Advanced Secure Access

When using encryption in iTeleport, you may want to connect to a non-standard SSH port.  Or you may want to use one SSH server as a proxy to connect to different VNC servers.  Or you may just want to know how everything works.  If so, read on!

When encryption is disabled, iTeleport uses the Address information to connect directly to a VNC server.  It's a simple, direct connection.

With encryption enabled, however, iTeleport first connects to your SSH server and authenticates itself using SSH credentials.  Once authenticated, it asks the SSH server to open up a "tunnel" between iTeleport and the VNC server (based on the Address information), using the SSH server as a proxy in the middle.  This means that all traffic between iTeleport and the computer running the SSH server is encrypted.  In most cases, you'll want the SSH server on port 22, running on the same computer as the VNC server.  This is the default option.

Using the optional host field, you can connect in a wide range of ways:

• Host is blank:  This is the default method.  iTeleport assumes that the SSH server is running on the same IP address as the VNC server, and so it uses the Address information to connect to an SSH server on port 22, and then asks the SSH server to create a tunnel to the localhost at the Address port.
  
  
• Host is someserver.example.com:  In this case, iTeleport is told that the SSH server is actually at someserver.example.com on port 22, and so it first connects to it.  After connection, it asks the SSH server to tunnel a VNC connection to the Address hostname and port.
  
  
• Host is someserver.example.com:33:  Same as above, except instead of using the default SSH port of 22, it uses port 33.
  
  
• Host is :33:  This is a shortcut variation on the first example. iTeleport assumes that the SSH server is on the same IP address as the VNC server, but instead connects to it at port 33 instead of the default port 22.
  
  

Warning: if the SSH server and VNC server are not on the same IP address, you need to make sure that the network between them is secure, since all traffic between the VNC and SSH servers is unencrypted.  This is why we recommend having both servers on the same computer (i.e., same IP address).