In the Session window, under "Basic options for your PuTTY session", enter the IP address and listening port for the SSH server:. Client machine: SSH and VNC clients installed. SSH server: SSH service is listening on port 22 at IP address 1.2.3.5. Target server: VNC service is listening on port 5900 at IP address 1.2.3.4. In this scenario, a client wishes to connect to a service that does not natively use encryption but does not want the traffic to be sent unencrypted through the Internet. Scenario - Connecting to an insecure service Common SSH clients include OpenSSH and PuTTY for Windows. The SSH server will need to have access to the listening port on the target server. Network communications between the SSH server and the target server are NOT encrypted by the SSH tunnel (see diagram below), so if the servers are running on different machines, ideally they should be located together on a secure network.Ĭonfiguring an SSH server is beyond the scope of this article, but popular options include OpenSSH for unix-based systems and Bitvise SSH Server for Windows. The SSH server may be running on the same machine as the target server, or on a different machine. SSH client configured to forward traffic from a local listening port, through the SSH server, to the target server. SSH server listening for connections from the client. Target server offering network services (http, vnc, etc.) to the client. SSH tunnels are also useful for allowing outside access to internal network resources. While SSH is commonly used for secure terminal access and file transfers, it can also be used to create a secure tunnel between computers for forwarding other network connections that are not normally encrypted.
Secure Shell, or SSH, is used to create a secure channel between a local and remote computer.