How to RDP over an SSH tunnel

You can use this trick to access your home PC from a remote PC (like your work PC). Instead of using Teamviewer or other similar software. You can setup up your own encrypted and secure tunnel to work thru. The requirements are basically to have an SSH accessible server in the same network as the PC you want to access.

Server Side Requirements:

  1. Windows PC that you want to connect to (example local IP:
  2. Linux server with SSH in the same network as the Windows PC (example local IP: over port 22)
    1. This can be a virtual machine running off the Windows PC (just as long as it is accessible from the router; so make sure you use a Bridged Network Adapter)
  3. Internet access to the Linux server SSH (example WAN IP:
  4. This can be achieved by setting up a port forward on your router to send traffic destined to port 22 (or any port) from your Router to the Linux server’s port 22.
    1. Example1: route traffic hitting on TCP port 22 to internal port TCP 22 on (example: we port forwarded port TCP 22 from the router to 22 on the linux server)
    2. Example2: route traffic hitting on TCP port 12345 to internal port TCP 22 on
  5. Enable RDP on your Windows PC:
    1. Control Panel -> System and Security -> System -> Change Settings -> Remote -> allow RDP connections && uncheck the box “Allow Connections only from computers running Remote Desktop with Network Level Authentication (recommended) -> Select Users and add the Windows User[s] that will be connecting to the RDP

Client requirements

  1. For Windows machines connecting to the rdp tunnel: Make sure your Windows client has Cygwin installed with ssh program (The windows client is the one used to connect)


  • Verify the setup works by SSHing to your Linux server from a remote location.
  • Also if you can try to connect to your RDP from another PC in your home network. Windows+R then type “mstsc /v:

How to connect from a Window PC:

For the sake of the example I will use the IPs highlighted as examples.

Open cygwin and run “./sshrdp_cygwin.sh root 22” then put in your SSH password. Then the RDP window opens and put in your Windows Login credentials

You can then make an alias in your ~/.bashrc script to alway connect to your homepc (assuming you put sshrdp.sh into your /usr/bin directory).

alias homepc=’/usr/bin/sshrdp_cygwin.sh root 22′

From then you can just type homepc on your cygwin and it will launch up

Connect from a Mac

Follow the same steps as Windows but use this script instead. Also since MACs don’t have mstsc. You will need to install and open up RDP software manually each time a tunnel is setup. The sshrdp script will prompt for your SSH server address & give you instructions like

“Open RDP to localhost:10000”

Then you will need to login with your Windows credentials

Here is the MAC version of the same script:

Similarly, you can setup an alias to use on your MAC terminal, except you will need to put it in your ~/.bash_profile instead of your ~/.bash_rc (if I recall correctly, that is how it is done with MACs)

alias homepc=’/usr/bin/sshrdp_mac.sh root 22′

Then you can access your home pc by simply typing homepc.

Connect from a Linux Server

You probably just use the MAC steps – although I am not sure and have not tested it. The line of code with the netstat command might need a change / edit.


Bash convert seconds to human readable

function displaytime {
local T=$1
local D=$((T/60/60/24))
local H=$((T/60/60%24))
local M=$((T/60%60))
local S=$((T%60))
(( $D > 0 )) && printf ‘%d days ‘ $D
(( $H > 0 )) && printf ‘%d hours ‘ $H
(( $M > 0 )) && printf ‘%d minutes ‘ $M
(( $S > 0 )) && { (( $D > 0 || $H > 0 || $M > 0 )) && printf ‘and ‘
printf ‘%d seconds\n’ $S; } || printf ‘\n’

-bash-4.1$ displaytime 604800
7 days
-bash-4.1$ displaytime 604801
7 days and 1 seconds
-bash-4.1$ displaytime 800
13 minutes and 20 seconds
-bash-4.1$ displaytime 780
13 minutes


Wrong Port Connected Check With ifconfig

We need to run ifconfig and look for the status line.

