Accessing remotely your Windows Desktop or Terminal Services at DESY Zeuthen via SSH tunneling using Windows or Linux


1. Setting up the SSH tunnel and connecting from a Linux host
2. Setting up the SSH client and connection from a Windows host
3. Setting up the SSH client and connection from a Mac host

This page shows an example about how to use SSH tunneling to connect to a computer running Windows and the Terminal Server at DESY Zeuthen from outside the DESY network.

To connect to the Terminal Server znapis or to a Windows PC remotely it is necessary to contact the
User Consulting Office in order to be authorized.
Here you can find more information about the Windows Terminal Services at DESY Zeuthen.

1. Setting up the SSH tunnel and connecting from a Linux host

On Linux/UNIX platforms simply the ssh is used to setup the SSH tunnel to access a Windows host from remote. The common syntax is:
ssh -L LocalPort:DestinationWindowsHost:DestinationPort RemoteHost

Example:

ssh -l -C -L 55555:znapis.zeuthen.desy.de:3389 warp.zeuthen.desy.de

From a separate shell/window now we may start the RDP client remmina.
Ubuntu users should use the snap version of remmina. To install it, use the command
snap install remmina


2. Setting up the SSH client and connection from a Windows host

This step must be done on the machine one want to access a DESY desktop (from outside).
The basic concept is to establish a RDP session via a tunnel through a public (Linux) login host.

On windows platforms we have two ways to get access.

2.1. Access via DESY SSH RDP Tool

For easy access to a terminal server or a specific windows 10 client we
developed the DESY SSH RDP connection tool.
This Tool needs .NET Framework 4.7.2 or higher.
The tool creates an ssh tunnel and opens the windows remote desktop client.
Here you can download the desyssh.exe for Windows 10 from the DESY cloud: DESY SSH RDP Tool

An example for
Target: <YourTargetHost>
is:
Target: znmops555

If this tool cannot be executed for security reasons, you can force it:
desyssh.exe --> right mouse button, Preferences--> unblock/allow

Furthermore it is possible to use putty.

2.2. Access via RDP
Please connect preferably to your personal DESY computer and only in exceptional cases to the central Windows Terminal Server znapis.

At first open a command prompt.

To connect to a Windows PC:
ssh <username>@warp.zeuthen.desy.de -L 55555:<pc_name>:3389

To connect to the terminal server:
ssh <username>@warp.zeuthen.desy.de -L 55555:znapis:3389

To connect via RDP to host at DESY, open your remote desktop client on your local computer, typing as computer: localhost:55555, the source port we previously set.

Then please enter WIN\<username> and your password into the login window.


3. Setting up the SSH client and connection from a Mac host

On MAC the ssh is used to setup the SSH tunnel to access a Windows host from remote.

ssh <username>@warp.zeuthen.desy.de -L 55555:<pc_name>.zeuthen.desy.de:3389

The Mac App Store provides the “Microsoft Remote Desktop” for MAC users.
Start the app and then click on “New” to create a new remote desktop connection. Enter the following:

Close the window to save the remote desktop. Click on “Start” to connect to the selected remote desktop (or double-click on the remote desktop). Then enter your user account and password.


Top