SSH port Forwarding (or how to Remote Desktop over SSH)

I found this one out quite recently, but wish I had come across it years ago.

Image you have SSH access to a device inside a remote network, what you really want is a remote desktop to a device inside, but firewalls are blocking RDP and you have no way to change there setting (maybe you need to be on the desktop to configure the firewalls?)

Well as long as you can meet the two basic requirements below then fear not, because another of SSH’s little tricks is to allow you to tunnel traffic over it.

  1. First you must have a SSH client on your local station that can carry out port forwarding. such as Putty or Teraterm.
  2. An SSH remote client that is allowed to send traffic on the RDP ports to the final end station you want to remote desktop to.

All set then lets go..

First you need to set up the local telnet client. Here I will show it with Tera Term, as its the one I have installed, but the settings for putty and others are straight forward to match. What we are doing is mapping a local IP and port for Tera term to catch data sent to, and then relay it across the SSH connection to the remote SSH client where it will be forwarded on to the destination remote desktop client using the IP and Port set up.

First open up Tera Term and chose Setup then SSH forwarding from the menu, once the box pops up chose add. For the local forwarding port you can chose any random valid port, for this example I will use 3390. For the remote IP enter the IP of the machine you want to remote desktop to and the RDP port it is set to listen on, by default this is 3389 so we will use this.  (hint if you want to RDP to multiply remote hosts, simple set up a different local port for each one) Click OK and you should have a screen something like below.

Now click on the OK button.

The final steps are easy, in Tera Term click on file new connection, and connect up an SSH session to the SSH remote host as you normally would. While this connection is active open up the RDP client on the local host and enter the computer to connect to as shown.

Note the use of the Local port we configured above. Clicking on connect, Tera Term will now tunnel the traffic over the SSH connection where it will be forwarded on to the remote desktop host.

Yes you can achieve a more user friendly set up using VPN’s and I would not suggested it for end users. But I have found this very helpful in admin situation. And your remote SSH client can be any thing that supports SSH, Linux box or Cisco device all work just great.

Well hope you have all had a great Saturday and have good things to look forward to tommorrow.

Night from the Devil.

JAVA versions in Linux.

I am still quite a newbie when it comes to Linux, and have a long way to go yet before I could be considered an expert. But slowly I am getting there.

Today to help with setting up the firewall to allow email, I thought it was time I finally got around to installing Java on this PC, and because CISCO SDM express requires an old version this means setting up multiply versions.

Installing the first one is simple enough

$sudo apt-get install java….

(you can do an
$apt-get update
followed by
$apt-cache search java
and this will show you what versions are available for download.)

and after a bit of poking around the second one was simple enough as well, download the bin file from www.JAVA.com and extract it to a directory (this can be any where you want, although the /opt/ one seems to be a common choice) as below. If you want more instructions just click on the instruction link on the site.

$sudo sh ./java-5-4…..

Then cheat and open the java desktop control panel open up the runtime environment settings and add in you new version. (if any Linux masters wan’t to post the guru way to do this please do 🙂 )

And there you have it multiply JAVA installs.

Only one issues now though, Firefox does not support Java below version 6-10, and SDM still does not work! So its on to the next method to get SDM working on Linux.

I will get this email working soon…

Take care all.