I'm trying to establish a SSH tunnel to allow VNC/ARD connections (ports 5900 and 3389).
However I'm uncertain about a certain thing:
Let's say machine A has IP 192.168.103.1 and has services running on ports 5900 and 3389.
I want to SSH to the server that has IP 192.168.103.254.
Machine B 192.168.103.2 wants to connect to machine A by using an tunnel on the server 192.168.103.254 and different ports (let's say 6001 and 4001)
So, the setup will look like this:
Machine B 192.168.103.2 –> VNC to Server 192.168.103.254:6001 (Server redirect –> 192.168.103.1:5900)
I know a little bit about SSH tunnel and reverse SSH tunneling but I'm unsure which command I need.
Please note:
- The Client PC has to connect to the server (the other way around is not possible since the clients have different IP addresses everytime)
Things I tried:
ssh -f user@server.hostname.net -L 6001:localhost:5900 -N
This command succeeds but when I try to connect to it I get a connection refused error:
Tims-Macbook-Pro:~ Tim$ telnet server.hostname.net 6001
Trying 192.168.103.254...
telnet: connect to address 192.168.103.254: Connection refused
telnet: Unable to connect to remote host
I also tried this
sudo ssh -NT -R 6001:localhost:5900 user@server.hostname.net
The command also gives a connection refused error when I'm trying to access it.
Tims-Macbook-Pro:~ Tim$ telnet server.hostname.net 6001
Trying 192.168.103.254...
telnet: connect to address 192.168.103.254: Connection refused
telnet: Unable to connect to remote host
Best Answer
You should reach Machine A's port 5900 when connecting to the server's localhost port 6001 with this command:
Check this resource for a deeper understanding of SSH tunneling: http://www.linuxhorizon.ro/ssh-tunnel.html
UPDATE:
If you need multiple clients accessing Machine A's port 5900 via the server like this:
You need to run this command (In the client):
All clients connecting to the server port 6001 will reach Machine A's port 5900 with that command.