Tunneling Remote Desktop traffic through an SSH connectionIf you are using the VPN in order to use Remote Desktop to connect to a campus machine from off-campus, you can use the following procedure as an alternative to running the Cisco VPN client.
- Open PuTTY (if PuTTY is not installed, it can be downloaded from: \\monolith.scs.ad.cs.cmu.edu\pc_dist\putty)
- When PuTTY is opened, enter "linux.gp.cs.cmu.edu" in the "Host Name" field
- Expand the "SSH" heading in the column on the left, then click "Tunnels"
- In the "Source port" field, enter "127.0.0.2:3390"
- In the "Destination" field, enter the name of the machine that you would like to Remote Desktop to followed by a colon and 3389 (i.e. "HOSTNAME.CS.CMU.EDU:3389")
- Click the "Add" button
- Click the "Open" button
- Once you have successfully logged into linux.gp.cs.cmu.edu, the PuTTY window can be minimized
- Next, open Remote Desktop, then enter "127.0.0.2:3390" as the computer to connect to, then click the "Connect" button
This process is tunneling the RDP traffic through the SSH connection, where traffic between your host and the SCS network is sent over an encrypted channel using TCP port 22. Note that traffic is not encrypted after it reaches our network.
If you experience problems with this procedure, ensure that the Windows firewall (or any other software firewall that is running on the machine) allows outgoing TCP port 22 connections. If you need assistance configuring your Windows firewall, contact the SCS Help Desk at "firstname.lastname@example.org" or 8-4231.