Goto My Work PC - for FREE!!

[visualAd]

About 10 Easy(ish) Steps

If you follow these steps you'll have your secure remote desktop connection up and running in less than an hour.

1. First step is to download and install FreeSSHD on the server. Select the full installation and choose to run as a Windows service. (you can opt not to install the service, however freesshd will not start when windows starts and you must logon to the computer before running it).
   
   
2. Once installed, a new icon should appear in the task bar. Double click this to bring up the configuration screen.
   
   
3. Set the SSH port to 443. There is a good reason for this as in many shoools, colleges and companies you must connect to the Internet via a proxy server. Connecting on port 443, the standard HTTPS port, ensures that you will always be able to access the PC.
   
   
   
   
4. The next step is to create a user. Click on the users section and add a new user.
   
   
   
   I Do not recommend using Windows authentication. Creating a separate user is not only safe, it gives you more control over the server. Ensure that the user has tunneling permissions.
   
   
5. We must now enable SSH tunneling for both local (from the remote PC to the server) and remote (from the the server to the remote PC) connections.
   
   
   
   
6. The next step is to download and install VNC.
   
   On your server, you need just the VNC Viewer. On the remote PC which we will be be making the remote desktop connection to, you need both the viewer and the server (which should be installed as a Windows service).
   
   
   
   
7. After installation the server configuration screen will be displayed. VNC gives us the option of password protecting the connection, but as the password is sent unencrypted and we will only ever be connecting from the local machine, there is little point setting a password.
   
   
   
   
8. Click on the connections tab next, take note of the VNC port 5900 and tick the box which says "Only Accept Connections from the local machine". The server also provides a Java viewer which can be used in a web browser. I tend to prefer the executable client though.
   
   
   
   (you may be wondering why we only want to accept connections form the local machine. Tunnelling always forwards ports to your local machine address 127.0.0.1, if you do not tick this option, anyone from anywhere on the Internet will be able to access the server)
   
   
9. We are now ready to connect to the server remotely. But first we need the Windows SSH client Putty installed on the remote PC. I recommend you download the ZIP archive containing all the Putty tools as they include other useful utilities including an SFTP(Secure-FTP) file transfer utility.
   
   Extract the archive to a directory of your choice.
   
   
10. Open up the putty client on the remote PC. In the session screen type the IP address or host name of the PC you are connecting to, select SSH and type 443 as the port.
    
    
    
    
11. Now set up the tunnels for the SSH connection. To do this goto Connection->SSH->Tunnels. Remember I said you'd need that port number for VNC? You need two pieces of information, the port and the server your are tunneling to. In our case this is as follows:
    
    localhost:5900
    localhost:5800 (if you want to connect via the Java client in a web browser)
    
    The source port is the port that we will be making the connection to. In most cases these will be the same. However, if the server has a VNC server, you'll need to change these.
    
    
    
    Important: to make this a reverse tunnel, you must ensure that the remote radio button is selected.
    
    
12. This step is important. Many firewalls drop connections which have been inactive for a time. As you will be tunneling through from the server it is likely that the SSH connect will remain dormant for some time before a connection is made. You therefore need to configure putty to send null packets on regular basis to keep the connection open.
    
    Goto Connection and enter 20 in the seconds between keep alives textbox. (this should be more than enough)
    
    
    
    
13. At this point I recommend you save the current configuration. You can do this by going to Session, typing a name in the Saved Session box and pressing Save.
    
    
    
    
14. Now press the open button. Press OK to accept the servers public key and login using the credentials of the user you set up earlier. If all has gone well you will see a command line prompt similar to what you see on Windows.
    
    
    
    
    
15. The final step is to make the remote dekstop connection. Now that we have setup the tunnel on the remote PC, you can connect via VNC from the server to the remote PC. The connection will be secure becuase it is going through the secure shell connection which is encrypted by default.
    
    
    
    To connect to a VNC server, you need to open the VNC Viewer on the server and connect to localhost. You can also connect via a web browser, if you enabled the Java viewer, by navigating to the following address:
    
    http://localhost:5800/

That's it, you should now be able to see your desktop. No expense, secure and not too complicated.



I recommend you copy the Putty tools and the VNC Viewer to a usb disk or floppy disk. You can them use your setup anywhere you please. I have put these files into a ZIP archive, along with a batch script putty.bat (this saves and restores the putty registry settings - if you wish to save your configuration from the putty window, you'll need to open Putty using putty.bat)

If you have any comments, suggestions or questions about this tutorial, please post them here.