Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

NC, SSH, Linksys WRT54G, and a Macbook

Help
2009-09-04
2013-04-30
  • Ellis Cloud
    Ellis Cloud
    2009-09-04

    The situation: my wife has a windows machine running a vnc and ssh server at her office. She wants to connect to this computer using a vnc client on her Macbook (Unibody running 10.5.8).

    From any location outside of her office, except at our home, she has no problem creating the SSH tunnel and connecting to her windows machine with the VNC client (Chicken of the VNC or ScreenSharing).

    When she tries to connect from our home, she can create the SSH tunnel and connect to the windows computer that way, but the VNC client refuses to connect to over the SSH tunnel.

    We're running a Linksys WRT54G at home, but I can't think of a reason why the router would cause this problem. Once the SSH tunnel is active, all traffic goes through that, so it shouldn't matter what ports are forwarded, should it?

    As I said, this works everywhere but our home, so I know it's something in our home network setup that's causing the problem. Anyone have any suggestions? Thanks!

     
    • Kurt Werle
      Kurt Werle
      2009-09-04

      You're not clear about how you're firing up ssh.  Or exactly how you're trying to connect.  Or if there is an error message.

      ssh -L 5900:vnc.server.host:5900 ssh.host -v

      And then connect to localhost:5900 ought to work.  If it does not, then
      telnet localhost 5900
      might be interesting.

       
      • Ellis Cloud
        Ellis Cloud
        2009-09-04

        ssh xxx@xx.xx.xx.xx -L 5900:127.0.0.1:5900

        Chicken of the VNC - 127.0.0.1:5900

         
        • Kurt Werle
          Kurt Werle
          2009-09-04

          Tack on the -v so you can find out what is happening.
          Try the telnet and see if you get an RFB response.

           
          • Ellis Cloud
            Ellis Cloud
            2009-09-04

            Below I've included the debug output from the ssh session. The last two lines show where ChickenOfTheVNC is trying to connect.  When I click connect in CotVNC, it provides no feedback. Nothing happens. When I close the SSH tunnel, CotVNC gives the following error:

            Could not connect to server
            127.0.0.1:5900
            Connection refused

            I also connected the laptop directly to the cable modem to take the router out of the equation. Problem persists. Many thanks for any light you can shed. This has me baffled!

            Last login: Fri Sep  4 08:54:34 on ttys000
            97-82-219-169:~ dkirksey$ ssh Administrator@xx.xx.xx.xx -L 5900:127.0.0.1:5900 -v
            OpenSSH_5.1p1, OpenSSL 0.9.7l 28 Sep 2006
            debug1: Reading configuration data /etc/ssh_config
            debug1: Connecting to xx.xx.xx.xx [xx.xx.xx.xx] port 22.
            debug1: Connection established.
            debug1: identity file /Users/dkirksey/.ssh/identity type -1
            debug1: identity file /Users/dkirksey/.ssh/id_rsa type -1
            debug1: identity file /Users/dkirksey/.ssh/id_dsa type -1
            debug1: Remote protocol version 2.0, remote software version OpenSSH_3.8.1p1
            debug1: match: OpenSSH_3.8.1p1 pat OpenSSH_3.*
            debug1: Enabling compatibility mode for protocol 2.0
            debug1: Local version string SSH-2.0-OpenSSH_5.1
            debug1: SSH2_MSG_KEXINIT sent
            debug1: SSH2_MSG_KEXINIT received
            debug1: kex: server->client aes128-cbc hmac-md5 none
            debug1: kex: client->server aes128-cbc hmac-md5 none
            debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
            debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
            debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
            debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
            key_read: uudecode 46:1f:c6:42:b6:b5:7a:d0:a2:88:a5:b2:52:15:a9:d5
            failed
            debug1: Host 'xx.xx.xx.xx' is known and matches the RSA host key.
            debug1: Found key in /Users/dkirksey/.ssh/known_hosts:5
            debug1: ssh_rsa_verify: signature correct
            debug1: SSH2_MSG_NEWKEYS sent
            debug1: expecting SSH2_MSG_NEWKEYS
            debug1: SSH2_MSG_NEWKEYS received
            debug1: SSH2_MSG_SERVICE_REQUEST sent
            debug1: SSH2_MSG_SERVICE_ACCEPT received

                                        ****USAGE WARNING****

            This is a private computer system. This computer system, including all
            related equipment, networks, and network devices (specifically including
            Internet access) are provided only for authorized use. This computer system
            may be monitored for all lawful purposes, including to ensure that its use
            is authorized, for management of the system, to facilitate protection against
            unauthorized access, and to verify security procedures, survivability, and
            operational security. Monitoring includes active attacks by authorized entities
            to test or verify the security of this system. During monitoring, information
            may be examined, recorded, copied and used for authorized purposes. All
            information, including personal information, placed or sent over this system
            may be monitored.