Remember this about ifconfig output:

* if “status: active“, the port is linked up and sending traffic (now you just need to make sure it has an IP for it to be able to communicate on a network). You can see it is sending traffic with tcpdump -i <port>
(hit Control-C after a few seconds; even ports that are linked up w/ a missing IP should still be sending out and receiving some L2 switch traffic: STP, ARP, LLDP)

* if “status: no carrier“, the port is not linked up and therefore not sending traffic . If you run tcpdump on this port, you will see 0 packets.

* if “status:” line is missing, then the port is disabled. Enable it w/ “ifconfig <port> up” to see if it has a link (you can optionally disable the port afterwards if you see it has no carrier using “ifconfig <port> down“)


Grepping Thru All Rotated Logs

If your system gzips and rotates your logs.

You can use this trick to search thru all of them.

# zgrep -i — “SEARCHTERM” $(ls -1Str /var/log/messages*)

Another way

# zgrep -i — . $(ls -1Str /var/log/messages*) | grep “SEARCHTERM”

Sidenote: if you get an error try to replace “zgrep” with “zegrep”


A good free syslog server

Personally, I just tried “Syslog Watcher” version 5.0.4 and it does a good job. I can start it by hitting “Start Server” then configured syslog clients to point at it. You can click on a message, then it will show up in the message view with every detail. Additionally you can hold Control and Mouse Wheel Down or Up to zoom in or out (just like in Notepad++)

Of course everyone is aware of Kiwi Syslog Server. I find Syslog Watcher more interesting, but that is just me.


Find UPNP devices on your network – ex: ReadyDLNA or UPnP routers

Got info from here: https://stackoverflow.com/questions/18363833/how-can-i-list-upnp-server-renderer-in-command-line-console-mode-on-linux

Get the Upnp test tools

Example 1:

Find all Upnp devices (note their target names start with urn:…. It will hint at what service it is, ex: Layer3Forwarder, MediaServer, etc..)

Example 2:

Find DLNA servers which are served via Upnp (which has a target of MediaServer, urn:schemas-upnp-org:device:MediaServer:1)

The end


bash simple variable substitution

You can use bash to do simple substitutions of variables, just like you can with sed. The bash trick turns out to take up less characters (bytes).

Lets set some variable

To replay it back:


Output of both:



To do a simple substitution of the value/contents of a variable structure it like so. Put in the from part the thing you want to change (it can be a char or some chars), then it will replace them with the part you put in to (which can be a char or several chars). Note if mentioning special chars to escape them (example \ needs to be \\). Spaces are not considered special chars in this case.

echo ${VAR//from/to}

Then all of the parts that are from will change to to when the variable VAR is called.

Example 1

Lets replace all s with a S. You have to use the second notation type and add some parameters


  • Note: sed can be used to do the same substitutions



Example 2

Let replace all is with IZ


  • Note: sed can be used to do the same substitutions



Example 3 – filenames with spaces

What about converting an absolute path which has spaces to something with escaped spaces (backslash followed by space)


We convert spaces ” ” to “\ ” however in bash to print a backslash “\” we need to put an extra one “\\”


  • Note: sed can be used to do the same substitutions


The end.


Bash scripting dealing with any characters in strings or filenames

Imagine a file list, list.txt, like this one

Naturally you could deal with it like so

Or just use the $i variable as its already the file and do a one liner like this:

cat list.txt | while read i; do dosomething "$i"; done This will dosomething against image1.jpg, image2.jpg and image3.jpg.

Easy simple loop.
Now imagine a file list with special characters like this one, listB.txt:

The same loops will not work and will error out. So you have to treat them like so:

Note: do not put quotes around the eval.

This will then properly process the files as it will naturally escape them.
It will properly run dosomething against those 5 files.

How does it do that? You can print out the FILE variable to understand. It simply backslashes (escapes) all of the special characters.


Sidenote: from talking with others, nohup dosomething &> whatever &  can be weird if dosomething has to operate on file with special characters. Instead its better to put it in the background and then just disown it, like so:


The end.