::]:0 ABHÖREN 5488

After pinging my vnc Viewer on 127.0.0.1:7934, i get

C:\Users\w21821>netstat -aon | find ":7934"

TCP 127.0.0.1:7934 0.0.0.0:0 ABHÖREN 4676
TCP 127.0.0.1:7934 127.0.0.1:65501 HERGESTELLT 4676
TCP 127.0.0.1:65501 127.0.0.1:7934 HERGESTELLT 7028
TCP [::1]:7934 [::]:0 ABHÖREN 4676

This established Connection is not going through the tunnel.

Following is what i got from the server side, 

C:\Users\w21821>netstat -aon | find ":590"
  TCP    0.0.0.0:5900           0.0.0.0:0              ABHÖREN         7828
  TCP    10.31.128.23:5900      10.31.128.23:54390     HERGESTELLT     7828
  TCP    10.31.128.23:54390     10.31.128.23:5900      HERGESTELLT     8416

EDIT as i connect from my VNC viewer to VNC server, it says Got connection from client 127.0.0.1 . Is this correct or shall i give the ip address of the client i.e. 10.31.128.34 ??

Can someone guide me is there anything wrong found in this debug or what else can i do to proceed?

Verma
  • 11
  • 1
  • 1
  • 4
  • Could you add the server-side output of `netstat -aon | find ":590"`? If your VNC server only listens to the loopback interface, your tunnel might fail (since it connects to `10.31.128.23:5900`) – mreithub Dec 07 '17 at 11:20
  • I updated the server side output. What can be done to avoid this loopback interface ?? – Verma Dec 07 '17 at 12:47
  • Try this: `putty.exe -ssh w21821@10.31.128.23 -L 5900:127.0.0.1:5900` – ThoriumBR Dec 07 '17 at 14:06
  • @ThoriumBR , Tried it. No success! – Verma Dec 07 '17 at 14:25

0 Answers0