Welcome!‎ > ‎Science‎ > ‎Computer‎ > ‎

Access a machine that is behind a firewall by SSH or VNC

SSH
If one wants to access a machine that is behind a firewall, one needs to use a ssh tunnel for logging in or copying files from/to that machine. 
Here is how to do that:

1. Establish a tunnel
Open a ssh tunnel from your local machine to the remote machine (REMOTE) through the 
remote login computer (LOGIN) which is different from the remote machine you want to login to. I use the port 50800. Of course you can use a different port if needed.

ssh -l USERNAME -L 50800:REMOTE:22 LOGIN

2. Access a remote machine (after establishing a tunnel)
Next one can log on to the remote machine.

ssh -p 50800 USERNAME@localhost

3. Copy (after establishing a tunnel)
To copy one or several files (SOURCE) from the remote machine to your machine (TARGET) can use:

scp -P 50800 USERNAME@localhost:SOURCE TARGET

Of course one can also copy one or several files (SOURCE) from your machine to your remote machine (TARGET):

scp -P 50800 SOURCE USERNAME@localhost:TARGET

Please note that SOURCE and TARGET need to contain the complete pathname if they do not refer to the current directory.

VNC
If one wants to access a machine via VNC that is behind a firewall, one needs to use a ssh tunnel for logging in or copying files from/to that machine. 
Here is how to do that:

1. Establish a tunnel
Open a ssh tunnel from your local machine to the remote machine (REMOTE) through the 
remote login computer (LOGIN) which is different from the remote machine you want to login to. Use the port 5900 for VNC.

ssh -l USERNAME -L 5900:REMOTE:5900 LOGIN

2. Access a remote machine with your vncviewer (after establishing a tunnel)
Next one can establish the VNC connection to the remote machine.

vncviewer localhost:0