I found this one out quite recently, but wish I had come across it years ago.
Image you have SSH access to a device inside a remote network, what you really want is a remote desktop to a device inside, but firewalls are blocking RDP and you have no way to change there setting (maybe you need to be on the desktop to configure the firewalls?)
Well as long as you can meet the two basic requirements below then fear not, because another of SSH’s little tricks is to allow you to tunnel traffic over it.
- First you must have a SSH client on your local station that can carry out port forwarding. such as Putty or Teraterm.
- An SSH remote client that is allowed to send traffic on the RDP ports to the final end station you want to remote desktop to.
All set then lets go..
First you need to set up the local telnet client. Here I will show it with Tera Term, as its the one I have installed, but the settings for putty and others are straight forward to match. What we are doing is mapping a local IP and port for Tera term to catch data sent to, and then relay it across the SSH connection to the remote SSH client where it will be forwarded on to the destination remote desktop client using the IP and Port set up.
First open up Tera Term and chose Setup then SSH forwarding from the menu, once the box pops up chose add. For the local forwarding port you can chose any random valid port, for this example I will use 3390. For the remote IP enter the IP of the machine you want to remote desktop to and the RDP port it is set to listen on, by default this is 3389 so we will use this. (hint if you want to RDP to multiply remote hosts, simple set up a different local port for each one) Click OK and you should have a screen something like below.
Now click on the OK button.
The final steps are easy, in Tera Term click on file new connection, and connect up an SSH session to the SSH remote host as you normally would. While this connection is active open up the RDP client on the local host and enter the computer to connect to as shown.
Note the use of the Local port we configured above. Clicking on connect, Tera Term will now tunnel the traffic over the SSH connection where it will be forwarded on to the remote desktop host.
Yes you can achieve a more user friendly set up using VPN’s and I would not suggested it for end users. But I have found this very helpful in admin situation. And your remote SSH client can be any thing that supports SSH, Linux box or Cisco device all work just great.
Well hope you have all had a great Saturday and have good things to look forward to tommorrow.
Night from the Devil.