INTRODUCTION

This discussion is a continuation from here: superuser.com/questions/610383/remote-access-without-teamviewer-or-hamachi/610396?noredirect=1#comment755389_610396

I want to remotely and securely access my Raspberry Pi with SSH and VNC. Here's what I'm using:

• Router: Westell A90-750022-07
  (portforward.com/english/routers/port_forwarding/Westell/A90-750022-07/Minecraft_Server.htm)
• Client: HP DV9000, Windows, Putty (for CLI), tigerVNC-viewer (for GUI)
• Server: Raspberry Pi, Arch Linux, tigerVNC-server, openSSH

Basically what I found out from the previous discussion (see the first link above) was that I don't need to use VPN software, like openVPN. They said I just need to forward ports.

MAIN PROBLEM

• I can setup port forwarding and verify with this: www.yougetsignal.com/tools/open-ports

BUT

• I can't remotely SSH to my server with putty
• I don't know how to securely connect using VNC and SSH together

========================================================================

MORE INFO – Router Settings

Here's my current setup (screenshots 6 & 7 from the second link above):

• Protocol: both
• Start Point: 65432
• End Port: 65432
• LAN Port: 22
• Direction: in
• Port Direction: dst

Last screenshot from the second link above:

• Inbound Only Selected
• Raspberry Pi selected as LAN device with its private IP

MORE INFO – Putty Settings

Note: If your client is an iPhone, you can use vSSH Lite instead of Putty.

• Destination: Public IP Address
• Port: 65432
• Protocol: SSH

See Update 1: I was getting errors here before because I was trying to remotely connect while being on the local network. That's why there's a bunch of comments about SSH and putty below.

MORE INFO – tigerVNC-viewer Settings

Note: If your client is an iPhone, you can use PocketCloud instead of tigerVNC-viewer.

• Not quite sure where to start on this. I'll be doing research on it though…

See Update 2

Update 1

I made a big mistake with putty: Apparently you can't SSH from a client on your home network to its public address. Thanks everybody for your feedback. I really appreciate the time you all put into helping me out. Sorry I made such a goofy mistake!

Edit: According to TheReddog's comment below, this might actually be possible with something called "IP Passthrough" but since I was able to successfully connect with putty, I didn't really look into it.

Now I just need to figure out how to do the same exact thing with a securely connected VNC client…

Update 2

I think I got tigerVNC-client to work securely. I followed these two guides:

1. Use the vncserver in linux to start localhost only VNC session – https://wiki.archlinux.org/index.php/Vncserver#Securing_VNC_Server_by_SSH_Tunnels)
2. Make a tunneled putty client connection. Then start a "local" VNC client session – http://www.maths.utas.edu.au/People/Hill/vncvnc-html

To summarize the findings in these two links: Basically the first link explains everything. According to the information under the heading "On the Server", do this:

• vncserver -geometry 1440x900 -alwaysshared -dpi 96 -localhost :1.

Then, under the heading "On the Client", the instructions explain how to connect VNC tunneled through SSH in linux.

• SSH command: ssh IP_OF_TARGET_MACHINE -L 8900/localhost/5901
• VNC command: vncviewer localhost:8900

The second link basically shows you how to do the client SSH command with putty and the client VNC command with a VNC viewer in Windows instead.

Can I get confirmation that this is secure?