For your xstartup file in ~/.vnc (the “.vnc” folder in

your home directory), you need the following:

#—————————–

#!/bin/sh

# Uncomment the following two lines for normal desktop:

# unset SESSION_MANAGER

# exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources

xsetroot -solid grey

vncconfig -iconic &

xterm -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &

gnome-session &

# twm &

#————————

instead of uncommenting the lines as the script suggests, you change the window manager to gnome-session

make sure restart vnc4server

The line which got Gnome working was “gnome-session &”

========================================

Now for all the steps involved (works in Karmic Koala Alpha 2, Ubuntu 9.10, kernel 2.6.30-10)

1. Install ssh server, ssh client, VNC viewer, VNC server, and xinetd

sudo apt-get install openssh-server openssh-client vnc4server xinetd vncviewer

2. Setup the ssh password for your login

ssh-keygen

3. Test out the ssh server by typing in

ssh localhost or ssh your_login@your_ip_address

4. Then create a vnc password

sudo vncpasswd ~/.vncpasswd

5. Edit the xstartup file in ~/.vnc directory

For your xstartup file in ~/.vnc (the “.vnc” folder in

your home directory), you need the following:

—————————–

#!/bin/sh

# Uncomment the following two lines for normal desktop:

# unset SESSION_MANAGER

# exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources

xsetroot -solid grey

vncconfig -iconic &

xterm -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &

gnome-session &

# twm &

————————

instead of uncommenting the lines as the script suggests, you change the window manager to gnome-session

6. Create a VNC desktop

vnc4server :1 -geometry 1024×768

7. Then to tunnel into your VNC desktop, first create a SSH tunnel by logging into SSH with the comand:

ssh -L 5901:your_ip_address:5901 your_username@your_ipaddress

8. Finally, load up your VNC desktop

vncviewer localhost:1

And now you are ready to use connect to your machine remotely and use administer the computer remotely.

P.S: If you are using a firewall (hardware or software, you need to get enable port forwarding and unblock ports 22 and 5900-5999 on the Ubuntu machine to allow SSH and VNC to be accessed.

ssh -R 10002:localhost:22 middleuser@middle

This will open port 10002 for listening and forward all future connections to port 22 at destination. This connection must remain on the entire time to ensure that you can access your destination computer whenever you want.

Now if sshd is set to use GatewayPorts you should be able to connect with this:

ssh destinationuser@middle -p 10002

If you are not sure if GatewayPorts is on or you don’t have the access to change it use the following method to connect:

First connect to the middle computer how you would normally.

ssh user@middle

Then connect to the localhost of the middle computer on port 10002.

ssh user@localhost -p 10002

Note: The port 10002 is arbitrary you can use any port you want.

You should now be remotely logged into your computer behind the NAT/Firewall. Enjoy.

Content copied from :http://www.marksanborn.net/howto/bypass-firewall-and-nat-with-reverse-ssh-tunnel/

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
f2:92:1d:da:81:2a:d7:16:0a:48:f0:43:20:1c:f4:b5
………………..

The simplest way to deal with this is to remove the ~/.ssh folder, however this clears out all the exchanged keys with all the ssh machines you have ever communicated with. Removing the ~/.ssh folder would mean that each time you reconnect to a SSH server that you have previously connected to, you will have to confirm that the connection is secure and all that.

There is however another simple way to change just the entry for a specific server in question. At the terminal type in -

ssh-keygen -R name_of_the_server.com

name_of_the_server.com in the above example would need to be replaced by the actual server name that you are trying to connect.