This may result in different security issues, such as traffic sniffing that can cause sensitive data theft. To avoid these possible annoying issues we can route the VNC session inside a SSL connection and secure the communication.
In this tutorial I will show how make a secure tunnel connection and then route the free VNC edition through this tunnel to secure the communication of the VNC session.
What we need:
- 2 hosts, generally one is depicted as a server and the other one as a client.
- VNC server installed on the server host
- VNC viewer installed on the client host
- freesshd installed on the server host (if windows based) or openssh-server (on linux machines)
- putty installed on client machine (if windows based) or openssh-client (on linux machines)
Under Linux machines on the client side:
ssh user@serverip -L <LOCAL_PORT>:127.0.0.1:<VNC_PORT_ON_SERVER>
Where:
- <LOCAL_PORT> is the port on the client host where VNC connection will be redirected.
- <VNC_PORT_ON_SERVER> is the port on the server where VNC service is running.
- The middle address "127.0.0.1" means that the <VNC_PORT_ON_SERVER> on the host 127.0.0.1 (so the server to which we are connecting) will be redirected to <LOCAL_PORT> on the client.
Start putty and under the Session section place user@serverip in the circled field.
Under SSH->Tunnels:
In Source Port place the equivalent of <LOCAL_PORT>
In Destination place the equivalent of "127.0.0.1:<VNC_PORT_ON_SERVER>"
Once set up, click Open.
Now, both on Windows or Linux machines, you can open the secure VNC session connecting to:
127.0.0.1:<LOCAL_PORT>
In this case the packets will be routed through the ssh connection until they get to the server.
VNC Free + secure connections.
Enjoy