SDB:SSH tunnels from Microsoft Windows

Jump to: navigation, search

This article is about using SSH tunnels from Microsoft® Windows®.

Required Software

  • Putty
A free Windows telnet/ssh client. The examples presented here are based on version 0.53. Putty can be downloaded from the Putty Homepage. Once downloaded, install the software with all default options.

Note: You can also use SSH from the Windows command line by installing Cygwin.

Putty General Parameters

Once installed, putty can be configured as follows:

Double Click the Putty Icon Putty icon.png

Note that the following section titles are the category selections listed in the tree on the left side of the putty configuration window.
Session Parameters 1.png

Session

  1. Enter the address of the Linux server under host name (wa.westrick.com)
  2. Click SSH
  3. Enter “Westrick & Associates” in “Saved Sessions” (Use your server name)
  4. Click “Save” button


Window Appearance.png

Window Appearance

  1. in “Window Title” enter “Westrick & Associates Tunnels”
  2. Click “Avoid ever using icon title”


SSH.png

SSH

  1. Click “Enable compression”
  2. Select “2 only”


SSH Tunnels.png

SSH Tunnels

  1. Click “Local ports accept connections from other hosts”
  2. Click “Remote ports do the same (SSH v2 only)”


Save Again.png

Session (Save Again!)

  1. Click “Save“ button to save the changes you’ve made till now!


The Example Tunnels

Here we will define the actual tunnels. To do this we'll define 2 example tunnels.

First Tunnel

The first connection will connect a (local) port on your PC with a port on the remote server. The port on the server is used to allow VNC connections to the server so this will allow you to get a login on the remote server, via an encrypted, compressed tunnel! The local port we will use is 5952, and we will connect it to the same port on the server machine. To do this we enter local port 5952. The remote value is the address of the “machine:port” to connect to the remote end of the tunnel. Note: That the address specified is used on the remote side of the tunnel, so that here 'localhost' means the server, not your machine! The address for localhost is 127.0.0.1 so the “remote” value for our first connection is 127.0.0.1:5952.

Second Tunnel

For our second example we will connect our local port 5901 to another windows machine behind the server. The machine is 192.168.154.134, and is running VNC on port 5900. Here the remote value is 192.168.154.134:5900

Summary

Description local port Remote IP remote port
Connection to VNC on server 5952 127.0.0.1 5952
Windows PC behind server 5901 192.168.154.134 5900

Configuring the tunnels

SSH Tunnels 2.png

SSH Tunnels

  1. Click "Local"

First Tunnel

  1. Enter 5952 in “Source Port”
  2. Enter 127.0.0.1:5952 in “Destination”
  3. Press “Add” Button

Second Tunnel

  1. Enter 5901 in “Source Port”
  2. Enter 192.168.154.134:5900 in “Destination”
  3. Press “Add” Button


Save Again.png
Session (Save Again!)
  1. Click “Save“ button to save the changes you’ve made till now!


Starting up the Tunnels

Here we will start the tunnels so that they can be used / tested… First the manual method...

Putty icon.png
br>

Double Click the Putty Icon


LoadSavedSettings.png

Load Saved Session

  1. Click “Westrick & Associates” in the “Saved Sessions” list
  2. Click “Load” button
  3. Click “Open” button


SignOn.png

Sign On

  1. Enter user name
  2. Enter password


You end up with a full function shell on the server. This is the “secure shell”, it also very useful, but that and the “secure copy” functions of SSH are another story (or should I say document? 8-).

Closing The Tunnels

To close the tunnels simply enter “exit” in the “PUTTY” window, or alternatively close the window!

When you type “exit” the window will remain open (after the shell closes), if a tunnel is still open. The window will remain open until all tunnels are closed. This is a very useful feature as it shows you that you forgot to properly close a connection. You can “slam” the tunnels down, by closing the window.

Creating a Desktop Shortcut

RightMouseClickPutty.png

Copy Putty Icon

  1. right click the Putty Icon
  2. select Copy


RightMouseClickDesktop.png

Paste To Desktop

  1. right click the Desktop Background
  2. Choose paste


RightMouseClickCopyOfPutty.png

Rename Copy Of Putty

  1. right click “Copy of PuTTY”
  2. choose Rename


EnterNewName.png

Enter new name

  1. Enter name of host
  2. hit Return


RightMouseClickNewIcon.png

Open properties Dialog

  1. right click Newly named Icon
  2. Select Properties Dialog


ModifyPropertiesDialog.png

Modify the Shortcut

  1. add -load “Name of Saved Session” to the end of the Target field
  2. Hit enter.



Using the Tunnels

Of course here I can only explain how to use the example tunnels we setup above. Both tunnels are for VNC connections.


Starting the Tunnels First you need to “start” the tunnels by double clicking the prepared “Westrick & Associates” icon, and then logging into the server.

The tunnels are created dynamically when a program accesses the “entrance” ports. This allows you to connect to a tunnel as many times as you want.
[[Image:{{{2}}}|200px|link=]]

The First Tunnel

UltraVncIcon.png
br>
Starting VNC

Double click the VncViewer Icon (In this case UltraVnc)


ConnectionDetails1.png
Specifying the entrance to the tunnel
  1. For server address enter the entrance to the first tunnel: 127.0.0.1::5952 (port 5952 on local machine)
  2. Press the “connect” button


[[Image:{{{2}}}|200px|link=]]

The Second Tunnel

UltraVncIcon.png
br>
Starting VNC

Double click the VncViewer Icon (In this case UltraVnc)


ConnectionDetails2.png
Specifying the entrance to the tunnel
  1. For server address enter the entrance to the first tunnel: 127.0.0.1::5901 (port 5901 on local machine)
  2. Press the “connect” button


Testing and Debugging Tunnels

Putty offers an "Event Log" which is useful in checking tunnels and/or debugging problems with tunnels. This function is accessed as follows:

RightMouseClickTitleBar.png
Get “Event Log”
  1. Right Mouse click the “PUTTY” title bar
  2. Select “Event Log”


EventLogWindow.png
“Event Log” Window
  1. Scroll down in the window to see the tunnels (highlighted in picture)


EventLogTunnelConnections.png
Log of Tunnel Connections

When a tunnel is accessed a line is added to this window like the second to last line on the right:

When a connection is closed a line like the last line is added to the event log.


Conclusion

After following this document you should be able to setup SSH tunnels from a M$ Window machine, using putty.

We've seen that before you start defining the tunnels you have to know exactly what it is you want to tunnel, and you need that address of the server running SSH with a valid account on that machine.

This is usually the more difficult part of the job, so a little documentation before starting would help. I started with something like this:

Server
wa.westrick.com
User name
secret
Password
even more secret
Description local port Remote IP remote port
Connection to VNC on server 5952 127.0.0.1 5952
Windows PC behind server 5901 192.168.154.134 5900

I hope my efforts here help someone, and that I've not been wasting my time.