Can you offer VNC connections through a SSH tunnel or session you started?

Hopefully this is easier to solve than I think.

I have two computers [A, B]. A cannot start network connections to B, but B can start network connections to A. This is because of some firewall and port issues.

I frequently ssh from B to A using port 61001 on A. ssh user@A -P 61001. I even have passwordless login working between them via shared ssh public keys.

Is there a way I can allow a user on A to view a VNC session of a user of B?

I was thinking maybe VNC can connect from B to A via an SSH tunnel and push B's display. Is this possible?

Jason

Posted 2013-01-18T07:02:12.330

Reputation: 280

Answers

Yes, there are several VNC clients that permit tunnelling, and also allow you to share the physical/console Xsession remotely e.g. ssvnc

arober11

Posted 2013-01-18T07:02:12.330

Reputation: 396

Most VNC viewers support a listen-mode, where the viewer waits for a connection from a server; because you can make connections from B to A, start the listening viewer on A, then at some later point, you can initiate a connection from B to A by starting the server in a way that tells it to connect to a viewer immediately, instead of acting as a typical server and waiting for connections. Check the docs for your preferred viewer and server. There are also guides on the Web, for example: https://www.realvnc.com/products/vnc/documentation/5.0/guides/user/aj1077505.html

Alternatively, you might use some kind of proxy program to negotiate the connection. For instance, see: http://www.karlrunge.com/x11vnc/ssvnc-proxies.html

All of this stuff can be done with or without a tunnel; a properly set up tunnel is basically transparent to its users.

bernz

Posted 2013-01-18T07:02:12.330

Reputation: 178