Connect To Computers In the Physics Network Via Remote Desktop

Tunneling Remote Desktop

Sometimes, you will want to connect to a machine in your lab, but youare at home (or off GT's campus). If you try to use a remote desktop client to connect, you will notice that it fails. This is due to security measures put in place by the School of Physics. If you want to connect to this machine, you'll need to do what is called SSH port forwarding in order to connect to your client machine in the lab.

This guide will cover how to use SSH port forwarding on Windows so that you can connect remotely to your computer.

Computer Configurations on the Server (Computer inside Howey Physics building)


To do this on Windows, the only outside piece of software you will need is PuTTY (download here).

Now, to ensure that you can remote desktop into your system, you need to do a few things beforehand. To do any of this, you need root access on the system you'll be trying to connect to (that is, you need to be able to log in as Administrator. If not, contact the SoP support team). The first thing you'll want to do is right-click on the My Computer icon on the desktop (or your Start Menu) and select Properties.

Then select the Remote tab. Here, you will want to make sure you have checked the box that says "Allow users to connect remotely to this computer."

By default, the root (Administrator) account is given remote access. You'll probably want other users to have remote access to the computer as well (since you don't want to give everybody the root password), so click on the button that says "Select Remote Users" and then you'll be given a box where you can add users. Please click on the examples link in that box to correctly format the way you add users, otherwise they will not be added correctly and will be unable to connect.

After you have done this, you need to open up the firewall management. You can do this by clicking on "Run..." in the Start Menu. Type firewall.cpl and hit Enter. Click the Exceptions tab.

Scroll down the list and make sure that the box labeled "Remote Desktop" is check-marked. Click "OK" afterward.

Computer Configurations on the Client (Computer outside Howey Physics building)


You will need two programs

  1. Putty avilable here -
  2. Remote Desktop - you can choose Start -> Run and type mstsc.exe or look under Start -> All Programs -> Accessories

First open putty, you will get a screen with several fields and options. Click on the "+" beside the SSH menu on the left menu tree, and select Tunnels. This is where you will forward ports. In the Source port field, type any port number which is not being used. Any port above 1000 is likely going to be fine. Port 9000 is used in this example. In the Destination field, type the name of the machine you want to connect to (ex., followed by a colon, as well as the port you designated for remore desktop in the "Source port" field. The default is port 3389.

Don't click Open as this will not save your tunnel.
Click the "Add" button, and afterward, your screen should more or less look like this:

Click on Session at the very top of the menu categories to return to the screen you initially saw upon starting PuTTY.
Now type in the following

Host Name:
Port: 22
Connection Type: SSH

To save this for furure use:
Enter a name/description in the Saved Sessions field and click the Save button to save your tunneling preferences/information.


Type in your username and password for your phys-ssh account when prompted. Once you are connected you will get a prompt that looks like this:


Once you have log in sussessfuly. Minimize the putty window as it is need to stay running, but we don't need to look at it.
Start remote desktop. Since we choose port 9000 to connect to our computer through the tunnel we will have to type the following in the Computer field.

Computer: localhost:9000



Open a terminal and use the following command

ssh -L

ssh (remote host gateway) -L (localport):(remote host to connect to via rdp):(remote port)

Use rdesktop to connect to remote computer

rdesktop localhost:9000

*NOTE - If you are using vnc for linux remember that the command will required a double ":" for the port (i.e. gvncviewer localhost::5900)