[wplug] VNC + SSH question

[Benjamin Slavin]

Hello all,

It's been some time since I've posted here, but I come now seeking the expert advice of the list members.

I am trying to setup a VNC-over-SSH login system for my lab; however, I'm having some difficulty getting it to perform the way I want it to.

Basically, my desired setup is:
I create a client (Java) based on TightVNC's Java client and jsch
Users run this client and provide their ssh credentials for the machine they are accessing
Once the SSH connection is established, it will automatically start Xvnc for that user (NOT requiring a reauthentication via xdm/gdm), and all VNC traffic will be tunneled over this SSH connection

The tricky part (at least as I see it) is getting the on-demand invocation of Xvnc for each client. For the traffic to be tunneled, I have to setup that tunnel in SSH from the client side; however, I don't know what port I will be able to run Xvnc on on the server side.

I've considered trying to use vncconfig to force the server to "dial-out" to the client, but I'll need to setup port forwarding from the server to the client and I don't think the TightVNC Java client supports incomming connections.

I currently have this working with VNC running from inetd, but this requires users to authenticate twice (once via SSH, once via xdm/gdm), and this is not a desirable solution.

Any thoughts on how I should attack this?

Thanks!

--Ben