The previous recipe showed you how to give remote access to the user's desktop through VNC. However, there are clearly some security concerns if the service is running on an untrusted network. Only the display number and password are required to connect, and the password can be relatively easy for a malicious user to crack given that only the first eight characters are significant. Moreover, the traffic is unencrypted and it may be snooped. To help mitigate these risks, this recipe teaches you how to route the VNC connection through an encrypted SSH tunnel.
This recipe requires two systems, a CentOS system hosting the VNC server (remote system) and a local computer with a VNC client to connect to it. It assumes that the remote system is running the OpenSSH SSH server and TigerVNC server and is configured with the IP address 192.168.56.100
. It also assumes that you have administrative privileges. The VNC server should be configured as described...