Need to connect to a VNC server behind a firewall that only allows SSH traffic? With SSH access to the VNC server, you can tunnel the VNC traffic through an SSH connection. This will encrypt your VNC traffic through an SSH tunnel.
To begin, SSH to the VNC server and forward the local client’s 5904 TCP port to the VNC server’s port 5901.
client$ ssh firstname.lastname@example.org -L 5904:*:5901
Next, In a new window, direct vncviewer to your localhost 5904 port and the traffic will be forwarded to your VNC server’s port 5901.
client$ vncviewer localhost:5904
If you get any errors, be sure that your client’s firewall is not blocking localhost’s port 5904.
client$ su -c "iptables -L"