Tunneling Tight-VNC over ssh using PuTTY

Hello! I've seen quite a few people wondering how to tunnel tight-vnc through ssh using PuTTY.

For clarity's sake, I personally use PuTTY on my Windows 2000 workstation at work to access my RedHat Linux computers at home, one running Redhat 7.3, the other running Redhat 8.0. I have Tight-VNC running on both of them. I know that there is a way to set up the vncserver with xinetd, but I haven't bothered to figure it out. Instead I have the /etc/sysconfig/vncservers set up with a static port, in this case :4, and start up the /etc/init.d/vncserver whenever I want to connect.

This quicky tutorial assumes that you have the VNC server running on your linux box at home, that you have your firewall configured correctly (dis-allowing any tight-vnc connections from the outside) and that you have the vncviewer.exe on your windows box at work. If there's enough interest, I'll expand this tutorial to include those steps for RedHat 8.0 at a later date.

This tutorial also assumes that you're using PuTTY version 0.53b. It's very important to get the latest version, as tunneling wasn't even available until 0.52, and 0.53b fixes some bugs and security problems.

1. Okay, here's how to set up PuTTY. First, start up the program. When PuTTY first starts up, you see the sessions screen; you need to type in the information for the computer with which you wish to connect. Here I'm connecting to a mythical computer named host.foo.com. Notice that I have typed in the hostname in the Host Name field, that I've selected the SSH protocol radio button, and that I've given the session a name that I will be saving to. However, don't save the session yet.

2. Now, so far all we've done is created a session that we could use to log in and use the shell prompt. Next we need to tell PuTTY how we want to tunnel. On the left, under "Category", you'll see "Tunnels" as the second from the bottom. Click on it. Then, on the right at the bottom, you'll see the "Source Port" text box. Here you will input the port that you wish to tunnel. Since I'm using :4 on my linux box, I have put 5904 here. If you were using port :2, you'd put 5902, etc. Finally, in the "Destination" text box below that, you'll put where that port should be forwarded. Since the "Destination" box is from the point of view of the computer you're connecting to, you have to put "localhost", then a colon ":", then the port, i.e. "localhost:5904" without the quotes.

3. Okay, now click on the "Add" button, and you should see the new tunnel "L5904 localhost:5904" in the "Forwarded Ports:" box.

4. Now, all you have to do is click on "Session" at the top left of the "Category:" box, then click on the "Save" button, and you have a saved session!

5. Now, to use this tunnel, log into your machine with Putty. Then, bring up your VNC viewer and, for the VNC server that you want to connect to, type "localhost:port", where "port" is the port you're forwarding. In this case, it's "localhost:4".

And that's it! If you have any questions, please address them to the Tight-VNC mailing list, and a whole bunch of people will try to help. PLEASE: when asking for help, detail your operating system and any other pertinent information, or we're just shooting in the dark. Thanks!

Copyright 2003, Benjamin J. Weiss, All rights reserved.

Updated 26 February 2003