Tunneling VNC for guacamole
Clash Royale CLAN TAG#URR8PPP
I want to set up multiple Raspberry Pis to be accessible via VNC. For this I think guacamole is a good option as it doesn't require to install a client which is really what I want.
The thing is that the pis are behind regular private routers without the possibility to forward ports.
There's a regular server that's freely reachable from the internet that I could use to tunnel the traffic of the pis. But because of the applications running on the pis it's important that they keep their own IP-adresses and so I can't use VPN to the remote server.
My current idea is to do a reverse SSH-tunnel from the pi to the server and then configure guacamole on the server as if the vnc-port was on the server itself. This is described here.
The question I have now is:
Will this idea work for my explained plan? If yes: is there any possibility of only one port or something?
I'd like students to just change credentials on the raspberry, plug it in and use it out-of-the-box. But if I do this reverse tunneling stuff I have no idea how to configure the port the pi should use for the reverse tunneling.
Edit:
Here's a quote from the linked page:
workpc -- linuxhost || ooooooooo || pi -- homepc
the reverse SSH originates on linuxhost over Internet to the Pi:
linuxhost$ ssh -fN -R 7000:localhost:22 piuser@homeip
Then from my homepc, open a SSH connection to the Pi forwarding a VNC port:
homepc$ ssh -L 5901:localhost:5901 piuser@piip
Finally, the Pi opens a SSH connection to the Linux host, forwarding the VNC >port to my workpc, all through the reverse SSH tunnel:
pi$ ssh -L 5901:workpc:5900 workuser@localhost -p 7000
Then from the homepc, simply opening a VNC viewer gets the work desktop:
homepc$ vncviewer localhost:1
I'd skip the homepc connection and replace it by the guacamole-pc. Rest would be pretty similar, but that linuxhost and raspberry pi should be switched, right?
ssh raspberry-pi vnc
asked Jan 15 at 21:16
peter9191peter9191
11
add a comment |
I want to set up multiple Raspberry Pis to be accessible via VNC. For this I think guacamole is a good option as it doesn't require to install a client which is really what I want.
The thing is that the pis are behind regular private routers without the possibility to forward ports.
There's a regular server that's freely reachable from the internet that I could use to tunnel the traffic of the pis. But because of the applications running on the pis it's important that they keep their own IP-adresses and so I can't use VPN to the remote server.
My current idea is to do a reverse SSH-tunnel from the pi to the server and then configure guacamole on the server as if the vnc-port was on the server itself. This is described here.
The question I have now is:
Will this idea work for my explained plan? If yes: is there any possibility of only one port or something?
I'd like students to just change credentials on the raspberry, plug it in and use it out-of-the-box. But if I do this reverse tunneling stuff I have no idea how to configure the port the pi should use for the reverse tunneling.
Edit:
Here's a quote from the linked page:
workpc -- linuxhost || ooooooooo || pi -- homepc
the reverse SSH originates on linuxhost over Internet to the Pi:
linuxhost$ ssh -fN -R 7000:localhost:22 piuser@homeip
Then from my homepc, open a SSH connection to the Pi forwarding a VNC port:
homepc$ ssh -L 5901:localhost:5901 piuser@piip
Finally, the Pi opens a SSH connection to the Linux host, forwarding the VNC >port to my workpc, all through the reverse SSH tunnel:
pi$ ssh -L 5901:workpc:5900 workuser@localhost -p 7000
Then from the homepc, simply opening a VNC viewer gets the work desktop:
homepc$ vncviewer localhost:1
I'd skip the homepc connection and replace it by the guacamole-pc. Rest would be pretty similar, but that linuxhost and raspberry pi should be switched, right?
ssh raspberry-pi vnc
asked Jan 15 at 21:16
peter9191peter9191
11
Yes this will work. Though it's not clear to me what your end goal is. You have a pi that is NAT'd and you want to be able to connect to it on a specific port. You should tunnel out using-Rand then point VNC at the public machine. If you have VNC running on the public machine you could change the remote port to forward.
– user1794469
Jan 18 at 14:09
add a comment |
I want to set up multiple Raspberry Pis to be accessible via VNC. For this I think guacamole is a good option as it doesn't require to install a client which is really what I want.
The thing is that the pis are behind regular private routers without the possibility to forward ports.
There's a regular server that's freely reachable from the internet that I could use to tunnel the traffic of the pis. But because of the applications running on the pis it's important that they keep their own IP-adresses and so I can't use VPN to the remote server.
My current idea is to do a reverse SSH-tunnel from the pi to the server and then configure guacamole on the server as if the vnc-port was on the server itself. This is described here.
The question I have now is:
Will this idea work for my explained plan? If yes: is there any possibility of only one port or something?
I'd like students to just change credentials on the raspberry, plug it in and use it out-of-the-box. But if I do this reverse tunneling stuff I have no idea how to configure the port the pi should use for the reverse tunneling.
