Friday, April 12, 2002
Blocking ads the simple way
Wednesday, April 3, 2002
Using ssh and VNC for customer demos
First connect to the demo system and start a vncserver running
there. If you are already logged in, simply vncserver. Or be
fancy and do this from your desktop: ssh your@demo.labsystem.net
vncserver
Now setup an encrypted port redirection using ssh from my desktop to
the demo system. VNC uses port 5901 for desktop :1, port 5902 for
desktop :2, etc.
$ ssh -f -C
-L 5901:127.0.0.1:5901 \
-l marc demo.labsystem.net sleep 7200
Now run a vncviewer on the local machine. Be sure to use the command
switches below which give better performance.
$ vncviewer -compresslevel 9 -encodings "tight copyrect" localhost:1
Now have your field person also create a ssh port tunnel (of course
they need an account on the demo system as well) and also run
vncviewer. Now both of you can control the keyboard and mouse for the
system. The performance can be surprisingly good if you have a least
T1 speeds. Across a slower DSL, it is usable, but you feel the delay.
Using ssh to pierce corporate firewalls
I work for a company that has firewall that only allow out http, https and most importantly, ssh. While at my desk I want to check mail home IMAP4 mail, VNC to our lab systems on an external network, check in on an IRC chat room or even surf to some sites that I don't want corporate IM to know about. (I'm not talking porn, but the nanny software frequently blocks sites as 'hacker sites' like the nmap site which I do have a business reason to be viewing. Ugh.)
So I use ssh's port redirection to do all this.
ssh -f -C \
-L 1234:mail.myisp.com:143 \
-L 6667:irc.openprojects.net:6667 \
-L 8080:127.0.0.1:3128 \
-l marc homemachine.dslprovider.com sleep 7200
Then I configure my mail client to connect to localhost:1234 for IMAP, chat client to use localhost:6667 and web browsers to use localhost:8080 for proxy. Just so I don't have to go reconfigure all the apps that need to use a proxy (mozilla, netscape, galeon, konqueror, Ximian's red-carpet, Red Hat's up2date, nautilus and various command line apps that use http_proxy like debian's apt-get, etc) they always use 'localhost:8080' for the web proxy. When I want to switch back to using the corporate firewall, I run this instead:
ssh -f -C
-L 1234:mail.myisp.com:143
-L 6667:irc.openprojects.net:6667
-L 8080:proxy.whereIwork.com:8080
-l marc homemachine.dslprovider.com sleep 7200
Tuesday, April 2, 2002
Using ssh and VNC for customer demos
First connect to the demo system and start a href="http://www.uk.research.att.com/vnc/">vncserver running
there. If you are already logged in, simply vncserver. Or be
fancy and do this from your desktop: ssh your@demo.labsystem.net
vncserver
Now setup an encrypted port redirection using ssh from my desktop to
the demo system. VNC uses po
rt 5901 for desktop :1, port 5902 for
desktop :2, etc.
$ ssh -f -C \
-L 5901:127.0.0.1:5901 \
-l marc demo.labsystem.net sleep 7200
Now run a vncviewer on the local machine. Be sure to use the command
switches below which give better performance.
$ vncviewer -compresslevel 9 -encodings "tight copyrect" localhost:1
Now have your field person also create a ssh port tunnel (of course
they need an account on the demo system as well) and also run
vncviewer. Now both of you can control the keyboard and mouse for the
system. The performance can be surprisingly good if you have a least
T1 speeds. Across a slower DSL, it is usable, but you feel the delay.