Luminate Secure Access Cloud (TM) supports various access scenarios for remote desktops. VNC protocol is one of the technologies that can be used. Below step-by-step process describes the required setup both on the server side and on the Luminate Admin Portal.
|The process assumes access to Ubuntu Linux (although, of course, the same procedure can be applied to any other Unix capable of running OpenSSH and VNC servers. Additionally, the process assumes Windows as a workstation of an end-user running VNC Client software. Naturally, other desktop operating systems and different VNC client applications can be used.|
1. Install VNC server on our Ubuntu (or other Unix) server: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-vnc-on-ubuntu-18-04
Please note the port that you configure for the VNC server. For this guide, we will assume port 5901.
2. Configure an SSH Application to represent the server, according to this guide.
3. Find your SSH Application in the Luminate Applications Portal (in the screenshot below it is marked with a VNC logo):
4. Clicking on the SSH Application object, please note the Host Name for SSH Client and User Name for SSH Client fields, as well as the Command field (in case you are planning on using a command-line OpenSSH client).
5. Connect the VNC client, either by manually creating an SSH Tunnel or by using a VNC Client that supports connections over SSH:
If your VNC client does not support connections over SSH, please create an SSH Tunnel. If using an OpenSSH command-line client, creating the tunnel requires running the following command:
ssh -i luminate_ssh_key.pem -L 5901:127.0.0.1:5901 -C -N -l [email protected] vncserver.mycompany.luminatesec.com
- -i luminate_ssh_key.pem is an optional argument, specifying a Luminate SSH Key
- [email protected] is the User Name for SSH Client from the previous step, where username is the local user that will be connecting to the VNC Server
- vncserver.mycompany.luminatesec.com is the User Name for SSH Client from the previous step
- -C Requests compression of all data (including stdin, stdout, stderr, and data for for‐warded X11, TCP and UNIX-domain connections).
- -N Do not execute a remote command. This is useful for just forwarding ports (protocol version 2 only)
- -L 5901:127.0.0.1:5901 means mapping port 5901 on the host defined in the SSH Application to a local port 5901.
Then, connect your VNC client to localhost:5901
If you have a VNC client that supports connecting over SSH (such as MobaXterm for Windows), please configure the connection directly:
Please note, that a Remote Hostname is configured to be "localhost" and the Gateway SSH Server/User contain Host Name for SSH Client and User Name for SSH Client from the previous step.