Secure Remote Access with Ubuntu

I needed to set up some remote access today, and although it was straightforward, it was difficult finding the information I needed.

Set up the server (that’s your computer)

  1. Click System > Preferences > Remote Desktop
  2. Tick the boxes as shown, and set up a password. If you don’t want to force a popup window when a connection is made, don’t tick the Ask for your confirmation box
    Remote Desktop Preferences
  3. Click close
  4. Install the ssh server:
    <code>sudo apt-get install ssh</code>

    This will allow access to your computer to be encrypted and secure (vnc is relatively insecure otherwise)

If you’re going to connect over the internet, you need to set up port 22 to forward to your computer. It’s a little convoluted, so I wont go into that here. If you’re just doing it on a home network, then it is not a problem.

Right, now you’re ready to connect. On another Linux PC (guest):

  1. In the terminal, run
    <code>ssh -L 5900:localhost:5900 user@yourpc</code>
  2. Now run (not in the terminal)
    <code>vncviewer localhost:0</code>

user@youpc is a valid computer user and hostname or IP address (ie. john@homepc.com).

What this does is create an ssh tunnel from one computer to another, and tells the guest computer to use this connection when using VNC (which is why we use localhost, rather than the computer’s IP address or name).

It works a charm, and is much more secure than opening the ports to the outside world.