You may have read my post on set­ting up the Rasp­ber­ry Pi to access the desk­top remote­ly.  I got most of that accom­plished with a bit of deter­mi­na­tion and some help from the good peo­ple of Red­dit /RaspberryPi.   Once I’d sent red­dit my post, u/newdles and u/wittless both made some real­ly good sug­ges­tions about using an SSH Tun­nel to route traf­fic from the brows­er on my cur­rent com­put­er to the Ras­ber­ry Pi. This elim­i­nates the need for any remote desk­top soft­ware like VNC which is inher­ent­ly inse­cure because the data it sends isn’t encrypt­ed.

SSH (Secure SHell) is a much bet­ter option than my orig­i­nal plan for a few rea­sons.  First as the name implies, it’s rel­a­tive­ly secure.  The web traf­fic is encrypt­ed while it’s trav­el­ling back and forth between my lap­top and the Rasp­ber­ry Pi.  For the time being, short of the NSA, most peo­ple won’t have access to the traf­fic stream.

Sec­ond, it’s far faster than VNC.  Because VNC has to send graph­ics data between two com­put­ers it tends to be pret­ty slow and finicky when you’re try­ing to move about the desk­top, open files and appli­ca­tions, and manip­u­late set­tings. It’s always been like this and even with sig­nif­i­cant­ly high­er inter­net speeds, it hasn’t dras­ti­cal­ly improved in the 15 years I’ve used it.

I found a great walk through from Hey Stephen Wood on SSH Tun­nelling on the Mac, and since I was already set up for SSH ter­mi­nal access, it was real­ly just the proxy con­fig­u­ra­tion I need­ed.   The only thing dif­fer­ent in my own set­up was that I’d changed my default port from 22 to (some­thing else) on the advice of u/witless on that red­dit thread.

Stephen sug­gests using this to con­nect to your Pi:

$ ssh -D 8888 username@yourwebserver.com -vv

But when the default port has been changed, this is actu­al­ly what you’ll need to do.

$ ssh -D 8888 -p [YourNewPortNumber] username@yourwebserver.com -vv

I got a bit con­fused by his 8888, and tried to jam my port num­ber in there unsuc­cess­ful­ly.  The -D 8888 spec­i­fies a port on the local com­put­er where that tun­nel can tran­sit through. Obvi­ous­ly my non-default port need­ed to be spec­i­fied sep­a­rate­ly. :)

Tagged with:
 

Comments are closed.