VNC through SSH Tunneling

VNC through SSH Tunneling with PuTTY

by Andrew E. Santosa, 29 April 2003

The principle of SSH tunneling here is to create a virtual server at the Windows machine side (localhost). Connections to the port are forwarded by PuTTY to a remote host, i.e., every client that connects to that port at the localhost will actually be talking to the remote host.

After starting PuTTY, at the PuTTY Configuration window select Tunnels: in the Category: box. Then in the Source port box enter 5901 (or any number you like, but 5901 is probably a safe port number not being used by any other networking program at your Windows machine). In the Destination box enter your remote server name and the remote server's port separated by semicolon. As shown in the example below, it is otah.comp.nus.edu.sg:5901. The remote server's port cannot be arbitrary. Display i of VNC server actually accepts connections through port 5900 + i. So if we want to connect to display 1 of the VNC server as in this example, we need to connect to port 5901 of the remote server.

Make sure that the Local radio button is being selected, then click the Add button. The line L5901 remote.host.name:5901 should appear in the Forwarded ports box.

Then click Section in the Category: box, enter your remote host name (otah.comp.nus.edu.sg in this example), select SSH for the protocol. Then name your connection by entering a string in the Saved Sessions input box. In the following picture we entered Otah VNC Display 1.

Then click the Save button, the string entered will appear in Saved Sessions list. It is possible not to save the session, but it is more practical for repeated use of the tunneling.

Double click on the session name in the Saved Sessions list to start connecting to the remote host. A terminal window will appear. Enter your login name and password of your account at the remote host. The next time you start PuTTY you can proceed from this step without reconfiguring.

Start your VNC server when you have not done so already, and when asked for password, enter an appropriate one.

Now you can start the VNC viewer at your Windows host. When you start your VNC server, a Connection Details dialog box will appear. Enter localhost::5901 as the VNC server, and click OK.

A password dialog box will appear,

and after entering your password you can access the VNC display.