Virtyx SSH Tunnels

You can easily create a secure SSH tunnel to any computer that you have the Virtyx Agent installed on, regardless of the network topology in between. This is incredibly useful for accessing machines that would otherwise be isolated by firewalls or NAT.

Secure tunnels can be used to access intranet sites, databases, or even use VNC to provide remote support.

While it is possible to create the SSH tunnels with your own SSH client, our recommended approach is to download the VirtyxConnect desktop app which makes the process much easier.

By installing the Virtyx Agent across your infrastructure, you automatically get the ability to securely access any machine from any location, without needing to configure VPNs or extensive firewall rules.

VirtyxConnect

Once you’ve downloaded and logged in to VirtyxConnect, you’ll see a list of all your online agents.

VirtyxConnect agents

Click Open Tunnel next to the agent you’re interested in, and enter the port you’d like to tunnel to.

VirtyxConnect port

Click Start to create the tunnel. The agent will appear at the top of the list with information about the tunnel.

VirtyxConnect tunnel

In this case, using a VNC viewer and connecting to localhost:5900 will proxy over the secure tunnel to port 5900 on the agent. VirtyxConnect will attempt to use the same port number on both ends for simplicity, but if the port being proxied to is already in use on the local system, a random unused port will be selected and displayed.

When you’re finished, simply click the Close button next to the tunnel and you’ll be able to tunnel to another agent.

A Note on Encryption

When connecting your VNC viewer you may see a message similar to this:

Encryption

This is no cause for concern. The connection from the VNC viewer to the local port is not encrypted, but the connection from the local port to the Virtyx Agent is secure.

Virtyx Setup

To use SSH tunnels with the Virtyx Cloud there is a one time setup that occurs. Contact support@virtyx.com to set up your account.

Manual Tunnel Management

If you do not wish to use VirtyxConnect, you can still create tunnels to your agents by using the Virtyx dashboard and your own SSH client. There are actually two tunnels that need to be created in order to communicate with your agent: one from the agent to the Virtyx Cloud, and one from your computer to the Virtyx Cloud.

To create the tunnel from the agent to the Virtyx Cloud, log in to your Virtyx account and go to the tunnel section:

Tunnel Button

Or click the “Open Tunnel” button on any Agent page. You’ll need to select the agent you want to tunnel to and the port you’d like the tunnel to give you access to.

Once you’ve created the tunnel from your agent to the Virtyx Cloud, you’ll need to create the tunnel from your computer to the Virtyx Cloud so that you can send traffic. This process varies depending on whether you’re using a Windows or Unix-like operating system, so we’ve created two sets of instructions: