How to VNC from an Android phone to a Linux Computer Securely with an encrypted ssh tunnel.
I know I have not posted anything in forever, but this is just so nerdy I had to post it. I got my full Ubuntu Linux desktop on my T-Mobile G1, and I did it very securely. Here is how you can do it too (provided of course you have an Android powered handset, Linux at home and a desire to show off to nerds everywhere).
To create a secure SSH tunnel to your Linux computer from an android phone;
This guide assumes a few things; that you have an ssh server and VNC server running on your home system, and that you have your home router setup to forward ssh traffic to your home computer. Every router is slightly different so I cannot write a guide for them all, but it should be quite easy to figure out with some basic Google searching. I recommend dyndns to get your routers external facing IP updated through DNS to you can connect with less of a headache when your ISP changes your IP.
1) Download ConnectBot to your phone from the android marketplace, put in your computers IP or hostname information (and password of course). You may want to test this first step to make sure you can ssh in before you set up the port forward.
2) In ConnectBot click menu key on the phone.
3) Click Port Forwards on the screen.
4) Click menu on the phone.
5) Click Add port forward on the screen.
6) Enter the following settings.
Nickname: VNC
Type: Local
Source Port: 5901
Destination: 192.168.X.X:5900 (the Xs of course representing your local IP address on your home system, not the IP address of your Internet facing router. You can find your you IP with the ifconfig command)
7) Download androidVNC to your phone from the android marketplace.
8) Open androidVNC and enter the following settings.
Nickname: (leave this field blank)
Password: (The password you set up on your remote computer for VNC, check the Keep box)
Address: 127.0.0.1
Port: 5901
9) Click connect and you should be connected!
To create a secure SSH tunnel to your Linux computer from an android phone;
This guide assumes a few things; that you have an ssh server and VNC server running on your home system, and that you have your home router setup to forward ssh traffic to your home computer. Every router is slightly different so I cannot write a guide for them all, but it should be quite easy to figure out with some basic Google searching. I recommend dyndns to get your routers external facing IP updated through DNS to you can connect with less of a headache when your ISP changes your IP.
1) Download ConnectBot to your phone from the android marketplace, put in your computers IP or hostname information (and password of course). You may want to test this first step to make sure you can ssh in before you set up the port forward.
2) In ConnectBot click menu key on the phone.
3) Click Port Forwards on the screen.
4) Click menu on the phone.
5) Click Add port forward on the screen.
6) Enter the following settings.
Nickname: VNC
Type: Local
Source Port: 5901
Destination: 192.168.X.X:5900 (the Xs of course representing your local IP address on your home system, not the IP address of your Internet facing router. You can find your you IP with the ifconfig command)
7) Download androidVNC to your phone from the android marketplace.
8) Open androidVNC and enter the following settings.
Nickname: (leave this field blank)
Password: (The password you set up on your remote computer for VNC, check the Keep box)
Address: 127.0.0.1
Port: 5901
9) Click connect and you should be connected!
posted by Shujinkou at 8:36 PM
24 Comments:
worked like a charm! thx for the recipe. Droid meet X11. X11 meet Droid.
Too bad using vim or wmii WM is tough on the droid ;(
Now how do I route *everything* through a tunnel for browsing on public access points?
You sir are a God, now I have an encrypted Ubuntu Desktop on my Android. This is promethean. Thanks so much.
Darn! I’m using an iMac and trying to connect with my rooted HTC Hero using Android-VNC and ConnectBot. I followed your excellent instructions to the letter, with one exception: for “Destination” I entered 10.0.1.144:5900 instead of 192.168.X.X:5900 (I think that’s correct, since I’m using Mac OS X). But I can’t connect!
Yo are da man, I'ev been pissing around trying to get this to work for a week now. Part I was missing was the ConnectBot port forwarding ... Cheers.
Is there any reason why the destination
has to be on the local network? Couldn't
it be any accessible ip address?
Congrats on the new member of your family, lets raise him to be just like us Linux nerds :) Thanks for the post, it was very helpful.
For the user asking why it had to be the loopback address, a quick explanation of what this is accomplishing.
First, by setting up port forwarding you are allowing your Droid to make a secure encrypted connection to the computer at home.
Then by pointing VNC to the loopback address (127.0.0.1) you are telling the VNC viewer to try to connect from the droid back to itself. ConnectBot takes that connection attempt and sends it through the encrypted connection you already made.
You can take these instructions a step further and config your computer to listen for SSH connections on port 443 in addition to the standard 22. This allows you to tunnel from behind many restricted networks (like the over-locked down one at the college campus).
This tried for me the first time but not connectbot keeps saying the host is disconnected. I'm thinking maybe I started the ssh daemon wrong on my computer this time. I'm using sudo /etc/init.d/ssh any ideas what i'm doing wrong?
Hi, thanks for this guide. However, I have a problem with connectbot.
The 'port forward' option seems to be greyed out with 'local' type. Am I missing something here?
Sorry for that. My bad. I got it working now. Thanks!
AndroidVNC doesnt seem to work when connecting to Mac OSX internal VNC server. This process does work with other VNC viewers though (tested with pocketcloud)
Thank you so very much! It worked like a charm.
AndroidVNC to Mac OSX seems to be picky about the default color setting of 64. Crank it up and it works. Personally, Mocha VNC lite works so much faster for me than Android VNC
I absolutely appreciate your way of presenting this column with a excellent suggestion.I want some more about this article. So you can add some interesting information and it will easily to reach the branding.
This comment has been removed by the author.
This comment has been removed by the author.
Rather than following the instruction:
Destination: 192.168.X.X:5900 (the Xs of course representing your local IP address on your home system, not the IP address of your Internet facing router...."
Use 127.0.0.1:5900 This is particularly useful if your ip address changes due to a DHCP login,
Thanks - very useful!
when I try to connect to home with androidVNC I get: ERROR! VNC connection failed! null
Thank you so much for taking the time and effort to share this.This was driving me nuts.
I'm on OS X 10.6.8 and this blog along with Darwinlcesurfer's comment was the final piece of the puzzle for me.
I had to use 127.0.0.1 for BOTH the AndroidVNC setup and ConnectBot's port forward.
Another tip for OS X users get Vine Server. Its a free, open source [but is now maintained by a commercial company] VNC app that allows SSH connections. AFAIK, OS X's native VNC [a.k.a Screen Sharing] doesn't allow SSH connections.
Vine Server also allows lower color depth than OS X's native VNC which only allows 24bit color.
Also, a couple of tips for configuring Vine Server:
Trying to log into my Mac, my password kept getting refused. It turned out that Shift [and Caps] wasn't working. In Vine Server go to:
Preferences/Device set the Keyboard Layout to Unicode Hex Input.
I was also getting intermittent RFB errors. So I went to
Permissions/Advanced and set RFB Protocol to 3.7 and so far I haven't had the RFV error.
Thanks again for this blog. God bless :-)
YESSSSS!
Thanks for this. However, DarwinIcesurfer's is key to making it work correctly through a NAT router.
had to type 127.0.0.1:5901 in connectbot port forward too. 192.168.*.*** wouldn't work.
thanks for the guide though
Post a Comment
<< Home