Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Perl, SSH port forwarding, and secure VNC

by xorl (Deacon)
on Feb 21, 2005 at 20:04 UTC ( #433160=perlquestion: print w/ replies, xml ) Need Help??
xorl has asked for the wisdom of the Perl Monks concerning the following question:

Hello,

I'm trying to write a script that sets up ssh -L x:localhost:y remotehost

without me typing my password on remotehost. I know Net::SSH:Perl will let me login without me having to type my password at run time. However I don't see where I can pass more options (specifically the -L option) to ssh.

This is only one part of the script. I'm trying to automate a secure vnc connection. I'm using the info at http://www.uk.research.att.com/archive/vnc/sshvnc.html Basically once I get the SSH port forwarding done, I'm just going to do an exec("vncviewer localhost").

So maybe I should have started this post with - "Is this the best way to set this up?"

Thanks in advance.

Comment on Perl, SSH port forwarding, and secure VNC
Download Code
Re: [OT] Perl, SSH port forwarding, and secure VNC
by davis (Vicar) on Feb 21, 2005 at 20:57 UTC
    You can do it without perl. Create an ssh publickey and copy it into remotehost's ~/.ssh/authorized_keys. This avoids using any password at all (and is actually more secure in some respects). then you can do:
    ssh -L 5900:vnctarget:5900 remotehost
    and then
    vncviewer localhost
    will get you VNC access to vnctarget. Just tested it.

    davis
    It wasn't easy to juggle a pregnant wife and a troubled child, but somehow I managed to fit in eight hours of TV a day.
      Ah Cool. It does work! Thanks.
      just want to add that this also requires setting the sshd configuration to allow this, check the /etc/ssh/sshd_config, turn on: RSAAuthentication, PubkeyAuthentication
        Yes this is correct. I aparently already had that turned on for some other reason.

      Note that if you connect to localhost, VNC will assume you have a fast link and will disable all compression. That can make things very slow if the remote host is not on a LAN with the local machine, in which case you'll have to supply the appropriate -encodings to get a semblance of speed.

      Note also that with TightVNC, you can avoid the ssh -L / -encodings dance by simply saying

      vncviewer -via remotehost vnctarget
      

      Makeshifts last the longest.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://433160]
Approved by sgifford
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (7)
As of 2014-12-20 22:33 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (99 votes), past polls