TightVNC, Vine and SSH

gravitoon · April 5, 2007, 2:54pm

Hi

I am testing Vine Server 2.1 on a mac. Using the Vine Viewer I am able to use ssh (tunnel) for connections to the server - I have setup ssh to allow only public key authentication. I have a windows box which I have configured Putty and Secure Shell to access the Mac box as well - tunneling to the server. I know the public key authentication part work since I can get a remote shell session. When I launch tightvnc after creating the ssh tunnelI keep getting a incompatible protocol error. I can’t seen to find through the forums anyone doing ssh tunneling and public key authentication from tightvnc to Vine Server. Any pointers would be greatly appreciated.

javascript:emoticon(’:D’) Thanks so much

JonathanOSX · April 6, 2007, 11:00am

I do this myself from my Windows 2000 machine through PuTTY so I know it’s doable.

The incompatible protocol error usually means that you are connecting to ARD on port 5900, not Vine Server.

gravitoon · April 9, 2007, 10:52am

I setup Vine to only accept local ssh connections … then I made Putty connect to port 22 and used a tunnel 7000:localhost:22. Then from tightvnc I try mymachine::-5878. I looked at the firewall logs on my server and I know I am not hitting the firewall -the tunnel seems to be working. Since it works for you I know it must be a setting. How did you create your tunnel and how did you enetered your server address at the vnc prompt? Thanks

JonathanOSX · April 9, 2007, 11:22am

I think your problem is that you need to target the tunnel at the VNC port not the SSH port, which might as well run on the standard 5900. Typically, I would do something like 5990:localhost:5900.

gravitoon · April 9, 2007, 1:30pm

From putty I am doing

Source:5900
Destination:localhost:7000

put when I look at server firewall I see it is not using 5900 but 3283 for one connection. How do I force tightvnc to use a given source port?

JonathanOSX · April 10, 2007, 11:16am

I’m not sure why Tight would be on 3283, that seems odd.

A typical scenario though should have VNC on the Mac running on 5900, then pick any open port on the local machine as the input port, even something in the typical VNC range works fine, so 5909 (localhost) -> 5900 (mac) then connect using “localhost:9” within TightVNC or RealVNC.

gravitoon · April 10, 2007, 11:46am

Where is how everything is setup

VNC Server

Connection
Display Number:–
Port:7000
Display Name: machine.local
No reverse information specified
System
Allow display dimming and Allow Screen Saver are selected
Sharing
Only allow local connections and Let client request access are selected
Startup
Start server when application launches and Restart server if it terminates unexpectadly
Advanced
Nothing selected

In putty
Host:user@machine.edu Port:22
SSH:Auth:Private key file authentication
Tunnels:Source Port:7000 Destination:localhost:22
(I have also tried localhost:7000)

Tightvnc
user@machine::7000

Everything else is on default settings