Tunnel vnc through the ssh port:
server = spectrometer machine, client = PC you want to use to display xwinnmr
On the server side start the vncserver as usual: vncserver
and this will start :1 session
On the client side use port forwarding to connect via port 22:
ssh -C server -L 59001:server:5901 -f vncviewer server:1
Now to secure the server againest 5801 and 5901 being open, and only
allow ssh connections using tcpwrappers. In /etc/hosts.allow add a
line like:
sshd: client's ip address
In /etc/hosts.deny add:
ALL: ALL
Changes to hosts.allow and hosts.deny do not require a reboot or
restarting of any services.
You can use netstat -t on the server to examine the connection
details. I believe this is a reaonable amout of security. Anyone who
sees a gaping hole in this strategy, please reply to the list. I am
far from an expert in security. Many thanks.
Norm Finlay
Brandon University
On 10/20/06, Charles F. Wandler <wandler@chem.wwu.edu> wrote:
>
> With the mention of VNC, I am wondering if anyone else's systems
> have been compromised due to the lower security of VNC?
>
> All of our instrument PCs (GC, GCMS, IR, AA, UV-Vis) were
> attacked thru the free/low security version of VNC.
>
> I have not researched other versions that are more secure.
> Any recommendations?
>
> -charlie
>
>
> At 01:40 PM 10/20/2006, Roehrl, Michael H wrote:
> >My recommendation is to use VNC Server on the host and VNC Viewer on the
> >client. Run Xwinnmr within the virtual desktop. Can also use ssh secure
> >link.
> >
> >Best regards,
> >
> >Michael Roehrl
> >Department of Pathology and Laboratory Medicine
> >Massachusetts General Hospital
>
>
> Charles F. Wandler office phone: (360) 650-2831
> WWU, MS9150, Chemistry Dept. office fax: (360) 650-2826
> 516 High Street
> Bellingham, WA 98225-9150
>
> Organic Chemistry Laboratory Coordinator
> email: wandler@chem.wwu.edu or Charles.Wandler@wwu.edu
>
>
> --
> __________________________________________________________________________
>
> To subscribe/unsubscribe: Please send a note to
>
> bruker-users-request (at) purcell(dot)cchem(dot)berkeley(dot)edu
>
> For subscriptions, please include a list of Bruker instruments you are
> using, see http://www.cchem.berkeley.edu/nmr/BUM.txt
> E-mail archives are at http://calmarc3.cchem.berkeley.edu/archives/bum.html
> __________________________________________________________________________
>
-- Norm Finlay Department of Physics and Astronomy Brandon University
This archive was generated by hypermail 2b29 : Wed Dec 27 2006 - 01:02:08 PST