_____________________________________________________________________
724-746-5500 | blackbox.com
Page 136
If you are connecting as an
Administrator
(in the “admin” group), then you can connect to
any configured Host or Serial Ports (that has SDT enabled).
To set up the secure SSH tunnel for a HTTP browser connection to the Managed Device, specify port 80
(instead of port 3389 that was used for RDP) in the Destination IP address.
To set up the secure SSH tunnel from the Client (Viewer) PC to the
console server
for VNC, follow the
steps above, but when you configure the VNC port redirection, specify port 5900 in the Destination IP
address.
Note
How secure is VNC? VNC access generally allows access to your whole computer, so security is
very important. VNC uses a random challenge-response system to provide the basic
authentication that allows you to connect to a VNC server. This is reasonably secure and the
password is not sent over the network.
Once connected, all subsequent VNC traffic is unencrypted. A malicious user could snoop your
VNC session. There are also VNC scanning programs available, which will scan a subnet looking
for PCs that are listening on one of the ports that VNC uses.
Tunneling VNC over a SSH connection ensures all traffic is strongly encrypted. No VNC port is
ever open to the internet, so anyone scanning for open VNC ports will not be able to find your
computers. When tunneling VNC over a SSH connection, the only port that you’re opening on
your
console server
is the SDT port 22.
Sometimes it may be prudent to tunnel VNC through SSH even when the Viewer PC and the
console server
are both on the same local network.
