Tunneling Remote Desktop (RDP) Over SSH

Windows remote desktop (RDP) is an extremely useful way to have access to your computer’s desktop from everywhere. Suppose you need to connect to your work computer through RDP but your company’s IT staff configured the firewalls to block all remote connections except secure connections (e.g. SSH). This is just an example scenario where you need to tunnel remote desktop over SSH.

In this hack, we’ll show you how to tunnel remote desktop connections over SSH, and how to remotely connect any internal computer by tunneling remote desktop through the main gateway.

In our examples, we use Plink, a command-line interface to the PuTTY back ends.

Scenario 1: SSH and RDP on the same computer

This is the classic scenario where you want to tunnel remote desktop over SSH. The idea is that you connect to the SSH server on your remote Windows workstation and create a tunnel where your computer will listen on a local port and tunnel it through the SSH server, which will then connect to the local remote desktop server.

Assuming you have remote desktop enabled and SSH is running on the remote Windows workstation, run the following command:

This configures a tunnel so that your computer’s port 3390 is tunneled through SSH to port 3389 on the remote Windows workstation (the RDP server). Now, you can open up Remote Desktop, and type in “localhost:3390″ when asked where to connect. You should see your home/work computer come on up, where you can login as normal.

Scenario 2: Tunneling through the main gateway

Suppose you’re running a small business (or have lots of computers at home), and remote desktop is enabled on each computer. You can’t have that many computers exposed to the Internet directly. Most likely they will connect the Internet through the main gateway.

So, how do you forward RDP through the main gateway? using double-tunnels. The idea is to tell your SSH client to map port 3390 on your computer, through the gateway server, to port 3390 on the remote workstation behind the gateway. Run the following command to establish a double-tunnel:

Once logged into SSH, open up the remote desktop client, point it at “localhost:3390″, and you should see your home/work computer come on up, where you can login as normal.