Edit:
Here's a quote from the linked page:
workpc -- linuxhost || ooooooooo || pi -- homepc
the reverse SSH originates on linuxhost over Internet to the Pi:
linuxhost$ ssh -fN -R 7000:localhost:22 piuser@homeip
Then from my homepc, open a SSH connection to the Pi forwarding a VNC port:
homepc$ ssh -L 5901:localhost:5901 piuser@piip
Finally, the Pi opens a SSH connection to the Linux host, forwarding the VNC >port to my workpc, all through the reverse SSH tunnel:
pi$ ssh -L 5901:workpc:5900 workuser@localhost -p 7000
Then from the homepc, simply opening a VNC viewer gets the work desktop:
homepc$ vncviewer localhost:1
I'd skip the homepc connection and replace it by the guacamole-pc. Rest would be pretty similar, but that linuxhost and raspberry pi should be switched, right?
ssh raspberry-pi vnc
asked Jan 15 at 21:16
peter9191peter9191
11
I want to set up multiple Raspberry Pis to be accessible via VNC. For this I think guacamole is a good option as it doesn't require to install a client which is really what I want.
The thing is that the pis are behind regular private routers without the possibility to forward ports.
There's a regular server that's freely reachable from the internet that I could use to tunnel the traffic of the pis. But because of the applications running on the pis it's important that they keep their own IP-adresses and so I can't use VPN to the remote server.
My current idea is to do a reverse SSH-tunnel from the pi to the server and then configure guacamole on the server as if the vnc-port was on the server itself. This is described here.
The question I have now is:
Will this idea work for my explained plan? If yes: is there any possibility of only one port or something?
I'd like students to just change credentials on the raspberry, plug it in and use it out-of-the-box. But if I do this reverse tunneling stuff I have no idea how to configure the port the pi should use for the reverse tunneling.
Edit:
Here's a quote from the linked page:
workpc -- linuxhost || ooooooooo || pi -- homepc
the reverse SSH originates on linuxhost over Internet to the Pi:
linuxhost$ ssh -fN -R 7000:localhost:22 piuser@homeip
Then from my homepc, open a SSH connection to the Pi forwarding a VNC port:
homepc$ ssh -L 5901:localhost:5901 piuser@piip
Finally, the Pi opens a SSH connection to the Linux host, forwarding the VNC >port to my workpc, all through the reverse SSH tunnel:
pi$ ssh -L 5901:workpc:5900 workuser@localhost -p 7000
Then from the homepc, simply opening a VNC viewer gets the work desktop:
homepc$ vncviewer localhost:1
I'd skip the homepc connection and replace it by the guacamole-pc. Rest would be pretty similar, but that linuxhost and raspberry pi should be switched, right?
ssh raspberry-pi vnc
ssh raspberry-pi vnc
asked Jan 15 at 21:16
peter9191peter9191
11
asked Jan 15 at 21:16
peter9191peter9191
11
edited Jan 15 at 22:09
peter9191
asked Jan 15 at 21:16
peter9191peter9191
11
asked Jan 15 at 21:16
peter9191peter9191
11
asked Jan 15 at 21:16
peter9191peter9191
11
11
Yes this will work. Though it's not clear to me what your end goal is. You have a pi that is NAT'd and you want to be able to connect to it on a specific port. You should tunnel out using-Rand then point VNC at the public machine. If you have VNC running on the public machine you could change the remote port to forward.
– user1794469
Jan 18 at 14:09
add a comment |
Yes this will work. Though it's not clear to me what your end goal is. You have a pi that is NAT'd and you want to be able to connect to it on a specific port. You should tunnel out using-Rand then point VNC at the public machine. If you have VNC running on the public machine you could change the remote port to forward.
– user1794469
Jan 18 at 14:09
Yes this will work. Though it's not clear to me what your end goal is. You have a pi that is NAT'd and you want to be able to connect to it on a specific port. You should tunnel out using
-R and then point VNC at the public machine. If you have VNC running on the public machine you could change the remote port to forward.– user1794469
Jan 18 at 14:09
Yes this will work. Though it's not clear to me what your end goal is. You have a pi that is NAT'd and you want to be able to connect to it on a specific port. You should tunnel out using
-R and then point VNC at the public machine. If you have VNC running on the public machine you could change the remote port to forward.– user1794469
Jan 18 at 14:09
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f494684%2ftunneling-vnc-for-guacamole%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f494684%2ftunneling-vnc-for-guacamole%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Yes this will work. Though it's not clear to me what your end goal is. You have a pi that is NAT'd and you want to be able to connect to it on a specific port. You should tunnel out using
-Rand then point VNC at the public machine. If you have VNC running on the public machine you could change the remote port to forward.– user1794469
Jan 18 at 14:09