Friday, October 17, 2008

ssh tunneling

I recently got bitten by the "lets learn about practical uses of encryption" bug and have been cleaning up the methods used to connect between the boxes that I use.

I used to use two scripts (because that was the only way I could get it to work).
I present a concise and short version below:

3333 is the port of the program that you want to use, 3389 for remote desktop for windows, 5900 for vnc. is the ip of the box in the distant network. is the ip for the computer that is connected to the outside and has ssh-ness. luser1 is your username. Fix your bit depth and resolution for rdesktop, similar for vnc. "Billy Bob" is your windows login at the destination.

Your program connects to the local host on the same port that it would be connected to on the other side. The local port gets the dataz, its encrypted, sent,arrives, and decrypted and sent to the port on the other side as if you connected to it unencrypted like.

ssh -2 -L 3333: -N &
## Uncomment one of the following...
#rdesktop -a16 -g1280x990 -z -u "Billy Bob"
#vncviewer -FullScreen localhost:0
sleep 5 #sometimes stuff can be slow?
kill -15 `ps -C "ssh -2 -L 3333: -N" | awk 'NR==2{print $1}'`

The last two lines are actually one line. (the kill -15 line ends with {print $1}'` )

The magic is the "-N" which makes it so that you don't need to send a command, and the last line, which kills the tunnel when you are done.

No comments: