dvdgc13
Шуро#putty + #vnc = #teamviewer with #freesoftware and #GNU #Linux
Do you want to setup a private and free teamviewer alternative ?
putty and vnc (one of the many free vnc server available online) can help you.
On windows:
install putty
install vnc,
1. set a password that you will have to share with helpdesk user and
1. allow loopback connections ("Access Control" tab -> right-bottom)
On your SSHSERVER install puttygen
$ sudo apt install puttygen (putty.exe needs its own public/private key format. You can transform public/private ssh key with puttygen.exe, but I think it's better to generate the "right" ones directly from GNU/Linux)
# became your helpdesk user
$ su - helpdesk
# generate your public/private keys pair passwordless for **easy** and **secure** access to helpdesk account
$ cd ~/.ssh
$ TIMENOW=$(date -Iseconds)
# type ENTER two times when it asks for passphrase
$ puttygen -t ed25519 -b 256 -C "passwordless key for remote assistance by puttygen $TIMENOW" -o puttykey-passwordless.ppk
$ puttygen puttykey-passwordless.ppk -O public-openssh -o puttykey-passwordless.pub
$ puttygen puttykey-passwordless.ppk -O private-openssh -o puttykey-passwordless.priv
$ cat puttykey-passwordless.pub >> ~/.ssh/authorized_keys copy puttykey-passwordless.ppk into putty.exe directory on windows (USB key, mail, winscp)
to expose VNC service, in a windows terminal type:
putty.exe -N -sessionlog "log\logVNC_&H-&Y&M&D-&T.txt" -C -i puttykey-passwordless.ppk -R 6859:127.0.0.1:5900 -P 22 helpdesk@SSHSERVER to expose RDP service, in a windows terminal, type:
putty.exe -N -sessionlog "log\logVNC_&H-&Y&M&D-&T.txt" -C -i puttykey-passwordless.ppk -R 6833:127.0.0.1:3389 -P 22 helpdesk@SSHSERVER Then, on your GNU Linux server, with helpdesk user, type
rdesktop 127.0.0.1:6833 or
xtightvncviewer 127.0.0.1:6855 In this way you have open a port (6833 or 6855) on your linux ssh server, coming from your windows PC.
If you run an rdp or vnc client on localhost:port (on SSHSERVER) , you connect the remote service listening on the remotehost:port (on windows PC)
In this way you can "climb upstream" over the connection started form windows to provide the requested service (remote assistance) that in other way would be inaccessible.
For security reason, I suggest you to add at the bottom of your _/etc/ssh/sshd_server _:
# restrict helpdesk user
Match LocalPort 23456 User helpdesk
AllowUsers helpdesk
PasswordAuthentication no
AuthenticationMethods publickey
# VNC
PermitOpen 127.0.0.1:6859
# RDP
PermitOpen 127.0.0.1:6833
AllowTcpForwarding yes
AllowAgentForwarding no
X11Forwarding no
PermitRootLogin no
PermitTTY no
PermitUserRC no
PermitTunnel yes On Linux type:
$ ss -ltpn | egrep "(6833|6859)" to verify that ports are open.
On windows, type
netstat Have fun with #FreeSoftware, and stay away from #monopoly and #ClosedSoftware
PaoloPì
#putty + #vnc = #teamviewer with #freesoftware and #GNU #Linux
#putty + #vnc = #teamviewer with #freesoftware and #GNU #Linux Do you want to setup a private and free teamviewer alternative ? putty (https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html) and vnc (https://www.tightvnc.com/download.html) (one of the many free vnc server available online) can help you. On windows: install putty (https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html) install vnc (https://www.tightvnc.com/download.html), 1. set a password that you will have to share with helpdesk user and 1. allow loopback connections ("Access Control" tab -> right-bottom) On your SSHSERVER install puttygen $ sudo apt install puttygen (putty.exe needs its own public/private key format. You can transform public/private ssh key with puttygen.exe, but I think it's better to generate the "right" ones directly from GNU/Linux) # became your helpdesk user $ su - helpdesk # generate your public/private keys pair passwordless for **easy** and **secure** access to helpde...