RDP over SSH Tunnel through intermediate Linux server

-1

I would like to use RDP to a Windows Machine on a network A while I'm on a Windows Notebook on network B.

In network A i got: Windows Machine (My Target) and a Linux Box with Ubuntu. No one here have a public IP.

On Internet I got a Linux Server (Ubuntu Server) with a public IP and then I got my Notebook on Network B.

Both Network A and B can reach the Linux Server via SSH.

On Windows I'm using MobaXTerm and putty to ssh Linux. I don't want to install (if possible) anything on the Windows Machine(A), while i can install all i want on the notebook.

I can't modify IPTables (i don't know if needed) on Linux Server.

How can I achieve this?

To make it ever clear, the schema i thought is:

                 SSH     (public ip)   Reverse SSH              ?
Win Notebook ----------- Linux Server ------------- Linux BOX ----- Windows PC
    ("N")     Internet      ("S")        Internet     ("L")    LAN     ("P")

Thank you!

Polletto

Posted 2016-11-11T14:09:15.960

Reputation: 64

Answers

So, I think a more complete answer requires both ssh commands to setup the RemoteForward (from Linux Box "L" to "Linux Server "S") and the LocalForward (from Notebook "N" to Linux Server "S"), and also assumes there is no firewall or filtering between Linux Box "L" and Windows PC "P". Given all that, the following should work:

On Linux Box "L":

ssh -R4489:windows-pc:3389 linux-server

... which sets up a port on Linux Server "S" forwarding all traffic recieved on port 4489 to the Windows PC, port 3389 (the default RDP port).

Then, on Windows Notebook "N":

ssh -L5589:localhost:4489 linux-server

... which sets up port 5589 on your notebook forwarding all traffic to the Linux Server port 4489.

The chain is now setup and you can connect via your RDP client by specifying the host and port as:

localhost:5589

You can use whatever ports you want, but I made them different for improved clarity. You'll have to translate to appropriate options to your putty configuration on your notebook.

crimson-egret

Posted 2016-11-11T14:09:15.960

Reputation: 1 900

Assuming your Linux Server is accessible from both Windows machines, you could:

enable the RDP server on the Windows PC
use putty to ssh into the Linux server with options -L 3389:ip-of-the-winwdows-pc:3389 (for this to work the RDP server should be disabled on the notebook or there will be a conflict)
start the RDP client (remote connection) on the Windows notebook using 127.0.0.1 as "remote" address

Luca Citi

Posted 2016-11-11T14:09:15.960

Reputation: 214

If you don't want to disable RDP on the local host, just pick a different port number for the local port, as in: -L4489:windows:3389, then when you open RDP, specify the port number in addition to the hostname, as in:L localhost:4489 – crimson-egret – 2016-11-13T14:30:09.447

If you need to connect to your remote PC through 2 SSH jump hosts with MobaXterm, you can use the following tutorial: http://blog.mobatek.net/post/ssh-tunnels-and-port-forwarding/#how-to-reach-my-server-behind-multiple-jump-hosts

The main idea is to create 2 tunnels: - 1st tunnel from "N" to "L", through "S" - 2nd tunnel from "N" to "P", though 1st tunnel

Didier

Posted 2016-11-11T14:09:15.960

Reputation: 789