How to RDP over an SSH tunnel

You can use this trick to access your home PC from a remote PC (like your work PC). Instead of using Teamviewer or other similar software. You can setup up your own encrypted and secure tunnel to work thru. The requirements are basically to have an SSH accessible server in the same network as the PC you want to access.

Server Side Requirements:

Windows PC that you want to connect to (example local IP: 192.168.1.3)
Linux server with SSH in the same network as the Windows PC (example local IP: 192.168.1.2 over port 22)
1. This can be a virtual machine running off the Windows PC (just as long as it is accessible from the router; so make sure you use a Bridged Network Adapter)
Internet access to the Linux server SSH (example WAN IP: 1.1.1.1)
This can be achieved by setting up a port forward on your router to send traffic destined to port 22 (or any port) from your Router to the Linux server’s port 22.
1. Example1: route traffic hitting 1.1.1.1 on TCP port 22 to internal port TCP 22 on 192.168.1.2 (example: we port forwarded port TCP 22 from the router to 22 on the linux server)
2. Example2: route traffic hitting 1.1.1.1 on TCP port 12345 to internal port TCP 22 on 192.168.1.2
Enable RDP on your Windows PC:
1. Control Panel -> System and Security -> System -> Change Settings -> Remote -> allow RDP connections && uncheck the box “Allow Connections only from computers running Remote Desktop with Network Level Authentication (recommended) -> Select Users and add the Windows User[s] that will be connecting to the RDP

Client requirements

For Windows machines connecting to the rdp tunnel: Make sure your Windows client has Cygwin installed with ssh program (The windows client is the one used to connect)

Verification

Verify the setup works by SSHing to your Linux server from a remote location.

Also if you can try to connect to your RDP from another PC in your home network. Windows+R then type “mstsc /v:192.168.1.3:3389“

How to connect from a Window PC:

For the sake of the example I will use the IPs highlighted as examples.

Open cygwin and run “./sshrdp_cygwin.sh 192.168.1.3:3389 root 1.1.1.1 22” then put in your SSH password. Then the RDP window opens and put in your Windows Login credentials

#!/bin/bash
# usage: ./sshrdp_cygwin.sh [inside ip:rdp port] [ssh user] [ssh wan ip or fqdn] [ssh port]
# for cygwin - to any port
RemoteAddress="$1"    # [rdp server:rdp port] example: 192.168.1.3:3389
RemoteSSHserver="$3"  # [ssh server ip or hostname] example: 1.1.1.1
RemoteSSHuser="$2"    # [ssh user] example: root
RemoteSSHport="$4"    # [ssh port] example: 22
USAGE="\nusage: ./sshrdp_cygwin.sh [inside ip:rdp port] [ssh user] [ssh wan ip or fqdn] [ssh port]    # makes ssh tunnel to [inside ip:rdp port] thru ssh [user]@[ssh fqdn]:[ssh port] & starts rdp mstsc\nexample: ./sshrdp_cygwin.sh 192.168.1.3:3389 root 1.1.1.1 22\n"
[ -z "$1" ] && { echo -e "$USAGE"; exit 1; }
[ -z "$2" ] && { echo -e "$USAGE"; exit 1; }
[ -z "$3" ] && { echo -e "$USAGE"; exit 1; }
[ -z "$4" ] && { echo -e "$USAGE"; exit 1; }
echo "--------- finding Local unused port --------"
START=10000 # start -1 from you wann start
END=12000 # +1 from where you wanna go to
START1=$(($START-1)); END1=$((END1+1));
N=$START1
while :; do
N=$((N+1))
[[ "$N" == "$END1" ]] && N=$START
echo "** trying port $N **"
GREPLINE=":$N.*LISTENING"
echo "   GREP LINE: $GREPLINE"
netstat -a -n | grep -q "$GREPLINE" && { echo "   Used port $N"; } || { echo "   Found unused port $N"; LocalPort=$N; break; }
done
echo "--------- summary of connection --------"
echo "* Connecting to SSH server '$RemoteSSHserver' on port '$RemoteSSHport' w/ user '$RemoteSSHuser'"
echo "* Local ssh tunnel port from 'localhost:$LocalPort' to '$RemoteAddress'"
SSHSOCKET="/tmp/sshsocket$RANDOM`date +%s`"
SSHCMD="ssh -M -S $SSHSOCKET -f -N -C -p $RemoteSSHport -L $LocalPort:$RemoteAddress $RemoteSSHuser@$RemoteSSHserver;"
echo "* ssh cmd # $SSHCMD"
echo "* rdp cmd > mstsc /v:localhost:$LocalPort"
echo "--------- connection --------"
eval "$SSHCMD";
SSHPID=`ssh -S $SSHSOCKET -O check $RemoteSSHuser@$RemoteSSHserver 2>&1`
echo "SSH pid started as: $SSHPID"
mstsc /v:localhost:$LocalPort &
echo "MSTSC pid started as: $!"
exit 0

