Extra Secure Remote Desktop
I have been using Microsoft's Remote Desktop for a few years now (pretty much since I switched to XP). It's decent, and I like that it retains sessions unlike TightVNC, which is what I had used before. By using a SSH tunnel, I feel confident that my connection is secure and I am willing to visit my banks, etc. using my desktop machine via my laptop on a wireless network. Here's what I did:
On the server (in this case my desktop):
- Installed the Cygwin build of SSHD as a service
- Many guides are available, just search with Google above keywords like "cygwin sshd". But in a nutshell:
- Install cygwin (duh) - include
openssh
(under Net) andcygrunsrv
(under Admin) - Set up
sshd
: "ssh-host-config -y
" - Start it as a service: "
cygrunsrv -S sshd
"
- Install cygwin (duh) - include
- Many guides are available, just search with Google above keywords like "cygwin sshd". But in a nutshell:
- Allow Remote Desktop usage:
- Right click on "My Computer" and choose "Properties"
- Go to the "Remote" tab
- Make sure that "Allow users to connect remotely to this computer." is checked
On the client (in this case my laptop):
- You need a way to setup an ssh tunnel. You can use Cygwin's
ssh
,PuTTY
, or my favorite MyEnTunnel. I previously selected MyEnTunnel for some work-related stuff, so I was able to simply add a "Profile". - The key is that you want a tunnel from your machine's 3390 to the remote (server) machine's port 3389 (or any other port on your local machine of your choosing). With MyEnTunnel, it is this simple:
- Once MyEnTunnel has established a connection (a green padlock), you can connect.
- Start → Run → "mstsc"
- As you can see,
mstsc
has no idea what machine you are connecting to. As far as it knows, you connect tolocalhost
which is your machine, which MyEnTunnel then encrypts (usingPuTTY
'splink
) and sends to the remote machine'ssshd
daemon which forwards it to Windows XP listening for the Remote Desktop connection.(Client:Outgoing port) -> (Client:3390) -> (Client:22) -> [encrypted link] -> (Server:22) -> (Server:3389)
Attachments (3)
-
MyEnTunnel_Profile.png (12.6 KB) - added by 16 years ago.
Profile Page 1
-
MyEnTunnel_Profile2.png (10.8 KB) - added by 16 years ago.
Profile Page 2
-
mstsc.png (24.7 KB) - added by 16 years ago.
MSTSC setup
Download all attachments as: .zip
Comments
No comments.