0

The setting is a bit confusing but please keep up with me

I have a linux machine on a remote location. There is also a windows machine there. All of them connected with a LAN

There is a program running on the linux machine and I can access its results by opening the localhost with a browser.

Now, since its location is remote, my first idea was to enable remote desktop with something like this setup.

However I have been told in very vague terms there can be another way.

The idea would be to -based on the setup described above- access the localhost of the linux machine with the windows machine (through a browser of course), and then, run a remote desktop in the windows machine that I can access.

My question is, how can I do this second option?

Improve this question
2
  • originally I access the results in the linux machine with a browser open to the localhost.
    – KansaiRobot
    Commented Apr 20, 2023 at 2:00
  • 1
    @Ramhound: So instead of a tutorial from 2018 which is still applicable today, you recommend a completely insecure technology from 1988 that is only barely supported by current Ubuntu versions... (XDMCP uses single-DES for authentication, if at all.) It seems that OP is talking about accessing an HTTP service that's running on the Linux machine through a browser, which sounds fairly normal to me, but just to make a point I'm going to suggest noVNC and Guacamole for accessing a whole Linux system through a web browser.
    – grawity_u1686
    Commented Apr 20, 2023 at 5:34

1 Answer 1

Reset to default
1

However I have been told in very vague terms there can be another way.

SSH is commonly used to "access the localhost of another machine", so to speak – in addition to interactive shells, it allows you to easily set up tunnels for TCP connections through the server. (It is not in any way limited to just "localhost" access, but that's probably a quite common use.)

  • With the ssh or plink commands, use the -L option to create a tunnel:

    ssh -L <listenport>:<targethost>:<targethost> <sshserver>
plink -v -N -L <listenport>:<targethost>:<targethost> <sshserver>

    For example, to create a tunnel to the server's "localhost:80", choosing port 5092 on the client, you would specify -L 5092:localhost:80 as part of the command.

  • With the graphical PuTTY, go to "Connection > SSH > Tunnels" and add a "forwarded port". Specify some local port (client-side) as source and the program's address (server-side) as destination.

  • Almost all other SSH clients have the same kind of "tunnel" or "forwarding" setting somewhere.

Programs on the SSH client system will then be able to access the tunnel at localhost:<listenport>.

There are multiple other methods:

The most direct way would be to reconfigure the program to listen on all addresses, not only the 'localhost' address, so that it would be directly accessible across the LAN (e.g. as http://ubuntupc:8080) like a normal web server. This does have the downside of exposing the program to the entire local network so it should only be done if you can restrict access using a firewall or in some other way. For that reason, SSH tunnels are often preferred when accessing more sensitive services.

If the program cannot be reconfigured or is too risky to leave open, an HTTP "reverse proxy" could be set up on the same machine to listen for connections instead, and to relay requests to the real program (possibly with authentication). It's how many regular webapps are set up to be exposed to the Internet – the app only listens on localhost but uses a reverse-proxy frontend to handle the requests.

Various ngrok-like "cloud reverse proxy" services could also be used to make the program accessible from everywhere (some such services have options to add authentication, others don't).

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .