VNC/SSH problems

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

VNC/SSH problems

John Aldrich
Per William Hooper's suggestion on the Fedora List, I have verified  
that I have "AllowTcpForwarding" set to "yes." Unfortunately, I'm  
still unable to connect. I'm getting the same error in the PuTTY log:
2007-09-25 08:35:40 Opening forwarded connection to localhost:5901
2007-09-25 08:35:41 Forwarded connection refused by server:  
Administratively prohibited [open failed]

Could this be a firewall issue with Fedora? I don't really understand  
why it would be, since I'm tunneling VNC over SSH, but maybe I'm  
missing something. As I've said, it's been awhile since I tried this.

Any suggestions would be appreciated.

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC/SSH problems

Constantin Kaplinsky
Hello John,

>>>>> John Aldrich wrote:

> Per William Hooper's suggestion on the Fedora List, I have verified
> that I have "AllowTcpForwarding" set to "yes." Unfortunately, I'm
> still unable to connect. I'm getting the same error in the PuTTY log:
> 2007-09-25 08:35:40 Opening forwarded connection to localhost:5901
> 2007-09-25 08:35:41 Forwarded connection refused by server:
> Administratively prohibited [open failed]
>
> Could this be a firewall issue with Fedora? I don't really understand
> why it would be, since I'm tunneling VNC over SSH, but maybe I'm
> missing something. As I've said, it's been awhile since I tried this.

I guess that's not a firewall or VNC issue. What I would do is
increasing the log level in sshd_config and inspecting the log after the
connection forwarding failure.

--
With Best Wishes,
Constantin

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC/SSH problems

John Aldrich
Quoting Constantin Kaplinsky <[hidden email]>:

> Hello John,
>
>
> I guess that's not a firewall or VNC issue. What I would do is
> increasing the log level in sshd_config and inspecting the log after the
> connection forwarding failure.
>
Boy, do I feel silly. It didn't know how to reach "localhost" since  
"localhost" wasn't in the "hosts" file. *blush*

Adding it in fixes *that* problem. Now all I have to do is recall how  
I got my window manager to start. :-) It's amazing what a little  
Googling and memory will do for you... :-) I remembered what I did,  
but I didn't remember to "chmod +x xstartup" after making changes to  
the xstartup file. :-)

Now I have VNC running and I'm able to access my desktop at home. Only  
problem is that I should have logged off when I left for work. Now I'm  
going to have to kill my other session... *sigh*

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC/SSH problems

John Aldrich
In reply to this post by John Aldrich
Quoting John Aldrich <[hidden email]>:

> Per William Hooper's suggestion on the Fedora List, I have verified
> that I have "AllowTcpForwarding" set to "yes." Unfortunately, I'm
> still unable to connect. I'm getting the same error in the PuTTY log:
> 2007-09-25 08:35:40 Opening forwarded connection to localhost:5901
> 2007-09-25 08:35:41 Forwarded connection refused by server:
> Administratively prohibited [open failed]
>
> Could this be a firewall issue with Fedora? I don't really understand
> why it would be, since I'm tunneling VNC over SSH, but maybe I'm
> missing something. As I've said, it's been awhile since I tried this.
>
> Any suggestions would be appreciated.
>
Please disregard. Thanks to Constantin on the Tight-VNC list, I have  
resolved the issue -- I had somehow removed "localhost" from my hosts  
file and once I put it back in, I was able to connect. :-)

Let that be a lesson to all who come after me... NEVER remove the  
"localhost" entry from the hosts file. :-)

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC/SSH problems

Michael D. Setzer II
In reply to this post by Constantin Kaplinsky
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

How to have the selinux configured?
system-config-securitylevel

Set otherport
59xx tcp

I have the SELINUX set to permissive...

I use stunnel to connect to my Fedora 6 machine.