You can then make an alias in your ~/.bashrc script to alway connect to your homepc (assuming you put sshrdp.sh into your /usr/bin directory).

alias homepc=’/usr/bin/sshrdp_cygwin.sh 192.168.1.3:3389 root 1.1.1.1 22′

From then you can just type homepc on your cygwin and it will launch up

Connect from a Mac

Follow the same steps as Windows but use this script instead. Also since MACs don’t have mstsc. You will need to install and open up RDP software manually each time a tunnel is setup. The sshrdp script will prompt for your SSH server address & give you instructions like

“Open RDP to localhost:10000”

Then you will need to login with your Windows credentials

Here is the MAC version of the same script:

#!/bin/bash
# usage: ./sshrdp_mac.sh [inside ip:rdp port] [ssh user] [ssh wan ip or fqdn] [ssh port]
# for cygwin - to any port
RemoteAddress="$1"    # [rdp server:rdp port] example: 192.168.1.3:3389
RemoteSSHserver="$3"  # [ssh server ip or hostname] example: 1.1.1.1
RemoteSSHuser="$2"    # [ssh user] example: root
RemoteSSHport="$4"    # [ssh port] example: 22
USAGE="\nusage: ./sshrdp_mac.sh [inside ip:rdp port] [ssh user] [ssh wan ip or fqdn] [ssh port]    # makes ssh tunnel to [inside ip:rdp port] thru ssh [user]@[ssh fqdn]:[ssh port] & starts rdp mstsc\nexample: ./sshrdp_mac.sh 192.168.1.3:3389 root 1.1.1.1 22\n"
[ -z "$1" ] && { echo -e "$USAGE"; exit 1; }
[ -z "$2" ] && { echo -e "$USAGE"; exit 1; }
[ -z "$3" ] && { echo -e "$USAGE"; exit 1; }
[ -z "$4" ] && { echo -e "$USAGE"; exit 1; }
echo "--------- finding Local unused port --------"
START=10000 # start -1 from you wann start
END=12000 # +1 from where you wanna go to
START1=$(($START-1)); END1=$((END1+1));
N=$START1
while :; do
N=$((N+1))
[[ "$N" == "$END1" ]] && N=$START
echo "** trying port $N **"
GREPLINE="\.$N.*LISTEN"
echo "   GREP LINE: $GREPLINE"
netstat -a -n | grep -q "$GREPLINE" && { echo "   Used port $N"; } || { echo "   Found unused port $N"; LocalPort=$N; break; }
done
echo "--------- summary of connection --------"
echo "* Connecting to SSH server '$RemoteSSHserver' on port '$RemoteSSHport' w/ user '$RemoteSSHuser'"
echo "* Local ssh tunnel port from 'localhost:$LocalPort' to '$RemoteAddress'"
SSHSOCKET="/tmp/sshsocket$RANDOM`date +%s`"
SSHCMD="ssh -M -S $SSHSOCKET -f -N -C -p $RemoteSSHport -L $LocalPort:$RemoteAddress $RemoteSSHuser@$RemoteSSHserver;"
echo "* ssh cmd # $SSHCMD"
echo "--------- connection --------"
eval "$SSHCMD";
SSHPID=`ssh -S $SSHSOCKET -O check $RemoteSSHuser@$RemoteSSHserver 2>&1`
echo "SSH pid started as: $SSHPID"
echo "Open RDP to localhost:$LocalPort"
exit 0

Similarly, you can setup an alias to use on your MAC terminal, except you will need to put it in your ~/.bash_profile instead of your ~/.bash_rc (if I recall correctly, that is how it is done with MACs)

alias homepc=’/usr/bin/sshrdp_mac.sh 192.168.1.3:3389 root 1.1.1.1 22′

Then you can access your home pc by simply typing homepc.

Connect from a Linux Server

You probably just use the MAC steps – although I am not sure and have not tested it. The line of code with the netstat command might need a change / edit.

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

infotinks

My Notes, Articles & Guides for Linux, Windows and Networking.

How to RDP over an SSH tunnel

Leave a Reply Cancel reply