Windows Remote Desktop Using PuTTY

Windows "Remote Desktop" or "Terminal Services" is a feature available in modern Windows systems that allows you to login to a Windows computer over the network. Since direct connections to internal JLab systems are not allowed from the internet, to make such a connection from offsite, you must use software (either VPN or ssh/PuTTY) that creates a secure connection or "tunnel". This technique can be used to connect to individual Windows desktops (if properly configured), or designated Windows terminal servers on site.


  • On the off-site system, you must have a "secure shell" or "ssh" client that allows you to do tunneling.  Recently, Microsoft has begun providing a Secure Shell client (based on OpenSSH) on Windows 10 systems. For older Windows systems, we suggest the PuTTy SSH and telnet client.
  • On the off-site system, you must have a remote desktop client program, included with Windows.
  • You must know the name of the your Windows computer on site. Either your Windows desktop, or the JLABTS terminal server.
  • If you normally have to use a smartcard to log in, you will need to have the appropriate smartcard drivers, reader, etc. installed on the off-site system. This is normally doen automatically when you plug the smartcard into a system the first time.

Simple Instructions

To simplify the process of logging in using ssh/.PuTTY and launching the remote desktop client, the computer center has created a simple script. You just need to download and unzip the script onto your remote system, then double-click the "JLabRemote-CUE.vbs" script and answer a couple of questions (username and which system you want to connect to).

Here is the script:

  1. Right-Click the link above and use "save link as" to save the file onto your desktop.
  2. On your desktop, extract the zip file (it contains only 1 file) onto your desktop (right-click the file and select "Extract All")
  3. The file JLabRemote-CUE.vbs can now be double-clicked to start up your connection.

Manual Instructions

These manual instructions are for advanced users. If you would like more detailed instructions, scroll down or click here. These instructions assume you are using a Windows system from off-site

with PuTTY.

  • In PuTTY the configuration settings are as follows:
    • Session->Hostname:
    • SSH->Tunnels->Source Port: 3391
    • SSH->Tunnels->Destination: <computername> (or for the Windows terminal server)

With Windows 10's native OpenSSH Client

  • Enter the following command (without the quotes) -- "ssh -L <username>" substituting you username for "<username> and the desired system in place of JLABTS if you wish to connect to a different system.
    • Enter your JLab/CUE password when prompted
    • You should get a prompt similar to "login2% "

Remote desktop client -- 

  • Run the Windows remote desktop client from the start menu.
    • When prompted for "Computer", enter "localhost:3391"
    • Click "Connect", then login to the desired target system with your username and password or smartcard as usual

Detailed Instructions

Stage 1:

  • Install PuTTy, available at the link above, and run it.
  • Under "Category" on the left, expand "SSH" and scroll down and click "Tunnels"
    • On the right under "Source port" type "3391"
    • Under "Destination" type "<targetcomputername>" replacing <targetcomputername> with, you guessed it, the Target on-site Computer's Name. (or jlabts, as mentioned above)
    • Now click "Add" and a new entry will appear in the "Forwarded Ports" box.
  • Under "Category" Click "Session"
    • On the right under "Host Name (or IP address)" type "" (without the quotes)
    • On the right under "Saved Sessions" type "jlab" (without the quotes)
    • Click "Save" and "jlab" should appear in the list below "Saved Sessions"
  • Now, in PuTTY, under "Saved Sessions" double-click "jlab"
    • Log in with your CUE username and password
    • Minimize or otherwise forget about PuTTy for now, it is doing its job
    • Once you close the RDP session, log out of the putty session.

Stage 2:

  • Open Remote Desktop Connection in Windows.
    • Start->Programs->Accessories->Remote Desktop Connection
    • For "computer" you will put "localhost:3391" (without the quotes)
    • Click "Connect".
    • You may be warned that the remote computer's identity cannot be verified. Click "yes" if you have followed the above instructions correctly, otherwise click "no" and double check your configuration.
    • You should now see the login screen of the target on-site computer
    • Enter your username as "jlab\<username" (eg. jlab\johns) and password to Login
JLabRemote-CUE.zip1.22 KB