Difference between revisions of "Remote desktop using SSH tunneling"
Line 12: Line 12:
  
  
==Requirements==
+
=Requirements=
  
 
* You must be able to SSH to the middle server (''code.vehco.com'' in the example) from both ends [source + target].
 
* You must be able to SSH to the middle server (''code.vehco.com'' in the example) from both ends [source + target].
Line 20: Line 20:
  
  
==Source PC==
+
=Source PC=
 +
 
 +
==Requirements==
 +
 
  
Requirements:
 
 
* Windows computer with RDP enable
 
* Windows computer with RDP enable
 
* Bitvise # Tunnelier -> http://www.bitvise.com/download-area
 
* Bitvise # Tunnelier -> http://www.bitvise.com/download-area
  
  
How to proceed ?
+
==How to proceed?==
 +
 
  
 
* Enable Windows RDP​
 
* Enable Windows RDP​
* Install bitvise # Tunnelier
+
* Install Bitvise # Tunnelier
 
* Create a SSH tunnel
 
* Create a SSH tunnel
 
** Start Tunnelier
 
** Start Tunnelier
Line 46: Line 49:
 
*** login: ''myLogin''
 
*** login: ''myLogin''
 
*** passwd: ''myPassword''  
 
*** passwd: ''myPassword''  
 +
** '''​Save''' your profile
 +
** ''Start'' your profile
 +
 +
 +
 +
==How to start Bitvise on boot?==
 +
 +
To start Bitvise automatically:
 +
 +
 +
* ​Create a new entry in your Windows > Start menu > startup ​folder
 +
* put the following shortcut: "C:\Program Files (x86)\Bitvise SSH Client\BvSsh.exe" -profile="portforward.tlp" –loginOnStartup
 +
 +
 +
where ''portforward.tlp'' is the name of your profile.
 +
 +
 +
 +
'''Limitations'''
  
​Save your profile !
 
Start it
 
  
To start bitvise automatically:
+
* [!] You have to log-in on your PC for the SSH tunnel to work.  
​Create a new entry in your Windows > Start menu > startup ​folder
+
* [!] You should disable screensavers | energy savers otherwise your PC will NOT be available anymore.
put the following shortcut:
 
"C:\Program Files (x86)\Bitvise SSH Client\BvSsh.exe" -profile="portforward.tlp" –loginOnStartup
 
  
where "portforward.tlp" = the name of your profile
 
  
  
That's All !! :-)
+
 
[!] You have to log-in on your PC for the SSH tunnel to work.
+
=Target PC - Windows computer=
[!] You should disable screensavers | energy savers otherwise your PC will NOT be available anymore.
+
 
 +
 
 +
==Requirements==
 +
 
 +
 
 +
* Bitvise # Tunnelier -> http://www.bitvise.com/download-area
 +
 
 +
 
 +
==How to proceed?==
 +
 
 +
 
 +
===Bitvise configuration===
 +
 
 +
 
 +
* Install a RDP client or use the default one (Microsoft Windows Remote Desktop)
 +
* Install Bitvise # Tunnelier
 +
** Go to the '''S2C''' tab
 +
** '''Add''' a new entry
 +
*** LISTEN => remote server (''code.vehco.com'' in that example)
 +
**** LISTEN interface: 127.0.0.1 ​
 +
**** LISTEN port: what_you_put_earlier (ex: 60001)
 +
*** DESTINATION => local machine (RDP client)
 +
**** DESTINATION interface: localhost
 +
**** DESTINATION port: 3390
 +
** Go to the '''login''' tab
 +
*** server: code.vehco.com
 +
*** port: TCP 22
 +
*** login: ''myLogin''
 +
*** passwd: ''myPassword''
 +
** '''​Save''' your profile
 +
** ''Start'' your profile
 +
 
 +
 
 +
[!] Note the local TCP '''3390''' ! Not TCP ''3389'' !!
 +
 
 +
 
 +
[!] Don't forget to adjust the port number 60001
  
  
  
Target PC (= your Laptop)  # Windows
+
===RDP configuration===
Install a RDP client
 
Install bitvise
 
​Go to the tab: S2C
 
Add a new entry
 
LISTEN => remote server (code.vehco.com)
 
LISTEN interface: 127.0.0.1 ​
 
LISTEN port: what_you_put_earlier (ex: 60001)
 
DESTINATION => local machine (RDP server)
 
DESTINATION interface: localhost
 
DESTINATION port: 3390
 
​image001.png
 
​Allez dans l'onglet LOGIN
 
server: code.vehco.com
 
port: TCP 22
 
login: vadmin
 
passwd: Julgran123
 
  
​Save your profile !
 
