How to Remote Desktop through SSH?
I use RDP to get a connection to a remote server. Recently, I was told that I could remote into another computer with a higher level of security by tunneling RDP over SSH with PuTTY. As I always deal with sensitive and important information, I wanna give it a try. But I don’t know how to do it, can anyone tell me?"
- Question from Reddit
Brief introduction of SSH tunnel
An SSH tunnel, or Secure Shell tunnel, is a method of securely transmitting data between two devices over a potentially unsecured network. It leverages the encryption capabilities of the SSH protocol to create a secure and private communication channel between a local and a remote host. SSH tunnels are commonly used to protect sensitive information and enable secure access to various services.
Typically, there are three types of SSH tunnels:
- Local port forwarding. This lets you connect to a server from your computer by routing your connection through an SSH server. It's useful for accessing servers when faced with workplace firewalls.
- Remote port forwarding. Similar to local port forwarding, this method allows connecting to another server from your computer through an SSH server. It's handy for reaching your client while bypassing workplace firewalls.
- Dynamic port forwarding. This method routes connections from various programs through the SSH client, then the SSH server, and finally to multiple target servers. Each program needs a separate configuration and must be adjusted when the proxy server is no longer in use. Dynamic port forwarding helps bypass corporate firewalls restricting web access.
Of these, local port forwarding is the most used type of port forwarding.
How to create a Remote Desktop SSH tunnel using PuTTY
Creating an SSH tunnel for Remote Desktop (RDP) allows you to secure your remote desktop connection by encrypting the data transmitted between the client and the server. Here are the general steps to create a Remote Desktop SSH tunnel using PuTTY.
Part 1. Prerequisites
There are two prerequisites you need to know:
- Ensure that you have an SSH server running on the remote machine you want to connect to. If it's a Windows machine, you may need to install an SSH server like OpenSSH for Windows.
- Make sure you have an SSH client installed on your local machine. On Windows, you can use tools like PuTTY.
Part 2. Detailed steps
Here are the detailed steps to create a Windows 10 and 11 SSH Remote Desktop connection:
Step 1. Download PuTTY.
Step 2. Open the Downloads folder, find and open the PuTTY you’ve downloaded.
Step 3. On the left pane, navigate here: Connection > SSH > Tunnels.
Step 4. Add your local IP address and port to the Source port. For example, here we use TCP port 3388 on IP address 127.0.0.2, and the remote internal IP address and RDP port 3389 as Destination (192.168.48.211:3389). Then click Add.
Step 5. Then you can see the forwarded ports shown here. This means the SSH tunnel for Remote Desktop is active.
Step 6. Then you can connect the Remote Desktop Connection to 127.0.0.2:3388.
Part 3. Important Notes
Here are some crucial notes to keep in mind:
- Ensure that your firewall settings allow the specified ports.
- Dynamic port forwarding (SOCKS proxy) allows you to tunnel other traffic as well, not just RDP. Adjust the settings accordingly.
- Always use strong, unique passwords for both your SSH and RDP connections.
AnyViewer: Safest Remote Desktop alternative for Windows
- Encrypted Remote Connections: Using a robust 256-bit Elliptic Curve Cryptography (ECC) algorithm ensures the confidentiality and integrity of your remote sessions.
- Two-Factor Authentication: Enhancing security with an additional layer of verification ensures that only authorized individuals can access your remote desktop.
- Device Authentication: AnyViewer simplifies security by allowing you to lock its interface when stepping away or sharing your machine. This prevents unauthorized access and modifications, preserving your preferences and system security.
Download AnyViewer, install and launch it on both the remote computer and the local computer, and see how it works.
Step 1. Download, install, and launch AnyViewer on both computers. Go to Log in, and then click Sign up. (If you already have signed up on its official website, you can log in directly.)
Step 2. Fill in the signup information.
Step 3. Then you can see you successfully logged in to AnyViewer. Your device will automatically be assigned to the account you've logged in to.
Step 4. Log in to the same AnyViewer account on the two devices, then you can achieve a direct connection by clicking One-click control.
- For an even more enriching remote desktop experience, contemplate upgrading to a Professional or Enterprise plan with AnyViewer. Here's what you'll gain access to:
- Better Device Control: Easily manage multiple unattended access devices with precision.
- Effortless Multi-Tasking: Handle multiple remote sessions concurrently, simplifying multitasking.
- Fast File Transfers: Quickly move large files between devices for improved efficiency.
- Privacy Mode: Ensure discreet access to remote devices by darkening the screen and disabling the keyboard for added privacy.
Creating a Remote Desktop SSH tunnel using PuTTY on Windows 10 is certainly a safer way to remote into another computer. Of course, you can also use AnyViewer, the free and secure remote desktop software, to achieve this in a simpler way.