Stabsstelle D4 IT-Sicherheit und Datenschutz
[DESY Home Page]

Deutsche Version
RDP via SSH Tunnel With PuTTY
The following document decribes in principle howto connect to a Windows XP client in inside DESY network with Remote Desktop Protocl and over a secure ssh tunnel.

You want communicate from desktop A outside DESY network with desktop C inside DESY network via ssh server B. On desktop C the remote desktop service is running. The communication between A and B (internet) is rdp and ssh encrypted. The communication between B and C (inside DESY network) is rdp encrypted.
Following prerequirements have to be fulfilled:

SSH Tunnel Configuration
  1. Start the ssh client program PuTTY on desktop A.
    Insert the ssh server dns name or ip address in field Hostname (or IP address).
    Under Protocol select SSH or type "22" in field Port.
  2. Under Category switch to Connection-SSH-Tunnels. Select field Destination and type the dns name or ip address of the desktop C followed by ":3389".
    Select field Source port and type in "3389".
    Make sure that under Destination "Local" and "Auto" are selected.
  3. Click on "Add" button.
    Your settings will be displayed in field Forwarded ports.
  4. Click on Open button and login into ssh server.
RDP Connection
  1. Start your remote desktop client on desktop A. In field Computer type in "localhost:2024".
  2. Click on Connect
  3. Login into desktop C with your windows domain account.
  1. Click on Start -> Logout and stop the rdp connection. Wait until disconnecting process is complete.
  2. Switch to ssh terminal window (PuTTY) and disconnect from ssh server by entering "exit".



DESY Homepage    D4 Homepage    top
Carsten Porthun