Mining Security tunnels to VNC

Author: assassin Microsoft Article Source: hacker line

I believe many readers like to use remote login to remotely access the server. The remote login server and client may be different, either Microsoft Terminal Service or PCAnywhere, I believe most users prefer VNC Free lunch. However, when using VNC, have you ever worried that your connection password or conversation operations have been stolen by listeners? I would like to introduce it today as a secure remote VNC access solution, hoping to help readers solve their worries.
This solution uses SSH as the secure tunnel for VNC connection. Because OpenSSH and VNC are easy to configure in Linux, This article focuses on the configuration process in Windows. Okay. Let's start exploring our tunnels.

Introduction to OpenSSH for Windows
OpenSSH is a free small OpenSSH server and client toolkit for Windows. It allows Windows to provide OpenSSH services for SSH, SCP, SFTP, and other security operations.
Its home page is http://SSHWindows.sourceforge.net/

SSH Server Installation
Download the latest SSHWindows version from the official website. Installing SSHWindows is as simple as installing other Windows software. You only need to click Next to complete the installation. There is nothing special about the installation process. Generally, you can select the default option.
If cygwin has been installed on your computer and is earlier than SSHWindows, the system will pop up asking if you want to continue the installation and click "yes" to upgrade.

SSHWindows will automatically create a public key during installation. You will see that the pop-up Windows command line is generating a key.
Note that C: Program FilesOpenSSHetcpasswd must be edited before you start the OpenSSH service. If this step is not completed, you cannot log on to the SSH server.
Click OK to complete the installation. To log on to OpenSSH, you must create an authorized account. These accounts must first exist in Windows for SSH server Import.
I will not talk about how to create a new user in Windows. If you need it, please call the Microsoft Help Center.
Start the Windows command line, enter "cmd" at "start"> "run", and press enter to switch to the bin directory under the OpenSSH installation directory, if you install OpenSSH in C: Program Files in this article, the command is as follows:
Cd "C: Program FilesOpenSSHin"
First import the local group and domain user group
Mkgroup-l> .. etcgroup (Local User Group)
Mkgroup-d>. etcgroup (domain user group)
Create a user password file. This file contains all users authorized to log on to the SSH Server. If you only want to add a single user, use the-u parameter. If you want to add all Windows users, omit this parameter. Note that some service accounts of the system will be added in this way, add the guest account and so on. Like mkgroup, the-l and-d parameters allow you to select local users or domain users. Similarly, in the bin directory, we use the newly added local user becks and domain user jinni as an example.

Mkpasswd-l-u becks> .. etcpasswd
Mkpasswd-d-u jinni> .. etcpasswd

You can open the C: Program FilesOpenSSHetcpasswd file in the WordPad to check whether the account is successfully imported.
If necessary, you can modify C: Program FilesOpenSSHetcSSHd_config to configure the SSH Server. Generally, you can configure the SSH Server according to the default system configuration. below is the author's SSHd_config
=============== File Begin Here ==========================
Port 22
# Protocol 2, 1
Protocol 2
# ListenAddress 0.0.0.0
# ListenAddress ::

# HostKey for protocol version 1
# HostKey/etc/SSH/SSH_host_key
# HostKeys for protocol version 2
# HostKey/etc/SSH/SSH_host_rsa_key
# HostKey/etc/SSH/SSH_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
# KeyRegenerationInterval 1 h
# ServerKeyBits 768

# Logging
# Obsoletes QuietMode and FascistLogging
# SyslogFacility AUTH
# LogLevel INFO

# Authentication:

# LoginGraceTime 2 m
PermitRootLogin no

# The following setting overrides permission checks on host key files
# And directories. For security reasons set this to "yes" when running
# NT/W2K, NTFS and CYGWIN = ntsec.
StrictModes yes

RSAAuthentication no
# PubkeyAuthentication yes
# AuthorizedKeysFile. SSH/authorized_keys

# For this to work you will also need host keys in/etc/SSH/SSH_known_hosts
# RhostsRSAAuthentication no
# Similar for protocol version 2
# HostbasedAuthentication no
# Change to yes if you dont trust ~ /. SSH/known_hosts
# RhostsRSAAuthentication and HostbasedAuthentication
IgnoreUserKnownHosts yes
# Dont read the users ~ /. Rhosts and ~ /. Shosts files
# IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
# PermitEmptyPasswords no

# Change to no to disable s/key passwords
# ChallengeResponseAuthentication yes

# Kerberos options
# Define custom uthentication no
# KerberosOrLocalPasswd yes
# Define osticketcleanup yes

# GSSAPI options
# GSSAPIAuthentication no
# GSSAPICleanupCreds yes

# Set this to yes to enable PAM authentication (via challenge-response)
# And session processing. Depending on your PAM configuration, this may
# Bypass the setting of PasswordAuthentication
# UsePAM yes

# AllowTcpForwarding yes
# GatewayPorts no
# X11Forwarding no
# X11DisplayOffset 10
# X11UseLocalhost yes
# PrintMotd yes
# PrintLastLog yes
# KeepAlive yes
# UseLogin no
UsePrivilegeSeparation no
# PermitUserEnvironment no
# Compression yes
# ClientAliveInterval 0
# ClientAliveCountMax 3
# UseDNS yes
# PidFile/var/run/SSHd. pid
MaxStartups 10: 30: 60

# Default banner path
Banner/etc/banner.txt

# Override default of no subsystems
Subsystem sftp/usr/sbin/sftp-server

=============== File End Here ======================
Save the configuration, Start OpenSSH on the command line, and run the Net Start openSSHd.: Net Stop openSSHd command.
You can also directly start the service in [SERVICE], enter services. msc in the running state, open the service console, find the openSSH service, and right-click the service and choose "properties" to start and stop the service.
To test whether the instance is successfully started, use telnet to test the connection to the local port 22 (the default port of the SSH service) and run the following command to test the connection.
Telnet localhost 22
If you see the following information, it indicates success: SSH-2.0-OpenSSH_3.8.1p1.

Client Connection
Now we use the SSH Client. We recommend that you use putty, a small and powerful SSH Client.
Enter the OpenSSH IP address and click open to connect. After the initial connection, a message indicating whether to accept the public key of the remote host is displayed. Click yes to continue.
Then, enter the username and password to log on. Here, you can modify the logon banner information by editing the etc/banner.txt In the OpenSSH installation directory on the server.
After successful login, we can perform remote maintenance like telnet to a remote Windows host. The biggest difference is that the communication between the server and the server is encrypted.

OK. The OpenSSH service has been set up. Now we will install VNC. Because the Vnc installation process is simple, I will not pay much attention here. It is worth noting that you need to set a password to log on to the VNC server before the installation is complete.
After the installation is complete, the system automatically runs the VNC service. After so many warm-up exercises, the next step is the most critical. I will introduce you to how to Securely connect to a remote VNC server through putty + VNCviewer.
Configure Putty, enter the IP address of the SSH Server that remotely runs the VNC service, and select SSH-tunnel from the tree menu on the left to add a new channel. Enter 5900 at source port, 127.0.0.1: 5900 at destination, and click add.

If you need frequent connections, you can save the dialog configuration. Click open to connect and enter the user name and password to log on to the SSH Server. In this case, we only need to open VNCviewer and enter 127.0.0.1 to connect. VNC requires us to enter the password and the connection password we set earlier.
OK. The remote server has a full picture. You can operate it with confidence. Now, the VNC connection you are connecting is implemented through the SSH security tunnel we have mined.

Through OpenSSH, we can also use secure Ftp and other functions. The length is limited. I will not introduce them more here. Please study them on your own.