Thursday, March 08, 2007

Streaks of thought: Streak 6

Gifted people are not just gifted, they are gifts for human society as they have highest odds in steering human civilization (evolution?). I am especially fascinated by mathematically gifted ones.

Wednesday, March 07, 2007

RDP through tunneling

Many use Remote Desktop Protocol for working remotely. This is pretty straightforward if the IP address of the remote computer is accessible on the Internet. Some times the computer is within a subnet and it can only be accessed from within the network.

Now the trick is to get into the network and then access the computer you want to. Usually there is at least one gateway computer in a network. By logging into the network using some special options you can command your target computer by commanding the gateway. Port forwarding (tunneling) is the main idea. The other requirements being that your target computer willing to take the commands (port 3389 being open) and the gateway willing to forward your commands. Any client programs capable of ssh tunneling and remote desktop connection can help you do the job. I will explain the process from client perspective because it does not matter if the target computer runs Windows or Linux.

Using Windows clients:
SSH tunneling client is putty (usually pronounced with 'u' as in umberella not as in put). Remote desktop client is Mstsc.
  • Setting up port forwarding:
    Configure your session to the gateway computer as shown in the screen shots below:

    Select "SSH" on the left panel and check the "Enable Compression" option and make sure SSH protocol version 2 is preferred.

    Select "Tunnels" under "SSH" on the left panel and in the "Add new port forward" section add a source port (it could be 1 or any port on the local computer which is not used for other purposes) and then add the destination address and port as shown. The host_address should be either the IP address or host name of the target computer you want to connect to then click "Add".

    Then login to the gateway computer using "Session" on the left panel. And once you log in just leave the session window minimized.

  • Connecting to your target computer:
    Connect to your computer using Windows standard remote desktop client by just using localhost:1 as the Computer name as shown below:

Using Linux clients:
SSH tunnenling client is "ssh". Remote desktop client is "rdesktop".
  • Setting up portforwarding:
    ssh -C -L local_port_number:host_address:3389 username@gatewaycomputer
    More options about ssh can be found using man ssh command.

  • Connecting to your target computer:
    rdesktop -f localhost:local_port_number
    More options about rdesktop can be found using man rdesktop command.

This technique was introduced to me by Thomas Stauffer, CIS systems manager at Temple University.