Find the answer to your Linux question:
Results 1 to 9 of 9
Hi folks... I'd like to be able to remote control my home PC from work using PuTTy to forward the appropriate ports. However the instructions I have assume that the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined! Stonelaughter's Avatar
    Join Date
    Jul 2008
    Location
    Nottinghamshire
    Posts
    12

    SSH RDP/VNC from work to home - n00b alert!!


    Hi folks...

    I'd like to be able to remote control my home PC from work using PuTTy to forward the appropriate ports. However the instructions I have assume that the home PC is the only one on the home network and therefore has a public IP address - and it doesn't. My setup is as below:

    UB_PC >-------< router >--------< Cable Modem >-------< Internet
    192.168>------<192.168 > 81.105< ................. >

    The router has a port forwarding function - the only problem is, I don't know what port to forward to what!

    At work I have configured my 'doze box at work with PuTTy to forward port 3389 (RDP) to port 443 on my home's public (81.105) IP.

    Now - what do I do on my Router to allow me to RDP to my Ubuntu box, what do I do on my Ubuntu box to be able to accept the connection, and what address do I put into the RDP client on my 'doze box to make the connection?? (p.s. My Ubuntu box has an RDP Client installed but I don't know if it can serve up an RDP service - if it can't, ditch everything I said about RDP and replace it with VNC... I can use the VNC Viewer on my 'doze box).

    Thanks in advance!

  2. #2
    Just Joined! Stonelaughter's Avatar
    Join Date
    Jul 2008
    Location
    Nottinghamshire
    Posts
    12
    Have I picked a really difficult one, or have I simply not given enough info? Please let me know how I can ask this better to get some replies...

  3. #3
    Just Joined! Stonelaughter's Avatar
    Join Date
    Jul 2008
    Location
    Nottinghamshire
    Posts
    12
    *bump*
    ???

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Enthusiast
    Join Date
    Apr 2004
    Location
    UK
    Posts
    682
    What you are trying to do is fairly straight forward. The first thing is establishing a ssh connection from work to home.

    Set your router to forward some port to your home computer port 22. You can use port 22 on the router, but I'd suggest some other port to cut down on automated scanning attacks.

    That should let putty connect correctly. Then use the Putty's port forwarding to do a local port forward from your work computer to "localhost:<vnc port>".

    Finally direct your VNC client to connect to localhost on the forwarded port. This will tunnel the connection through ssh onto your home PC and then onward to the host specified in the port forwarding (localhost).

    If any of these steps fail then post the errors here and we will see what we can do.

    Let us know how you get on,

    Chris...
    To be good, you must first be bad. "Newbie" is a rank, not a slight.

  6. #5
    Just Joined! Stonelaughter's Avatar
    Join Date
    Jul 2008
    Location
    Nottinghamshire
    Posts
    12
    Thank you very much Sir - I will try it out and let you know what happens on Monday. BTW - to get out of work's network it'll have to go out over port 443... :-S

    Oh - wait a minute... this means I don't have to mention port 443 in ANY of the setup??? PuTTy does the encryption part automatically?

    So - to get this straight, let's say I choose port 1237 (just making one up for discussion).

    At home, I forward port 1237 on my WAN interface to port 22 on my Linux box.

    At work, I set PuTTY to forward localhost: <1237> to localhost <VNC port>?

  7. #6
    Linux Enthusiast
    Join Date
    Apr 2004
    Location
    UK
    Posts
    682
    If you need to send traffic over port 443 to get through your work firewall then you need to set up your router to forward port 443 to you home computer port 22. This encrypted traffic is all that will get seen going over the network.

    Then you do set up a local port forward from 1237 -> localhost:<vnc port>.

    When you connect your VNC client to localhost port 1237, Putty will take the incoming traffic, encrypt it, and send it over the link to your router on port 443. From there it gets passed to your home computer which decrypts it and passes it on, in this case back to your home computer.

    One thing to note is you are attempting to get around your work's network protection which can cause all kinds of trouble, especially if you're not supposed to be doing it.

    Let us know how you get on,

    Chris...
    To be good, you must first be bad. "Newbie" is a rank, not a slight.

  8. #7
    Just Joined! Stonelaughter's Avatar
    Join Date
    Jul 2008
    Location
    Nottinghamshire
    Posts
    12
    It's OK - I'm a Windows sys admin/server support bloke in a large organisation - we support a huge number of services and functions in our team and being able to get "outside" to test things coming in is very useful and accepted; however they don't provide official means to do it - so the attempt is accepted and tolerated, especially if it's encrypted. So - bare VNC Free from a work desktop to a home PC is emphatically blocked; not encrypted, insecure in the extreme. LogMeIn, however is allowed (for our team) because it's 256-bit point-to-point encrypted and therefore poses very little risk... similarly if only I can get it working SSH will be fine onto my Ubuntu box, too...

    Thanks very much for all your help!

  9. #8
    Just Joined! Stonelaughter's Avatar
    Join Date
    Jul 2008
    Location
    Nottinghamshire
    Posts
    12
    p.s. Do I need to cover UDP *and* TCP on my router, or is SSH TCP only?

  10. #9
    Linux Enthusiast
    Join Date
    Apr 2004
    Location
    UK
    Posts
    682
    Just TCP.

    Chris...
    To be good, you must first be bad. "Newbie" is a rank, not a slight.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •