Reverse SSH from windows box to unix server to windows box possible

remote desktopsshtunnel

I'm new to understanding how to setup and use SSH tunnels… but here is what I'm trying to do and I need some help accomplishing it.

I have a computer I want to Remote Desktop into. This computer is behind a firewall I cannot control. I pay surpasshosting.com for their hosting services, and I noticed they have an SSH key section, leading me to believe I could create a tunnel between my firewalled machine and the server. From there, I would be able to connect to my server with any machine, and use that tunnel to Remote Desktop into my firewalled machine…

Theoretically that seems like it should work, but I have really no idea how to do it. I have PuTTY installed, but am not quite sure how to use it. I setup the ppk and open SSH keys on the cPanel on the server, but I cant figure out how to link my firewalled machine to the server, then how I would connect to the server with another computer…

I need some detailed instructiions, I've googled the hell out of this but the only things I can't find instructions for windows remote desktop using reverse SSH.

Best Answer

If you can ssh into the surpasshosting.com machine, then you can do it, but you need physical access to both machines to do it.

Let's call the machine you want to remote desktop into "work" and the machine you want to remote desktop from "home", and the surpasshosting.com machine "proxy".

  1. generate a key on the work computer with puttygen. push the public key to the proxy. If you have shell access, it goes into the ~/.ssh/authorized_keys file. Make sure the authorized_keys file's permissions are 700.
  2. Before you leave your 'work' computer, putty into 'proxy', and create a remote tunnel to local port 3389. You can use port 33389.
  3. When you get to the home computer, puttygen a key like you did on the work computer and push it to the proxy.
  4. now putty into the proxy from your home computer and create a local tunnel from local port 33389 into remote port 33389.
  5. Finally, from your home computer you should now be able to remote desktop into localhost:33389 and the packets should end up on work:3389.

If you have two computers at the 'work' side, you can test all this by using another computer there as the 'home' computer. Then when you have it working go to the 'home' computer.

Also, consider using the "Enable TCP keepalives" option so that the connection from 'work' to 'proxy' does not exit over time.

Related Question