Remote Desktop

[Patrick Doyle]

On Mon, Aug 16, 2010 at 10:52 AM, Kipton Moravec <kip at kdream.com> wrote:
> On Fri, 2010-08-06 at 16:56 -0500, Kipton Moravec wrote:
>> On Fri, 2010-08-06 at 12:10 -0400, Patrick Doyle wrote:
>> > On Fri, Aug 6, 2010 at 11:15 AM, Kipton Moravec <kip at kdream.com> wrote:
>> > > I am having problems with Remote Desktop running on a computer behind a
>> > > firewall.
>> > I presume you mean you want to connect to a Ubuntu (or other Linux
>> > distro) server from a Ubuntu (or other Linux) client using VNC -- not
>> > to a Microsoft Windows machine using Microsoft Remote Desktop.  If my
>> > assumption is incorrect, then the rest of this response probably won't
>> > help much.
>> >
>> > >
>> > > I have opened up port 5900 and pointed it to the IP address of the
>> > > remote computer I want to connect to. Is it TCP or UDP?  I have tried
>> > > both and can not get it to work.
>> > VNC uses TCP
>> >
>> > >
>> > > Both computers are behind NAT Firewalls. If I want to initiate a remote
>> > > desktop from my Home computer to the Remote Computer, I only have to
>> > > have port 5900 open on the firewall to the remote computer.  It does not
>> > > need to be opened on the firewall of the Home computer right?
>> > right
>> >
>> > >
>> > > It does work on my home network where I do not have a firewall between
>> > > the computers.  I am wondering if there are other ports it uses like
>> > > telnet, SSH or FTP. I have those ports open and working, but the
>> > > firewall has them on non-standard port numbers for the Internet side.
>> > nope.  VNC just uses port 5900 (or 5901 if you connect to :1, 5902 for
>> > :2, etc...)
>> >
>> > If you configure your home firewall to route port 5900 to port 5900 on
>> > the destination computer, then you should be able to point your VNC
>> > client (i.e. Ubuntu remote desktop connection) to the IP address of
>> > your firewall and it should just work.
>> >
>> > It should even just work if you do that from within your home network,
>> > although that depends a little on the firewall.
>> >
>> > Do you know the IP address of your firewall?  Not the 168.192.0.1
>> > address, but the address it was assigned by your ISP.
>> >
>> > That's the address to which you should be connecting from the outside.
>> >
>> > --wpd
>> >
>>
>> Thanks. That is what I thought it was doing. I have the computer setting
>> a dynmic dns address and I can get in using ssh. (So yes I know the
>> address.) But to reconfigure the ATT 2WIRE router I need to be on the
>> LAN side to log in and it is a web browser interface. Unfortunately the
>> location of the remote computer is not easy to access, so it is hard to
>> get in and out for testing.
>>
>> Kip
>>
>
> I think I figured out the problem, but do not know how to fix it.
>
> Recoup the problem:
>
> I have a Xubuntu computer at a remote site behind a NAT Router to the
> Internet. I directed TCP port 5900 on the Router to point to the Xubuntu
> Computer port 5900.
>
> I tried to access from my home computer using remote desktop on Ubuntu
> 08.04 LTS and could not get it. I have a dynamic DNS set up and can
> access the computer with ssh so the IP address is O.K.
>
> =============
>
> Last Friday I went out there to check on another problem we were having
> on a different computer and ran vino-preferences on the computer. The
> window was different than the System->Preferences->Remote Desktop on
> Ubuntu 08.04.
>
> In regular Ubuntu I have a check under the Advanced tab that says "Only
> use Local Connections". In Xubuntu I do not have the option, and it says
> local connections only.
>
> Am I screwed? Do I have to load 08.04 on that computer to get a remote
> desktop that is not local, or is there a config file somewhere that I
> can manually edit? Or is there a different vino-preferences I can get?
>
> I put Xubuntu on it because it was an old computer (566 MHz) with not a
> lot of RAM (384 MB), but the program running uses less than 10% of the
> resources. And it is the only thing running until I log in. I have to
> have a window system because the router has a web based interface that
> is only accessible from the LAN side and I would like to remote desk top
> in, and then configure the router.
>
> Kip

Hello Kip,
I should have thought of this (and mentioned it) before.  You could
probably find a configuration file somewhere on the old Xubuntu
computer that would allow for remote connections, but you need to be
aware of what security risks you are exposing that computer to by
allowing anybody in the world wild internet to connect to your
computer.  That may not be what you want to do.

If I understand you correctly, you've said that you can ssh to that
computer and that you have your router set up for that.  (If I don't
understand you correctly, then what I'm about to suggest probably
won't work).

You can use ssh's "tunneling" capability to log into your Xubuntu
computer, and tunnel a connection to the VNC server with something
like:

$ ssh xubuntu.computer.dyndns -L 9000:127.0.0.1:5900

That says "Please connect to xubuntu.computer.dyndns using SSH; open
up local port 9000 and tunnel any connections to that port to port
5900 on that computer."  Then point your VNC viewer to localhost:9000
and you should be connected via an encrypted link to your Xubuntu
computer.

--wpd