Remote Desktop enables you to connect to your computer across the Internet from a computer. Once connected, you can control your computer using the mouse and keyboard while showing you everything that’s happening on the screen. With this, you can access your files, applications, and e-mail while leaving your computer at home or in the office.
Remote Desktop is very convenient, it suffers from to flaws: Although the connection uses 128-bit encryption, it still has the man-in-the-middle vulnerability where the traffic can be decrypted along the way. The default port of Remote Desktop is also 3389 which in most circumstances is blocked by firewalls in the network.
A solution to these flaws is to use Remote Desktop through a SSH tunnel.
SSH Server
The first requirement is to have an SSH server existing on your network. If you already have a Linux server like Ubuntu then you can install OpenSSH. However, if you only have computers with Windows then you can install copSSH.
Port Forwarding for SSH
To access the SSH server from a remote location you need to do port forwarding on port 22 through any firewall and router.
Enabling Remote Desktop
To enable Remote Desktop on Windows XP, right click on “My Computer”, and select “Properties”. Under the “Remote” tab check the box “Allow users to connect remotely to this computer”. The Remote Desktop user will require a password associated with the account.
Connecting to the SSH Server
To connect to your SSH Server remotely requires knowledge of your public IP address. This can be checked easily using the website http://checkip.dyndns.org. If you are using an ISP that provides you with a dynamic IP address, then you can setup a free account with No-IP http://www.no-ip.com or DynDNS http://www.dyndns.com where they can provide you with a fully qualified domain name.
Install/Configuring PuTTY
To open a SSH tunnel from the remote computer to your SSH server, you need to install PuTTY http://www.chiark.greenend.org.uk/~sgtatham/putty on the remote client computer. Open the application after installation is completed.
- Expand “SSH” under “Connection”, and then go to “Tunnels”.
- Under “Add new forwarded port:” enter a port number beside “Source port” e.g. 3390
- Beside “Destination” enter your computer name or computer local IP address along with the port for Remote Desktop 3389 e.g. 192.168.1.10:3389, and click on the “Add” button.
Use a different Source port for each additional Remote Desktop host PC.
To improve traffic click on “SSH” under “Connection”. Check the box “Enable Compression”
Click on “Session” and under the “Host Name (or IP address)” enter the public IP address or a fully qualified domain name of the SSH server PC. Enter a unique name in the “Saved Sessions” window and click on “Save”. Click on “Open” and login to the SSH server with the appropriate user and password information.
SSH Tunneling the Remote Desktop session
Establishing a Remote Desktop connection through SSH tunnel is accomplished when PuTTY is started and the user has logged on to the SSH server. To Remote Desktop from the client computer, on the client computer go to “Start” > “All Programs” > “Accessories” > “Communications” and select “Remote Desktop Connection”. In the “Computer:” textbox enter “localhost:3390″, and click on the “Connect” button.
May 24th, 2008 at 8:31 pm
[...] use VNC through SSH Tunneling refer to setting up a SSH server, and configuring Putty in the blog Remote Desktop with SSH Tunneling. Link [...]