A VNC desktop may be running on a machine beyond a firewall. If you can ssh to the firewall, this script will allow you to connect to the desctop machine. Run as
tunnel_vnc gateway.machine:desktop.machine:N
tunnel_vnc desktop.machine:N
#!/bin/sh # $Id: tunnel_vnc,v 1.9 2004/01/06 13:50:45 rjc Exp $ for bin in /usr/local /home/rjc $HOME do if [ -f $bin/iibin/common.sh ] ; then . $bin/iibin/common.sh ; break ; fi done [ -n "$common_ok" ] || { echo "no common.sh"; exit 1; } description="Tunnel a vnc connection." preargs="DISPLAY=something" args="[:LOCLAN] [gateway:]host:display" contact_ssh_agent localn="" case "$1" in :*[0-9] ) localn=`expr "$1" : '^:\(.*\)$'` ; shift ;; [0-9]* ) localn=`expr "$1" : '^\(.*\)$'` ; shift ;; esac case "$1" in *:*:[0-9]* ) gateway=`expr "$1" : '\(.*\):.*:.*'` host=`expr "$1" : '.*:\(.*\):.*'` n=`expr "$1" : '.*:.*:\(.*\)'` ;; *:[0-9]* ) host=`expr "$1" : '\(.*\):.*'` n=`expr "$1" : '.*:\(.*\)'` gateway=$host host=localhost ;; * ) usage exit 1 ;; esac if [ -z "$localn" ] then localn=$n fi case "$host" in *@* ) host=`expr "$host" : '.*@\(.*\)'` ;; esac port=`expr 5900 + $n` hport=`expr 5800 + $n` localport=`expr 5900 + $localn` localhport=`expr 5800 + $localn` display=${DISPLAY} echo "gateway=$gateway host=$host remote display=unix:$n local display=$display port=$port " if $canlisten && listening $localport then echo "***$conr" Somthing is already listening on port $localport$coff exit 1 fi echo '***' Run Tunnel ssh -x -g -f -C $gateway -L $localport:$host:$port -L $localhport:$host:$hport sleep 15 echo '***' Wait if $canlisten then until listening $localport do sleep 1 done else sleep 5 fi if [ -n "$display" ] then echo '***' Running Viewer vncviewer -geometry 1100x900 -encodings tight\ copyrect\ hextile :$localn elif $canlisten then echo '***' Run vncviewer manually to `hostname`:$localn i=0 time=2 dot='.' while listening $localport do if [ $i = 20 ] then time=10 i=21 echo '' elif [ $i -gt 20 ] then : else i=`expr $i + 1` echo -n '.' fi sleep $time done echo '' echo '***' Tunnel closed else echo '***' Run vncviewer manually to `hostname`:$localn echo '***' You have about 10 seconds fi
Notes:
To use this script you must install the dxpc protocol compresion program on local and remote machines. The script exports your local display (from the $DISPLAY variable) and makes it available as display unix:N on the remote machine. Use:
tunnel_dxpc remote.machine:N
tunnel_dxpc -kill remote.machine:N
#!/bin/sh # create a dxpc tunnel. Allows clients on HOST to connect to wherever # your local $DISPLAY is pointing at. usage="Usage: DISPLAY=something tunnel_dxpc [-kill] [gateway:]host:display" ssh-add -l >/dev/null 2>&1 || [ ! -f $HOME/.ssh/agent_env_`hostname` ] || . $HOME/.ssh/agent_env_`hostname` kill=false remote='' while [ $# -gt 0 ] do case "$1" in *:*:[0-9]* ) gateway=`expr "$1" : '\(.*\):.*:.*'` host=`expr "$1" : '.*:\(.*\):.*'` n=`expr "$1" : '.*:.*:\(.*\)'` remote="$gateway:$host:$n" shift ;; *:[0-9]* ) host=`expr "$1" : '\(.*\):.*'` n=`expr "$1" : '.*:\(.*\)'` gateway=$host remote="$gateway:$host:$n" shift ;; -display ) DISPLAY="$2" shift 2 ;; -kill ) kill=true shift ;; * ) echo $usage exit 1 ;; esac done if [ -z "$DISPLAY" -o -z "$remote" ] then echo $usage exit 1 fi display=${DISPLAY:?} port=`expr 4000 + $n` if $kill then ssh -x -C -f $gateway "dxpc -p $port -k || /bin/rm /home/rjc/.dxpc.pid-halcyon-*-$port" exit 0 fi echo "gateway=$gateway host=$host remote display=unix:$n local display=$display port=$port " echo Run Remote ssh -x -f -C $gateway -L $port:$host:$port dxpc -p $port -k \;dxpc -p $port -d $n -f& echo Wait... sleep 5 echo Connect dxpc -p $port -s1 localhost echo Cleanup ssh -x -f $gateway dxpc -k -p $port wait