Here is the stunnel.conf I use.

 client = no
 cert = /etc/stunnel/stunnel.pem

 [vnc79]
 accept = 7779
 connect = 5979

On my windows machine I use the following stunnel.conf

 client = yes
 cert = stunnel.pem

 [vnc79]
 accept = 5979
 connect = XXX.XXX.XXX.XXX:7779

I just pulled out the required lines from the files and changed the IP address.

Below is a link to some information I posted long ago about this setup.

http://www.stunnel.org/examples/vnc.html


On 25 Sep 2007 at 21:13, Constantin Kaplinsky wrote:

Date sent:       Tue, 25 Sep 2007 21:13:06 +0700
From:           Constantin Kaplinsky <[hidden email]>
To:             John Aldrich <[hidden email]>
Subject:         Re: VNC/SSH problems
Copies to:       [hidden email]

> Hello John,
>
> >>>>> John Aldrich wrote:
>
> > Per William Hooper's suggestion on the Fedora List, I have verified
> > that I have "AllowTcpForwarding" set to "yes." Unfortunately, I'm
> > still unable to connect. I'm getting the same error in the PuTTY log:
> > 2007-09-25 08:35:40 Opening forwarded connection to localhost:5901
> > 2007-09-25 08:35:41 Forwarded connection refused by server:
> > Administratively prohibited [open failed]
> >
> > Could this be a firewall issue with Fedora? I don't really understand
> > why it would be, since I'm tunneling VNC over SSH, but maybe I'm
> > missing something. As I've said, it's been awhile since I tried this.
>
> I guess that's not a firewall or VNC issue. What I would do is
> increasing the log level in sshd_config and inspecting the log after the
> connection forwarding failure.
>
> --
> With Best Wishes,
> Constantin
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2005.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> ___________________________________________________________
> TightVNC mailing list, [hidden email]
> To change your subscription or to UNSUBSCRIBE, please visit
> https://lists.sourceforge.net/lists/listinfo/vnc-tight-list


+----------------------------------------------------------+
  Michael D. Setzer II -  Computer Science Instructor      
  Guam Community College  Computer Center                  
  mailto:[hidden email]                            
  mailto:[hidden email]
  http://www.guam.net/home/mikes
  Guam - Where America's Day Begins                        
+----------------------------------------------------------+

http://setiathome.berkeley.edu (Original)
Number of Seti Units Returned:  19,471
Processing time:  32 years, 290 days, 12 hours, 58 minutes
(Total Hours: 287,489)

BOINC@HOME CREDITS
SETI 3,719,327.425647 | EINSTEIN 1,165,985.549596 | ROSETTA
235,305.717263


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8 -- QDPGP 2.61c
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBRviXEyzGQcr/2AKZEQJyVgCg0t8z5ERRPFUywK1kUN1214IzVMAAoOyQ
Dm6R0mXvS+K/JjFhIObzJbTX
=sZ+I
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC/SSH problems

John Aldrich
Quoting "Michael D. Setzer II" <[hidden email]>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> How to have the selinux configured?
> system-config-securitylevel
>
> Set otherport
> 59xx tcp
>
> I have the SELINUX set to permissive...
>
> I use stunnel to connect to my Fedora 6 machine.
>
> Here is the stunnel.conf I use.
>
>  client = no
>  cert = /etc/stunnel/stunnel.pem
>
>  [vnc79]
>  accept = 7779
>  connect = 5979
>
> On my windows machine I use the following stunnel.conf
>
>  client = yes
>  cert = stunnel.pem
>
>  [vnc79]
>  accept = 5979
>  connect = XXX.XXX.XXX.XXX:7779
>
> I just pulled out the required lines from the files and changed the  
> IP address.
>
> Below is a link to some information I posted long ago about this setup.
>
> http://www.stunnel.org/examples/vnc.html
>
Thanks for the tip. However, Const pointed me in the right direction.  
It seems that it was an ID-10-T error... or PEBKC type error... I'd  
somehow eliminated "localhost" from the hosts file and it couldn't  
find "localhost" to connect to. :-) Oops. Problem solved, now, though.

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list