Secure Screen Sharing with Linux Ubuntu 18.04 LTS
To share screen from Ubuntu Workstation securely, we need to configure the pre-installed VNC server Vino and then we also need to install ssh server if we have not already done so.
Server side configuration are as follows:
- Configure Vino server
- Install and configure ssh server
We have 2 methods of launching VNC client. They are as follows:
Method 1
Method 1
- Established ssh connection over VNC port
- Launch VNC client over ssh tunnel
Method 2
- Using a VNC client that can perform both at the same time.
Server Side Configuration
Configure Vino Server
Install and Configure SSH Server
Please refer to this post
Install and Configure SSH Server on Linux
Client Side Connection
Method 1A: Launching VNC from Linux/Mac OS X
Established SSH Tunnel from Client
At this point we assume that we have installed and tested the ssh server. To established secure ssh tunnel over VNC port, we must have the ip address of the VNC server and the port number it is using.
We can use the following command to established connection:
ssh -f -L 5999:localhost:5900 ipAddress -l username sleep 60
We have obtain the above command from the man page. The details are as follows:
- -f is to ask the ssh to fork a separate process. This way the terminal will be free up. We can use ps -A | grep ssh to see if the process is still alive.
- -L 5999:localhost:5900 This is the most important option. It tell ssh to use port 5999 as the local port for our local host and the ssh is to forward the data from local port to port 5900 at the remote host. Local port 5999 can be any unused port number. 5900 is the port used by the VNC server. If your VNC server uses different port, please change accordingly.
- ipAddress is the ip of the VNC server
- -l username is for us to login with username
- sleep 60 tell ssh to keep alive the connection for 60 seconds if there is no network activity. This way we do not need to kill the process when we are done.
We also have tested the following command:
ssh -L 5999:localhost:5900 -N -f -l username ipAddress
We have obtained this command via web search. It is pretty much the same. The option -N ask ssh not to execute a remote command as the connection is for port forwarding only. Therefore sleep command cannot be used with -N. The ssh connection will be there until we kill it.
We would recommend to use the first command, unless you prefer to establish a permanent connection.
Launch VNC Client
To use VNC client over ssh, we need to use localhost and the local port number established earlier. Simply, we can use the following command:
vnc://localhost:5999
Whatever VNC client we use, we must configure such that the VNC server will be localhost or 127.0.0.1. The port number will be 5999 or whichever local port number you have configured using ssh.
Method 1B: Launching VNC from Windows
We need to download and install Putty. Putty is a remote connection tool. The setting is similar, if in doubt please research the web for information. Then you need to launch your VNC client using localhost and local port number you have configured in Putty.Method 2: Launching VNC with SSH from VNC Client
We can perform both function using certain VNC client. Currently we only can confirm that the app Remmina can support this function. Remmina is only available in Linux platform. Open the app and create a new connection.Enter the name of connection, server with port number, username and password. Then click on the third tab named SSH:
Over here we can configure the SSH settings.
Once the settings is done, we can click save and connect to established VNC connection. If you are on Linux platform, we would recommend Remmina.
Once the settings is done, we can click save and connect to established VNC connection. If you are on Linux platform, we would recommend Remmina.
***
Comments
Post a Comment