Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Perl, SSH port forwarding, and secure VNC

by xorl (Deacon)
on Feb 21, 2005 at 20:04 UTC ( #433160=perlquestion: print w/ replies, xml ) Need Help??
xorl has asked for the wisdom of the Perl Monks concerning the following question:

Hello,

I'm trying to write a script that sets up ssh -L x:localhost:y remotehost

without me typing my password on remotehost. I know Net::SSH:Perl will let me login without me having to type my password at run time. However I don't see where I can pass more options (specifically the -L option) to ssh.

This is only one part of the script. I'm trying to automate a secure vnc connection. I'm using the info at http://www.uk.research.att.com/archive/vnc/sshvnc.html Basically once I get the SSH port forwarding done, I'm just going to do an exec("vncviewer localhost").

So maybe I should have started this post with - "Is this the best way to set this up?"

Thanks in advance.

Comment on Perl, SSH port forwarding, and secure VNC
Download Code
Re: [OT] Perl, SSH port forwarding, and secure VNC
by davis (Vicar) on Feb 21, 2005 at 20:57 UTC
    You can do it without perl. Create an ssh publickey and copy it into remotehost's ~/.ssh/authorized_keys. This avoids using any password at all (and is actually more secure in some respects). then you can do:
    ssh -L 5900:vnctarget:5900 remotehost
    and then
    vncviewer localhost
    will get you VNC access to vnctarget. Just tested it.

    davis
    It wasn't easy to juggle a pregnant wife and a troubled child, but somehow I managed to fit in eight hours of TV a day.
      Ah Cool. It does work! Thanks.
      just want to add that this also requires setting the sshd configuration to allow this, check the /etc/ssh/sshd_config, turn on: RSAAuthentication, PubkeyAuthentication
        Yes this is correct. I aparently already had that turned on for some other reason.

      Note that if you connect to localhost, VNC will assume you have a fast link and will disable all compression. That can make things very slow if the remote host is not on a LAN with the local machine, in which case you'll have to supply the appropriate -encodings to get a semblance of speed.

      Note also that with TightVNC, you can avoid the ssh -L / -encodings dance by simply saying

      vncviewer -via remotehost vnctarget
      

      Makeshifts last the longest.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://433160]
Approved by sgifford
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (6)
As of 2015-07-03 18:00 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (55 votes), past polls