(Category) (Category) VNC FAQ-o-Matic : (Category) SSH and Other Step-by-Step How-To's :
How to setup an encrypted tunnel (eg, SSH) for my VNC connection
On its own, the data exchange between a VNC Viewer and a VNC Server is in
"plaintext", so that anyone who can monitor (aka, "sniff") your network traffic
can see what you're seeing.

Fortunately, there are several standalone utilities which can be used to setup
encrypted tunnels between the VNC Viewer and Server. By telling VNC to use these
tunnels, instead of using a direct connection, your VNC data is now as secure as
any other data in the tunnel.
FAQ's, Answers, and How-To's in this category:

(Answer) Using SSH or OpenSSH
(Answer) Using PuTTY's SSH on Windows
(Answer) Using Zebedee
(Answer) Using Stunnel
(Answer) Using Kaboodle
(Answer) Using EchoVNC 

Thanks to Barry Zubel, barry@zubel.co.uk, for this great answer to "what's all
this about sniffing, anyhow?".

------------------------------------------------------------------------------

For those of you interested in this 'ip sniffing, tunnelling and SSH'
stuff, here is a brief description. I'll try to give analogies
as-and-where I can.

For the normal, insecure, end-user (of which most of us in reality are),
the chances that your VNC connection will be 'sniffed' is pretty small.
Sniffing is basically a fond term given to the inspection of TCP-IP
packets as they cross over the internet.

We all know that the Internet is an interconnected network of networks.
Imagine, if you will, that it is actually the same as a country-wide
postal service.  Each TCP-IP packet is routed to-and-from the
destination by passing through various routers/networks.  Liken this to
your 'postcard' (TCP-IP Packet) being sent to a far destination has to
pass through your local mailbox (router), then the sorting office
(another router), then across the country by some means (another
router), and then through a remote sorting office (you should be
starting to get the idea), and then to the destination.

'Sniffing' your packet is the same as the postie at the other end
reading the back of your postcard before he delivers it. (In actual
fact, it could be a postal worker in ANY part of the chain).

To get around this problem, some geeky people (geeky being used fondly -
I regard myself as a geek!) out there developed something called SSH.
SSH is a method of 'end-to-end' encryption, which still passes over the
internet, but the information is scrambled so that it is illegible to
all but you and the destination. This would be the same as writing the
postcard in some secret code that only you or the destination
understand.

Now to the 'tunnel' part.  Once you have initiated an 'SSH connection',
it can be used to 'tunnel' lots of different types of information to the
host, in a secure way.  There are lots of different ways to achieve this
which I will not go into here, suffice to say that once this 'tunnel' is
operative, you can send any sort of data up-and-down it.

This is a difficult thing to think of an analogy for. Just believe me
that this 'tunnel' is pretty secure, and is not susceptible to 'sniffing'.
[New Answer in "How to setup an encrypted tunnel (eg, SSH) for my VNC connection"]
Next: (Answer) How to install VNC on Win2K
This document is: http://faq.gotomyvnc.com/cgi-bin/fom?file=28
[Search] [Appearance] [Show This Entire Category]
This is a Faq-O-Matic 2.721.
This FAQ administered by sbest@best.com