I often need to remote control my Ubuntu server with a Windows client. Even if I do very simple operations via Remote Desktop, I prefer to forward my traffic through SSH Secure Shell. The steps to tunneling an insecure connection are very simple.
SERVER SIDE
Install Openssh Server and ssh. Run a terminal and type:
| stefano@SERVER:~$ sudo apt-get install ssh openssh-server |
Generate a pair of public and private keys executing the following commands:
| stefano@SERVER:~$ mkdir ~/.ssh stefano@SERVER:~$ chmod 700 ~/.ssh stefano@SERVER:~$ ssh-keygen -t rsa -b 2048 Enter passphrase (empty for no passphrase): Enter same passphrase again: stefano@SERVER:~$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys stefano@SERVER:~$ chmod 600 ~/.ssh/authorized_keys |
Edit your sshd_config:
| stefano@SERVER:~$ sudo gedit /etc/ssh/sshd_config |
Usually I use these settings:
Port 22 PermitRootLogin no RSAAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys PasswordAuthentication no AllowUsers names_of_allowed_users |
Copy ~/.ssh/id_rsa to your Windows client.
Enable Remote Desktop clicking on System --> Preferences --> Remote Desktop:
Now let's configure the router. We need to setup port forwarding on your router. To do that, your pc has to have a static IP. For example, you could use 192.168.1.2. Now redirect your browser here, choose your router, then select SSH and follow all steps. At the end you should have something like this:
WINDOWS CLIENT
Download PuTTy and PuTTYgen
PuTTYgen can import the private key generated on the server and save it in a format PuTTy-readable. Run PuTTYgen, then click Conversions --> Import Key:
Now click "Save private key"
Run PuTTy and follow next steps:
HINT: You have to enter 192.168.1.1 if you're in your home/office lan. If you wanna control a remote pc outside your lan, you have to enter an internet IP address. If your remote computer has a dynamic IP, you can evaluate the possibility to create a hostname that points to your IP address.
Now go back to "Session" and save this setup, then click "Open". Log in with your username and enter the password you have chosen for your private key.
Last thing to do: you need to download a VNC viewer to controll your remote desktop. I really like TightVNC. Download Viewer executable only and run it:
Insert 127.0.0.1 as VNC Server and click "Connect"
Enter the password you have choosen for your Remote Desktop
Voilà! You can control your remote computer. You can save the connection info not to repeat the last steps.
Click Yes, choose a path to store the informations and create a link on your desktop.
That's all!
