• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1716
  • Last Modified:

SSH <-Tunnel-> RDP / Using WRT54g DD-WRT v23 (SSHd)

Couple of questions:
1.
What are the advantages of using SSH to connect to a remote desktop over the net using XP's RDP (Remote Desktop) via a SSH tunnel?
vs.
Connecting directly to the remote PC via RDP (Remote Desktop) ONLY ???
---
2.
I understand RDP has encryption, so why would I need to also use SSH?
---
3.
If I use SSH do I need to setup a port forward for RDP, or does SSH already handle this?
---
I am new to SSH, and I've played with Putty a little, but any and all information you can give me on Tunneling thru SSH to connect to a remote desktop via RDP will be much appreciated.
p.s. All machines are running WinXP Pro, and I am using WRT54g with dd-wrt v23 Firmware which comes with SSHd.
THanks,
-BassKozz
0
basskozz
Asked:
basskozz
  • 3
  • 3
2 Solutions
 
naveedbCommented:
If you have enabled high encryption with RDP, then there is not much advantage using ssh. Someone who can break 128-bit encryption will be able to do the same with ssh.

Go for RDP high encryption, easy to setup and maintain then tunnel through ssh. ssh is more useful when you are unable to use the encryption with default protocol such as telnet of ftp etc. Since RDP come with High encryption, you don't have to use ssh.
0
 
basskozzAuthor Commented:
Does RDP default to "high" encryption setting ?
or is this something I need to set ?
...

Couldn't I connect to a remote computer via RDP tunneling thru SSH... WITHOUT having the port forwarded ?

Wouldn't this be more secure then leaving the Port forwards setup so someone can find them ?

-BassKozz
0
 
naveedbCommented:
You can make sure it does by configuring the GPO settings:

http://www.microsoft.com/technet/prodtechnol/winxppro/reskit/c08621675.mspx

Table 8-4 tells you what are the setting for RDP.

"Couldn't I connect to a remote computer via RDP tunneling thru SSH... WITHOUT having the port forwarded ?
"

Can you explain this further? you mean port forwarding on router/firewall? How will you connect to ssh without forwarding port 22 unless I did not understand your question.


0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
basskozzAuthor Commented:
"Can you explain this further? you mean port forwarding on router/firewall? How will you connect to ssh without forwarding port 22 unless I did not understand your question.
"
When I say port forward, I mean my Router has these ports forwarded (i.e. exposed to the internet).

What I mean is, I currently have RDP ports forwarded (i.e. 44444,44445,44446) for a few computers that I would like to connect to remotely, and I have setup each computer to listen for RDP on these ports...  But rather then leaving these ports open, can't I SSH tunnel into my router (SSHd) then connect to these computers withOUT having to leave these ports forwarded (exposed) on my router?
0
 
basskozzAuthor Commented:
Does this make sense?
0
 
naveedbCommented:
If you have multiple computers on the same subnet then it does make sense, and is more secure to have a single point of entry. You should go with sshd, tunnel into the machine and then connect via RDP.

Looking again, I see at the end of your original question have mentioned multiple machines.

The only issue (possible issue) that I can see is that you are using dd-wrt firmware, which is open source developed independtly. Although I do not see any bugs / issues, but it is less secure then having a Linux box (with major distribution like RedHat or Suse) inside your network and use it as sshd.

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now