            Use of this computer system, authorized or unauthorized, constitutes consent
            to monitoring of this system. Unauthorized use may subject you to criminal
            prosecution. Evidence of unauthorized use collected during monitoring may be
            used for administrative, criminal, or other adverse action. Use of this system
            constitutes consent to monitoring for these purposes.

            debug1: Authentications that can continue: publickey,password,keyboard-interactive
            debug1: Next authentication method: publickey
            debug1: Trying private key: /Users/dkirksey/.ssh/identity
            debug1: Trying private key: /Users/dkirksey/.ssh/id_rsa
            debug1: Trying private key: /Users/dkirksey/.ssh/id_dsa
            debug1: Next authentication method: keyboard-interactive
            debug1: Authentications that can continue: publickey,password,keyboard-interactive
            debug1: Next authentication method: password
            Administrator@xx.xx.xx.xx's password:
            debug1: Authentication succeeded (password).
            debug1: Local connections to LOCALHOST:5900 forwarded to remote address 127.0.0.1:5900
            debug1: Local forwarding listening on ::1 port 5900.
            debug1: channel 0: new [port listener]
            debug1: Local forwarding listening on 127.0.0.1 port 5900.
            debug1: channel 1: new [port listener]
            debug1: channel 2: new [client-session]
            debug1: Requesting no-more-sessions@openssh.com
            debug1: Entering interactive session.
            Last login: Fri Sep  4 08:54:53 2009 from xx.xx.xx.xx
            Microsoft Windows XP [Version 5.1.2600]
            (C) Copyright 1985-2001 Microsoft Corp.

            C:\Documents and Settings\Administrator>
            debug1: Connection to port 5900 forwarding to 127.0.0.1 port 5900 requested.
            debug1: channel 3: new [direct-tcpip]

             
            • Kurt Werle
              Kurt Werle
              2009-09-04

              Hm.  Well, it sure looks like it is trying to forward.  There is just one more thing to check, and that's to see what happens with a telnet.
              Do the ssh -v
              In another terminal, do
              telnet localhost 5900
              You should get a response like
              RFB 003.889

              My guess is you won't.  It would be interesting to see what the ssh output is.

              You might also try forwarding a different port.
              -L 15900:127.0.0.1:5900

              And you're SURE that it is running on 5900 on the remote system?  Not 5901 or something else?

               
              • Ellis Cloud
                Ellis Cloud
                2009-09-04

                Telnet results:

                Trying ::1...
                Connected to localhost.
                Escape character is '^]'.
                RFB 003.008

                I did try using a different port. No joy.

                I'm sure the server's running on 5900. As I noted in the original post, this works from every location except my home.

                Make no sense to me. Thanks for the help!

                 
                • Kurt Werle
                  Kurt Werle
                  2009-09-04

                  You're getting the RFB response back when you telnet, so the wires are connected.  At this point, I have no idea.  I would try another vnc client (Finder - cmd-K vnc://127.0.0.1:15900).

                  Good luck...

                   
    • Ellis Cloud
      Ellis Cloud
      2009-09-04

      And no error message.

       
    • Ellis Cloud
      Ellis Cloud
      2009-09-04

      The debug info shows that I'm getting a good connection. I can execute commands on the remote machine.

      Telnet results:

      Trying ::1...
      Connected to localhost.
      Escape character is '^]'.
      RFB 003.008

       
    • Ellis Cloud
      Ellis Cloud
      2009-09-04

      More data:

      Chicken of the VNC does work over the tunnel from MY laptop (15" Macbook Pro 2009) from our house.

      It works on my wife's computer at every location BUT our house.

      So it's got to be something on her computer, but I'm baffled as to what.