From owner-freebsd-questions@FreeBSD.ORG Wed Mar 23 02:01:56 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 09C9716A4CE for ; Wed, 23 Mar 2005 02:01:56 +0000 (GMT) Received: from gromit.dlib.vt.edu (gromit.dlib.vt.edu [128.173.49.29]) by mx1.FreeBSD.org (Postfix) with ESMTP id 71F3F43D1F for ; Wed, 23 Mar 2005 02:01:55 +0000 (GMT) (envelope-from paul@gromit.dlib.vt.edu) Received: from zappa.Chelsea-Ct.Org (pool-151-199-89-235.roa.east.verizon.net [151.199.89.235]) by gromit.dlib.vt.edu (8.13.1/8.13.1) with ESMTP id j2N21q3h050355 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 22 Mar 2005 21:01:54 -0500 (EST) (envelope-from paul@gromit.dlib.vt.edu) Received: from zappa.Chelsea-Ct.Org (localhost.Chelsea-Ct.Org [127.0.0.1]) by zappa.Chelsea-Ct.Org (8.13.3/8.13.3) with ESMTP id j2N21lCb072405 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 22 Mar 2005 21:01:47 -0500 (EST) (envelope-from paul@gromit.dlib.vt.edu) Received: (from paul@localhost) by zappa.Chelsea-Ct.Org (8.13.3/8.13.3/Submit) id j2N21kMI072404 for freebsd-questions@freebsd.org; Tue, 22 Mar 2005 21:01:46 -0500 (EST) (envelope-from paul@gromit.dlib.vt.edu) X-Authentication-Warning: zappa.Chelsea-Ct.Org: paul set sender to paul@gromit.dlib.vt.edu using -f From: Paul Mather To: freebsd-questions@freebsd.org In-Reply-To: <20050323002821.2CB8416A4CF@hub.freebsd.org> References: <20050323002821.2CB8416A4CF@hub.freebsd.org> Content-Type: text/plain Content-Transfer-Encoding: 7bit Date: Tue, 22 Mar 2005 21:01:45 -0500 Message-Id: <1111543305.72259.26.camel@zappa.Chelsea-Ct.Org> Mime-Version: 1.0 X-Mailer: Evolution 2.0.4 FreeBSD GNOME Team Port Subject: Re: Accessing Windows XP Desktop (Home Edition) remotely X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2005 02:01:56 -0000 On Tue, 22 Mar 2005 16:26:54 -0500 (EST), "Ean Kingston" wrote: > > On Tuesday 22 March 2005 02:18 pm, Christopher Nehren wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- > >> Hash: SHA1 > >> > >> On 2005-03-22, daniel scribbled these > >> > >> curious markings: > >> > security note: > >> > vnc is *not* encrypted and is not generally considered secure. any > >> > ports you open/forward should be directed to your ip only. even > >> > better, try a knocking daemon. > >> > >> This is why you set up an SSH tunnel between the two machines. The > >> Handbook (as always) shows how to do this, with examples. > >> > >> Best Regards, > >> Christopher Nehren > > > > To forward a VNC session through SSH, the user will need to install a > > SSH application on the Windows computer. PuTTY is a free example, and > > is available at: > > > > http://www.chiark.greenend.org.uk/~sgtatham/putty/ > > AFAIK Putty is a client only. The original user wanted to access his WinXP > Home system from FreeBSD. So, Putty isn't going to do it. I think there is > an OpenSSH implementation (both client and server) for Win32 that runs on > XP. I know the cygwin implementation works (but the original poster may > not want that much added to the XP system). > > http://www.cygwin.com/ and http://www.openssh.org/ I have successfully used the Win32 OpenSSH installer available via http://sshwindows.sourceforge.net/ to provide a SSH server on a remote Windows 2000 Professional system. That OpenSSH package can be installed via an installer to provide OpenSSH using a minimal requisite cygwin environment. The OpenSSH server can be run as a Windows service. Like the original poster, I wanted a way of using a Windows system remotely from FreeBSD. In my case, it was so I could remotely admin and troubleshoot a friend's Windows 2000 PC. As well as using the OpenSSH for Windows mentioned above, I used TightVNC (http://www.tightvnc.com/) for the VNC server on Windows and for the client on FreeBSD (installed via the net/tightvnc port). I restrict the VNC server to accept connections only from localhost, and use an SSH tunnel to encrypt all the VNC traffic between the two systems. (I can even start and stop the VNC server service remotely by issuing a "net start winvnc" and "net stop winvnc" via SSH to start and stop it, respectively.) I've found the setup to work well in practice. Cheers, Paul. -- e-mail: paul@gromit.dlib.vt.edu "Without music to decorate it, time is just a bunch of boring production deadlines or dates by which bills must be paid." --- Frank Vincent Zappa