Re: The most secure way to use Windows Remote Desk

Author	All Replies
SoonerAl Old Enough To Know Better Premium,MVM join:2002-07-23 Norman, OK 1 edit	reply to Flaubert Re: The most secure way to use Windows Remote Desk said by Flaubert : So you're saying: a- Install CopSsh on the server. b-Install Tunnelier on the client. c -Forward only port 22 to my private IP ?? Sorry if I seem a little slow but there are a couple of things I need explained: The parameters you've entered in Tunnelier under "Host" and "Port" On the "Login" tab: I am not on a Domain, so should I just enter my Wan ip on there if I connect from outside my Llan? On the Options tab: Do I have to enter the same parameters as yours? And also, could you be a little more specific on how to create those 2048 bit public/private keys? I tried reading your openbsd link but I didn't understand it. Thanks anyway for your help so far. I know a lot more than when I started this thread.... This page has general help with ssh-keygen. Look at the page up to the part about changing permissions. The rest does NOT pertain to CopSSH/Tunnelier. »theillustratednetwork.mvps.org/R···Key.html The page was created for OpenSSH for Windows and PuTTY, so the rest really does not pertain to CopSSH and Tunnelier. If you do use PuTTY, which is a very good option IMHO, as seezar did, then most still pertains, ie. the part about converting the key file to a format PuTTY understands. Note the file paths are different than shown for CopSSH as are the location of the key files. Also note the default key generated by ssh-keygen is now a 2048-bit RSA key. If you do use CopSSH also note that the change I made in the sshd_config file for use with OpenSSH for Windows, ie. the StrictModes option, should be left as the default value yes. I suggest you get the SSH link up using a password first. Once you have the basic tunnel setup and RDP working through the tunnel you can look at configuring and using a private/public key pair. Use a strong password. As far as server host addressing is concerned, I use a free service from No-IP.com (»www.no-ip.com) to map a fully qualified domain name to my ISP DHCP assigned IP address. That works very well for me. Note the default initial authentication method is for a password versus the key as I have mine configured for. The options page is the default except for the fact that I point to a customized .RDP file for the initial Remote Desktop connection to my PC Ashtabula, ie. the entry in the Parameters window. I can't speak to how to configure NIS 2006 other than to say it must pass TCP Port 22 (or whatever port you have CopSSH listening on). -- "When all else fails, read the instructions..."
	to forum · permalink · · 2005-10-30 06:07:53 ·
seezar Premium join:2001-07-01 Rochester, NY ·ViaTalk	This thread has been a tremendous help, thank you SoonerAl for your contribution. The FAQ on this site talks about remote desktop, »Windows Based Remote Connections but is a bit lacking in some of the specifics. Flaubert, I'd do as SonnerAl suggested and just get it setup with password authentication first. Once you grasp that you can then try setting it up with a public key. That is my next step.
seezar Premium join:2001-07-01 Rochester, NY ·ViaTalk	to forum · permalink · · 2005-10-30 09:42:38 ·
Flaubert join:2004-12-06 Los Angeles, CA	I think I'm all set I'll try all this this sunday and keep you posted. I'm still a little bit worried about those private keys, it doesn't look too simple. thanks anyway for all this help .....
Flaubert join:2004-12-06 Los Angeles, CA	to forum · permalink · · 2005-10-30 11:58:47 ·
Flaubert join:2004-12-06 Los Angeles, CA	I was just looking at the link posted above about Windows remote connections and it looks like there's a way of encrypting the traffic between the client. What gives?
Flaubert join:2004-12-06 Los Angeles, CA	to forum · permalink · · 2005-10-30 13:04:11 ·
seezar Premium join:2001-07-01 Rochester, NY ·ViaTalk	said by Flaubert : I was just looking at the link posted above about Windows remote connections and it looks like there's a way of encrypting the traffic between the client. What gives? Windows remote desktop in itself does encrypt the traffic on its own. SSH just provides an additional layer of security.
seezar Premium join:2001-07-01 Rochester, NY ·ViaTalk	to forum · permalink · · 2005-10-30 15:42:26 ·


Saturday, 04-Jul 07:26:31	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9.5 years online! © 1999-2009 dslreports.com. page compression OFF