I have two machine say A and B. machine A is a public gateway. machine B is in my network and running VNC server on port 6000. I want people should connect on machine A on VNC port say 5900 (unsecured). after this the machine A should setup a tunnel from self 5900 port to port 6000 on machine B(secured).and people can see vnc output without connecting to actual host.
how this can be done? is there any way? please let me know if i am wrong somewhere. Thanks
Best Answer
You should check out the
-via
option ofvncviewer
. If you set up SSH access tohost-a
, you can open access your VNC server as follows:This will open an SSH session to
host-a
, forwardhost-b:6000
to your local machine and point the VNC viewer to that forwarded port, all in one command. The traffic from your host tohost-a
will be encrypted, whereas the traffic fromhost-a
tohost-b
will be unencrypted.EDIT: After re-reading your question I realized that this is not exactly what you were asking. I think you should be able to achieve what you want using a plain TCP proxy such as simpleproxy or rinetd installed on host A. Configure that proxy to forward traffic from port 5900 to host B. Example
rinetd.conf
:From a security point of view, the solution involving SSH would be preferable, though...