Remotely ssh into a machine behind LMCE router

[purps]

(22, no?)

Thank you very much, that is very helpful indeed.

I successfully got VNC working over my internal network last night, just need to tie it all together now. Will report back with the exact steps.

Cheers,
Matt.

[WhateverFits]

Great! Glad to hear that! Yeah,  22. 23 is telnet. 

[purps]

Getting VNC to work internally is very different from getting it working remotely I've discovered. It tells me that my commands aren't utter bollocks at least, but of course it doesn't tell me if the approach is correct.

It is now working remotely after a lot of trial and error, but I am not satisfied this is the best way to do it. I do...

Code Select Expand

ssh -p 22 -L 5900:127.0.0.1:5900 <coreUser>@<externalIP>
ssh - p 22 -L 5900:127.0.0.1:5900 <desktopUser>@<internalIPofDesktop>

...and then I can do the VNC thing, which is great don't get me wrong, but....

How do I combine these two steps and ssh straight into my desktop, without having to type in the core password? If this is the best way of doing it, then fine, but how do people without a clever LMCE system do it i.e. with a normal router?

Cheers,
Matt.

EDIT: I didn't do anything to the firewall, which makes sense seeing as this is a tunnel.

[buckle]

You can forward a port (using the LMCE firefall config) to your desktop IP, which I wouldn't do.

Or, you could change your ssh tunnel to use the IP of the desktop machine, instead of the core loopback address

Code Select Expand

ssh -p 22 -L 5900:<internalIPofDesktop>:5900 <coreUser>@<externalIP>

This won't ssh straight to your desktop.  It will still ssh to the core.  But, the port forward will be to your desktop.  If you really needed to ssh to the desktop to run some commands, you could just ssh from the core to the desktop (no port forwarding req'd).