tunneling Win2K Terminal Services over SSH or zebedee

Posted on 2003-02-26
Medium Priority
Last Modified: 2012-05-04

I was wondering if anyone knew of tunneling Win2K Terminal Services over zebedee or SSH, or another type of high encryption protocol?

I'm looking to run Terminal Services over the internet, but I want want to tunnel it over (preferably) SSH-2, since I know that protocol.  Zebedee is a new protocol that I heard, but it's not feature complete.

Please let me know what your thoughts and experiences are.  Thanks.  


Question by:scottiesi
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Expert Comment

ID: 8030313
On the server machine, an SSH2 server such as WinSSHD must be installed. On the client machine, an SSH2 client, such as Tunnelier, must be configured so that connections on port 3389 will be forwarded to the Remote Desktop server. One must then direct the Remote Desktop client to connect to the SSH2 client instead of directly to the server, and the connection will be forwarded over the SSH2-secured link.

Author Comment

ID: 8030780

Thanks for the input.  That sounds about right, but it's one step too many.  Is it possible to write a script, either batch or WSH script to automate that all in one step?  

Double click on the script and it will initiate the SSH connection, start up Terminal Service Client, and connect to the server.  I guess the script might have to do some monitoring perhaps.  


Expert Comment

ID: 8031791
You can script the SSH connection fairly easily with the commercial SSH client from http://www.ssh.com/ and I am sure that you could do it with SecureCRT, putty (free) and others.

Here are the 2 commands you would have to run. I dont know much about WSH but this should be trivial.

ssh2 -l username sshserver.domain.com -L 3389:ts.domain.com:3389

c:\windows\system32\mstsc.exe /v:localhost

Unless you setup certificates this will require you to enter the SSH user password each time.

This will not work with XP, it will not allow you to try to connect to localhost with TS Client. It will with 2000.
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users


Accepted Solution

atreyu138 earned 200 total points
ID: 8038996
It is possible to connect to localhost with TS Client on an XP box:

1. Create a folder (For example c:\TSclient) on your XP box
2. Copy mstsc.exe and mstscax.dll from your XP's %systemroot%\system32
to this folder.
3. Right click mstsc.exe and go to the properties of it.
4. Select the Compatibility tab
5. Check "Run this program in compatibility mode for"
6. Select "Windows 98/ Windows Me"
7. Click on OK
8. Connect your SSH to the remote network or machine
9. Forward another port than 3389, for example 3390
10. Use the newly copied mstsc.exe to connect to

I know, I know, too many steps, but i fugured I'd just let ya'll know!

Author Comment

ID: 8081737
Hi everyone,

This looks good so far.  

Author Comment

ID: 8130663
Hi atreyu138,

Excellent, this looks good.

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question