I often need to remote control my Ubuntu server with a Windows client. Even if I do very simple operations via Remote Desktop, I prefer to forward my traffic through SSH Secure Shell. The steps to tunneling an insecure connection are very simple.
Install Openssh Server and ssh. Run a terminal and type:
|stefano@SERVER:~$ sudo apt-get install ssh openssh-server|
Generate a pair of public and private keys executing the following commands:
| stefano@SERVER:~$ mkdir ~/.ssh |
stefano@SERVER:~$ chmod 700 ~/.ssh
stefano@SERVER:~$ ssh-keygen -t rsa -b 2048
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
stefano@SERVER:~$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
stefano@SERVER:~$ chmod 600 ~/.ssh/authorized_keys
Edit your sshd_config:
|stefano@SERVER:~$ sudo gedit /etc/ssh/sshd_config|
Usually I use these settings:
Copy ~/.ssh/id_rsa to your Windows client.
Enable Remote Desktop clicking on System --> Preferences --> Remote Desktop:
Now let's configure the router. We need to setup port forwarding on your router. To do that, your pc has to have a static IP. For example, you could use 192.168.1.2. Now redirect your browser here, choose your router, then select SSH and follow all steps. At the end you should have something like this:
Download PuTTy and PuTTYgen
PuTTYgen can import the private key generated on the server and save it in a format PuTTy-readable. Run PuTTYgen, then click Conversions --> Import Key:
Now click "Save private key"
Run PuTTy and follow next steps:
HINT: You have to enter 192.168.1.1 if you're in your home/office lan. If you wanna control a remote pc outside your lan, you have to enter an internet IP address. If your remote computer has a dynamic IP, you can evaluate the possibility to create a hostname that points to your IP address.
Now go back to "Session" and save this setup, then click "Open". Log in with your username and enter the password you have chosen for your private key.
Last thing to do: you need to download a VNC viewer to controll your remote desktop. I really like TightVNC. Download Viewer executable only and run it:
Insert 127.0.0.1 as VNC Server and click "Connect"
Enter the password you have choosen for your Remote Desktop
Voilà! You can control your remote computer. You can save the connection info not to repeat the last steps.
Click Yes, choose a path to store the informations and create a link on your desktop.