Port forwarding VNC connection

One sad day our old modem failed. The phone company gave us a new DSL modem/router. I had figured out how to setup portforwarding and such on the old modem. I can’t get into the new one at all! After briefly attempting to get info out of the phone company about how to access the new modem’s admin interface to no success I gave up on all my nice old port forwards.

That’s ok in a way since I’ve this website and corresponding server away from home. Most of what I was doing could be replaced here but not the VPN connection bit I had going. That was sort of sweet having my own VPN. Well, I still haven’t figured out the VPN bit (I’m probably close but don’t care at this point) but I did figure out how to reverse port forward a VNC connection through the old topbarbee.com. That’s good enough for my purposes.

So to do that you need to:

  1. Setup reverse ssh port forwarding

I suppose there really was only one step! It seemed like more than that. Oh, it is handy to install autossh as well so that it’ll keep the reverse port forward going automatically. And you need to setup private key authentication so you don’t need to enter a password with the ssh connection.

To create the private key do this:

ssh-keygen -t dsa

Then install autossh per your OS. Once you’ve got autossh installed and the private key create a script like this bad boy (I mainly copied this from somewhere else but can explain most…):


# Always assume initial connection will be successful

# Disable echo service, relying on SSH exiting itself

#to test, use (check out man ssh for explanation of options:
#autossh -vv -i /home/billyBob/.ssh/id_dsa -o 'ControlPath none' -R 5901:localhost:5901 billyBob@topbarbee.com -N > /var/log/user_sshlog.out 2> /var/log/user_ssh_error.out &

#once proven, use (and rem out previous command):
autossh -f -i /home/billyBob/.ssh/id_dsa -o 'ControlPath none' -R 5901:localhost:5901 billyBob@topbarbee.com -N 2> /var/log/user_ssh_error.out

Then make sure to get that script to run on boot. Toss it in /etc/rc.local like so such that’ll it run at boot (before the exit 0):


That should do it. Then use your VNC client to connect to the remote server. I had to check ‘Tunnel over SSH’ in Chicken (of the VNC), you probably need to do that in other VNC clients since I believe it’s first connecting via SSH and then forwarding from there. No matter what it does, it works.

Hah – got past the modem’s silly firewalls!

Leave a Reply

Your email address will not be published. Required fields are marked *