Hi Paul,
I don't use ARD and wanted to just screen share with my Xserve (10.5.1 co-located at an ISP) running via VNC (using JollysFastVNC and Screen Sharing) from my local PowerMac G5 (10.5.1).
Here's what I did:
ARD wasn't needed, and in fact, since a recent update, caused me to not be able to log in at all. You can't have both Screen Sharing and ARD running at the same time, so I turned off ARD and just left Screen Sharing on in Sharing Sys Prefs.
Avoid use of VNC over normal ports 5900-5903 as it is insecure. Apple uses some encryption with Screen Sharing but it is still over those ports and I don't trust it like I do SSH. I SSH tunnel into my Xserve (you need SSH port 22 open) using:
*ssh -4 -L 9999:127.0.0.1:5900 user@my.xservehostname.com -p 22*
Normal VNC ports are closed on the server's firewall.
This creates a local forward SSH tunnel from unused port 9999 to the Xserve's port 5900 behind it's firewall and I connect to it using my VNC clients with 127.0.0.1:9999 and the Xserve's Screen Sharing password for controlling. Screen Sharing, on the client, asks for the Xserve user's login password when connecting however (??). Screen Sharing's prefs can be set to the faster secure authentication. Jolly's VNC client is still faster and has better mouse response.
I had problems with +ssh -4 -L 9999:localhost:5900 user@my.xservehostname.com -p 22+ for some reason it would fail randomly if I substituted localhost for 127.0.0.1 (??).
More on ssh tunnels:
http://www.securityfocus.com/infocus/1816
I previously figured out a way to set up Screen Sharing remotely if you have ARD screwing you up, or something similar.
http://discussions.apple.com/thread.jspa?threadID=1312397&tstart=45
Also, if you use exchanged SSH keys you can log in without a password. Generate your client and server keys with 'ssh-keygen' and copy your clients '~/.ssh/id_dsa' contents over to the server's '~/.ssh/authorized_keys' file (create if necessary - MacRoman with Unix line endings). See 'man ssh' for more info.
Larry