More on tunneling Remote Desktop over SSH

Will this saga never end? Continuing with this entry from May 21, I’ve been playing with and trying various ways to tunnel Remote Desktop over SSH. There are lots of useless entries out there on the web, mostly discussing ways to force your Windows XP machine to accept Remote Desktop connections requests to localhost or when, in fact, all you have to do is connect to … or .3 … or .4. That’s right, folks, 127.x.y.z are ALL local connections. And let’s not debate whether that’s a correct implementation or not, that’s just the way it is. We can take advantage of this IF we can get our local SSH client to listen on one of those IP addresses. The stock, standard OpenSSH implementation of the SSH client won’t do it so you’ve gotta pick something else. PuTTY will do it as will plink from that same free distribution. So, what you need to do is set up a PuTTY configuration to forward to (remember, the remote IP address is relative to the machine that’s your SSH target).

That’s the 2 machine case (SSH directly to the machine whose desktop you want to control). There’s also a 3 machine case where you SSH into a landing pad that has access to the machine whose desktop you want to control. I’ll deal with that later.

So, in summary, you need to run an SSH client that will allow you to listen on an IP address that’s not PuTTY and plink are two clients that will work — the OpenSSH implementation of SSH will not work. You need to forward port 3389 (3390 if your local machine is running the Remote Desktop server) to port 3389 of the remote machine. Once you’ve established your SSH connection, bring up the Remote Desktop client and connect to (or if your local machine is running the Remote Desktop server) and you are up and running!

1 thought on “More on tunneling Remote Desktop over SSH”

  1. Hi Dan-
    Just an FYI… Windows XP SP2 looks like it will break this, even with the firewall turned off.
    I use this “workaround” for my software at but it and other softwares stop working with SP2. I’m looking into it and I’ll let you know if I find a workaround…

Leave a Comment