Often SSH tunnels are shown from Linux to Linux but frequently, we need to create an encrypted SSH tunnel from Windows to a service on Linux using PuTTY. Using Windows 7 we will create a PuTTY SSH tunnel to our CentOS 6.5 box. Ensuring that our VNC traffic is encrypted from Windows to CentOS is secured. Ultimately giving secure access to the Servers GUI display from Windows.
VNC Service
Firstly, we already have the VNC Service set up on the host 192.168.0.60 and it is listening on display 2 or port 5902. Rather than connecting directly to the VNC service, which is unencrypted, we will use an SSH Tunnel from the Windows client. All the work you will see is from the Windows 7 client.
PuTTY Connection
Starting the Putty Client on Windows we add in the normal SSH connection details. The user and server we wish to connect to.
With this complete and BEFORE, we connect we navigate to the SSH and Tunnels configuration page. This is where we define the PuTTY SSH Tunnel. You should see something similar to the following.
Local Port
Next, we add the source port, in this case, 9090. This is the local port that we will listen to on the Windows 7 system. This can be any high number port, above 1024 that is not in use. Then we add the destination of the service that we want to connect to, in our case the VNC service on the Linux host: 192.168.0.60:5902. Using the ADD button we create the record. Now, finally, we can connect. The ssh terminal window will open and prompt for the password.; however, we also should have the tunnel in place.
Putty Event Log
Using the event logs in PuTTY we can verify that the tunnel has been created.
We are looking for the entry that says we are forwarding the local port.
We are now able to use the VNC client to connect to the localhost on port 9090 which will be forwarded via the SSH tunnel to the VNC service on the CentOS 6.5 host.