problem with tightvnc over SSH (Jsch)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

problem with tightvnc over SSH (Jsch)

Andre Charbonneau
Hello,

I've been using tightvnc over SSH for a while now and lately I wanted to
add more security by using the -localhost switch on the vncserver
command.  Since that change my clients can't connect anymore.

One thing I noticed in the vnc log files (before I added the -localhost
switch) is that for the line that says:

        Got connection from client aaa.bbb.ccc.ddd

I get the full IP address of the system running the tightvnc server, as
opposed to 127.0.0.1, which makes me think that maybe this is why it
does not work when I enable the -localhost switch.  The IP address is
the right one, since tunneling is used, but I don't understand why it is
the system's IP address instead of '127.0.0.1'.  Is this something
related to the way I do the SSH tunneling?

With the -localhost switch, in the vnc logfile I simply get:

        X connection to :2.0 broken (explicit kill or server shutdown).


The SSH tunnel is created using the Jsch SSH libraries (local port
forwarding), and the VNC viewer on the client's system is the tightvnc
Java viewer.

Any information about this would be much appreciated.


Regards,
        Andre

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: [JSch-users] problem with tightvnc over SSH (Jsch) (SOLVED)

Andre Charbonneau
Greetings,

After trying out some different things with my code and looking at other
people's code, I found that the problem was cause by my call to

session.setPortForwardingL(localPort, remoteHost, remotePort);

I had the remote system's hostname as the 2nd argument.  I changed this
to '127.0.0.1' and it seems like it is working fine now.

Thanks,
        Andre

Andre Charbonneau wrote:

> Hello,
>
> I've been using tightvnc over SSH for a while now and lately I wanted to
> add more security by using the -localhost switch on the vncserver
> command.  Since that change my clients can't connect anymore.
>
> One thing I noticed in the vnc log files (before I added the -localhost
> switch) is that for the line that says:
>
> Got connection from client aaa.bbb.ccc.ddd
>
> I get the full IP address of the system running the tightvnc server, as
> opposed to 127.0.0.1, which makes me think that maybe this is why it
> does not work when I enable the -localhost switch.  The IP address is
> the right one, since tunneling is used, but I don't understand why it is
> the system's IP address instead of '127.0.0.1'.  Is this something
> related to the way I do the SSH tunneling?
>
> With the -localhost switch, in the vnc logfile I simply get:
>
> X connection to :2.0 broken (explicit kill or server shutdown).
>
>
> The SSH tunnel is created using the Jsch SSH libraries (local port
> forwarding), and the VNC viewer on the client's system is the tightvnc
> Java viewer.
>
> Any information about this would be much appreciated.
>
>
> Regards,
> Andre
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2005.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> JSch-users mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/jsch-users


--
Andre Charbonneau
100 Sussex Drive, Rm 2025
Research Computing Support, IMSB
National Research Council Canada
Ottawa, ON, Canada K1A 0R6

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list