{"id":1184,"date":"2018-02-20T13:27:11","date_gmt":"2018-02-20T19:27:11","guid":{"rendered":"http:\/\/blog.ls-al.com\/?p=1184"},"modified":"2018-02-20T13:27:11","modified_gmt":"2018-02-20T19:27:11","slug":"vnc-over-ssh-bastion-host","status":"publish","type":"post","link":"https:\/\/blog.ls-al.com\/vnc-over-ssh-bastion-host\/","title":{"rendered":"VNC over SSH Bastion host"},"content":{"rendered":"

You may ask why and the answer is just sometimes you have to do stupid things. <\/p>\n

bastion == jump host<\/p>\n

Setup a tunnel<\/p>\n

\r\n$ ssh -f -N -p 22 -L 55901:10.35.5.6:5901 -i customer-priv-key opc@<bastion public IP>\r\n<\/pre>\n
Run vnc server<\/p>\n
\r\n$ vncserver \r\nNew 'ociserver:1 (opc)' desktop is ociserver:1\r\nStarting applications specified in \/home\/opc\/.vnc\/xstartup\r\nLog file is \/home\/opc\/.vnc\/ociserver:1.log\r\n<\/pre>\n
Note above vncserver also has a custom startup to bypass the systemwide xinit whihc was spawning gnome desktop.<\/p>\n
\r\n\r\n$ pwd\r\n\/home\/opc\/.vnc\r\n\r\n$ more xstartup \r\n#!\/bin\/sh\r\n# unset SESSION_MANAGER\r\n# unset DBUS_SESSION_BUS_ADDRESS\r\n#exec \/etc\/X11\/xinit\/xinitrc\r\n#!\/bin\/sh\r\nxrdb $HOME\/.Xresources\r\nxsetroot -solid grey\r\nxterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &\r\n<\/pre>\n
Connect<\/p>\n
\r\n$ vncviewer localhost:55901\r\nTigerVNC Viewer 64-bit v1.7.0\r\nTue Feb 20 13:14:43 2018\r\n DecodeManager: Detected 1 CPU core(s)\r\n DecodeManager: Decoding data on main thread\r\n CConn:       connected to host localhost port 55901\r\n CConnection: Server supports RFB protocol version 3.8\r\n CConnection: Using RFB protocol version 3.8\r\n CConnection: Choosing security type VeNCrypt(19)\r\n\r\nTue Feb 20 13:14:44 2018\r\n CVeNCrypt:   Choosing security type TLSVnc (258)\r\n\r\nTue Feb 20 13:14:51 2018\r\n X11PixelBuffer: Using default colormap and visual, TrueColor, depth 24.\r\n CConn:       Using pixel format depth 24 (32bpp) little-endian rgb888\r\n CConn:       Using Tight encoding\r\n CConn:       Enabling continuous updates\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
You may ask why and the answer is just sometimes you have to do stupid things. bastion == jump host<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,34],"tags":[],"class_list":["post-1184","post","type-post","status-publish","format-standard","hentry","category-ssh","category-vnc"],"_links":{"self":[{"href":"https:\/\/blog.ls-al.com\/wp-json\/wp\/v2\/posts\/1184","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ls-al.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ls-al.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ls-al.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ls-al.com\/wp-json\/wp\/v2\/comments?post=1184"}],"version-history":[{"count":0,"href":"https:\/\/blog.ls-al.com\/wp-json\/wp\/v2\/posts\/1184\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ls-al.com\/wp-json\/wp\/v2\/media?parent=1184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ls-al.com\/wp-json\/wp\/v2\/categories?post=1184"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ls-al.com\/wp-json\/wp\/v2\/tags?post=1184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}