[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[suse-security] Re: VNC through SSH tunnelling problem
* Neil Anderson <cleidh_mor@xxxxxxxxxxxxxxx> [2003-12-09 21:46 +0100]:
> I SSH to my Linux box ok, start a VNC server ok and can do a
> "straight" VNC into the linux box. However, if I try to use the VNC
> viewer to set up a connection to localhost on the Windoze machine (to
> use port forwarding) nothing happens and if I look in PuTTY's event
> log it has the error "server refused forwarded connection".
Just some ideas:
1.) The server's /etc/ssh/sshd_config doesn't contain
"AllowTcpForwarding=no", does it?
2.) Are there any "no-port-forwarding" or "permitopen" options in your
3.) Are you forwarding to the right port?
"lsof -Pai -c Xvnc" and
"netstat -ptan|grep Xvnc"
can find out the port of the vncserver, like
"*:5901 (LISTEN)" or
(mind the ip address before the colon: it must be wildcard or localhost)
4.) Are you forwarding to the right host?
Try 127.0.0.1 instead of "localhost" or any hostname.
5.) Can you locally connect to the vncserver? Check with
"nc -v localhost 5901" or "telnet localhost 5901" from the server's
shell. It must print a line starting with "RFB".
6.) Is the server's /etc/hosts missing the line "127.0.0.1 localhost"?
7.) If this all doesn't help, I'd next try to trace the server's
loopback interface by running "tcpdump -i lo port 5901" as root.
Professional unix/network development
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here