Windows XP Remote Desktop over the internet via ssh tunnelingTweet
This was originally published to my personal blog a few years back when I had the need for some PCAnywhere type functionality but I wanted to do it for free! How to use Remote Desktop over the internet through SSH tunneling.
- Windows XP Professional
- SSH server and client (I use Cygwin with OpenSSH)
- Broadband internet connection (we're displaying an entire desktop over the internet, not just text!)
- Setup a dynamic DNS forwarding address (or use your static IP address, if you have one)
- Download and install Cygwin with the OpenSSH packages
- Setup SSH server and open port 22 on firewall.
- Make sure Remote Desktop is turned on and you can use it
- Create a reverse SSH tunnel
- Connect with Remote Desktop
- Setup a dynamic DNS forwarding address: If you want to remember your IP address in order to connect to your computer you can skip this step but as for me, I wanted a simple web-style address that I could remember that would update if my IP changed. I used dyndns.com to create a name that would be easy to remember in order to login to my SSH server. You can setup an account with them for free and it allows you to alias a dynamic IP address to a static hostname.
- Download and install Cygwin with the OpenSSH packages: Download and install Cygwin on your home computer (the computer you want to connect to.) When installing Cygwin, the default only installs minimum packages. I like to install all packages so click where it says "Default" and it will change to "Install". This way it will install ALL packages. Installing Cygwin with all packages will take a while (even WITH the broadband connection) so go find something to do for a while.
- Setup SSH server and open port 22 on firewall: After installing Cygwin, set it up with the mkpasswd and mkgrp commands (type mkpasswd -l > /etc/passwd and after it's done type mkgroup -l > /etc/group). Type ssh-host-config to setup the SSH server on the computer you want to connect to. I usually just go with the default responses. Answer yes to the key generation question and yes to install it as a service. After the ssh-host-config program finishes running, type "cygrunsrv -S sshd" to start the service. Open port 22 on your firewall and/or router. If you use a router because there is more than one computer on your home network, configure the "Port forwarding" option to open port 22 for the IP address of the computer you want to connect to. (If you don't know your IP, click on the start menu, run, and type cmd. In the command prompt that opens, type ipconfig.)
- Make sure Remote Desktop is turned on and you can use it: Make sure you have enabled Remote Desktop by right clicking on the "My Computer" icon and enabling Remote Desktop in the "Remote" tab. Click on "Select Remote Users" and make sure you have an account that is allowed to remotely connect.
- Create a reverse SSH tunnel: Assuming you've successfully setup the SSH
server you're now ready to connect! On your remote computer, (this could be
at work, school, etc.; basically, anywhere with a high speed internet connection
where you want to Remote Desktop to your home computer), open up a Cygwin prompt
and connect to your SSH server like this:
ssh -L 3390:localhost:3389 [email protected]Accept the key and enter your password to connect. If you don't have Cygwin installed, download PuTTY open it and click on Tunnels under the Connection->SSH category. From there, enter 3390 as the Source port and localhost:3389 as the Destination then click on Add. After configuring the Tunnel, click on Session and enter either the IP address of your home computer or the dynamic DNS address you setup earlier in the Host Name box and click Open. Putty will ask you for your user name and password. If everything worked correctly you should now be logged into your home computer!
- Connect with Remote Desktop: Don't close the Cygwin (or PuTTY) window or else the tunnel will collapse. Open Remote Desktop (Programs->Accessories->Communications->Remote Desktop Connection) and connect to 127.0.0.1:3390 Login to your computer!