Microsoft Remote Desktop through ssh-forwarded port
Solution 1:
Don't forward local port 3389, various versions of Remote Desktop are too smart for their own good.
My usual steps involve forwarding local 3390 to remote 3389. Then, in MacRDC I use: localhost:3390
as the address to connect too.
I don't know if you're using anything to assist in the ssh connection setup, but from the command line, it would be something like:
ssh -L 3390:172.16.5.32:3389 [email protected]
Where;
- 3390
is the local forwarding port on my box.
- 172.16.5.32
is the remote windows host. and;
- 3389
is the Remote Desktop Port (obviously).
Solution 2:
On your mac, perhaps try out this solution:
- install sshuttle ( implements ssh tunnel/proxy, but also implements some routing changes ) ( https://github.com/apenwarr/sshuttle.git )
-
configure sshuttle to only route for the ip address of the windows box you want to reach:
sshuttle --dns -r [email protected] 1.1.1.1/32
Replace:
1.1.1.1/32 with the ip address of the windows host. If there are a number of hosts you need to access and they are in the same subnet, you can just change the /32 to something wider, say /24.
Fire up your Mac RDP client and attempt to access the IP address of the Windows machine. Perhaps can use the hostname if you are also forwarding DNS queries to the box you are using as a bridge.
This is a variation of the -D3389 method, but employs the socks proxy features of ssh.
Solution 3:
The Windows Remote Desktop implements more authentication and encryption algorithms specific to Windows. This happened to us often, in fact we're forced to use Windows Remote Desktop by our network administrators as we're using authentication methods OSX doesn't implement. Let's cross fingers and hope Microsoft releases a match for the Windows-grade Remote Desktop asap.