Start it !
 
  
>>> Start Windows RDP client
+
* Start Windows RDP
Connection to: localhost:3390
+
* Connection to: '''localhost:3390'''
  
  
 
That's All !! :-)
 
That's All !! :-)
[!] Don't forget to adjust the port number 60001
 
  
  
  
  
Target PC (= your Laptop)  # Linux
 
  
1. Create a SSH tunnel:
+
=Target PC - Linux computer=
ssh -v -N -L 127.0.0.1:3390:127.0.0.1:60001 vadmin@code.vehco.com
+
 
 +
Create a SSH tunnel:
 +
<syntaxhighlight lang="bash">
 +
ssh -v -N -L 127.0.0.1:3390:127.0.0.1:60001 myLogin@code.vehco.com
 +
</syntaxhighlight>
 +
 
 +
 
 +
[!] replace ''mylogin'' and ''code.vehco.com'' by our own server!
 +
 
 +
 
  
 
​local computer (= your laptop)  
 
​local computer (= your laptop)  

Revision as of 14:30, 15 October 2014


Principle

Sometimes you cannot open the external Windows RDP port TCP 3389. It can be for a security reason or simply because you do not manage your company's firewall.


To overcome this problem you can use a SSH tunnel. That's how it look like:

Tunnel SSH.png


Requirements

  • You must be able to SSH to the middle server (code.vehco.com in the example) from both ends [source + target].
  • The source computer is a Windows workstation.
  • The target computer can be anything: iPad, Windows, Linux, Android...


Source PC

Requirements


How to proceed?

  • Enable Windows RDP​
  • Install Bitvise # Tunnelier
  • Create a SSH tunnel
    • Start Tunnelier
    • Go to the S2C tab
    • Add a new entry
      • LISTEN => remote server (code.vehco.com in that example)
        • LISTEN interface: 127.0.0.1 ​
        • LISTEN port: what_you_want (ex: 60001)
      • DESTINATION => local machine (RDP server)
        • DESTINATION interface: localhost
        • DESTINATION port: 3389
    • Go to the login tab
      • server: code.vehco.com
      • port: TCP 22
      • login: myLogin
      • passwd: myPassword
    • ​Save your profile
    • Start your profile


How to start Bitvise on boot?

To start Bitvise automatically:


  • ​Create a new entry in your Windows > Start menu > startup ​folder
  • put the following shortcut: "C:\Program Files (x86)\Bitvise SSH Client\BvSsh.exe" -profile="portforward.tlp" –loginOnStartup


where portforward.tlp is the name of your profile.


Limitations


  • [!] You have to log-in on your PC for the SSH tunnel to work.
  • [!] You should disable screensavers | energy savers otherwise your PC will NOT be available anymore.



Target PC - Windows computer

Requirements


How to proceed?

Bitvise configuration

  • Install a RDP client or use the default one (Microsoft Windows Remote Desktop)
  • Install Bitvise # Tunnelier
    • Go to the S2C tab
    • Add a new entry
      • LISTEN => remote server (code.vehco.com in that example)
        • LISTEN interface: 127.0.0.1 ​
        • LISTEN port: what_you_put_earlier (ex: 60001)
      • DESTINATION => local machine (RDP client)
        • DESTINATION interface: localhost
        • DESTINATION port: 3390
    • Go to the login tab
      • server: code.vehco.com
      • port: TCP 22
      • login: myLogin
      • passwd: myPassword
    • ​Save your profile
    • Start your profile


[!] Note the local TCP 3390 ! Not TCP 3389 !!


[!] Don't forget to adjust the port number 60001


RDP configuration

  • Start Windows RDP
  • Connection to: localhost:3390


That's All !! :-)



Target PC - Linux computer

Create a SSH tunnel: 

ssh -v -N -L 127.0.0.1:3390:127.0.0.1:60001 myLogin@code.vehco.com


[!] replace mylogin and code.vehco.com by our own server!


​local computer (= your laptop) remote computer (= the code.vehco.com server) This will open locally the port TCP 3390 and bind it to the remote port TCP 60001.


2. Then execute a RDP client and connect to localhost:3390


That's All !! :-)​ [!] Don't forget to adjust the port number 60001

Retrieved from "http://www.daxiongmao.eu/wiki/index.php?title=Remote_desktop_using_SSH_tunneling&oldid=1514"