From owner-freebsd-questions@FreeBSD.ORG Fri Jan 1 23:27:19 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 12B1C106566C for ; Fri, 1 Jan 2010 23:27:19 +0000 (UTC) (envelope-from runge@karlrunge.com) Received: from holmes.jfku.edu (holmes.jfku.edu [66.117.151.7]) by mx1.freebsd.org (Postfix) with ESMTP id CAC4D8FC13 for ; Fri, 1 Jan 2010 23:27:18 +0000 (UTC) Received: from haystack.runge.home (runge@localhost [127.0.0.1]) by holmes.jfku.edu (8.9.3p3.JFKU/8.9.1) with ESMTP id PAA15856 for ; Fri, 1 Jan 2010 15:06:06 -0800 Received: from runge by haystack.runge.home with local (Exim 3.36 #1 (Debian)) id 1NQqZJ-0005bH-00; Fri, 01 Jan 2010 18:06:05 -0500 To: freebsd-questions@freebsd.org X-Mailer: mail5 v0.2 (xterm+vim+sendmail) In-Reply-To: 4B3E388D.6060708@gmail.com Message-Id: From: "Karl J. Runge" Date: Fri, 01 Jan 2010 18:06:05 -0500 Cc: runge@karlrunge.com Subject: Remote assistance for X X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jan 2010 23:27:19 -0000 > remotehost="lightning" > cmd="x11vnc -display :0 -localhost -connect localhost -ncache" > ssh -t -c blowfish -R 5500:$remotehost:5500 localhost "$cmd" I think you mean: ssh -t -c blowfish -R 5500:localhost:5500 $remotehost "$cmd" right? You want to ssh to $remotehost and have the 5500 traffic go through ssh to localhost:5500, no? The use of '-R 5500:$remotehost:5500' implies a unencrypted leg going over the network (which may or may not be acceptable to you, i.e. inside your LAN, but I'm not sure.) BTW, to help flush out problems testing in your LAN, there is an easter-egg in ssvncviewer to only listen on localhost. E.g.: ssvncviewer -env VNCVIEWER_LISTEN_LOCALHOST=1 -listen 0 > Ultravnc (http://www.uvnc.com/) has a slick setup where you give the > Windows user a binary to run, and it calls back to the support site. > No setup needed the client's part. I don't know how much of that is > encrypted. I don't think any of it is encrypted unless you setup the UltraVNC DSM plugin. There are some ways to emulate UltraVNC single click with x11vnc: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick and SSL encrypted connections are described at the end of that FAQ. The ssvnc GUI wrapper (but not the bare ssvncviewer) can establish the SSL tunnel for you. However, since you have ssh access to the supportee machine, I suggest using that.