Remote assistance, remote desktop...bah!

[opusthe2nd]

I need to do some work on a clients machine, Tiger. I need something that I can use, that will require NO port forwarding on the other end. My clients would burst into flames if I suggested they need to do something technical.

What are my options? I need it to be a gui interface.

 

[DoFoT9]

is this on the same network???? u didnt specify..
if it is, chicken of the vnc is what will do it. make sure remote desktop is turned on on yr client machine.

if its over the interwebz then its alot harder..

ive been trying that method myself, but i couldnt be bothered trying to hard. SSH is to annoying

 

[opusthe2nd]

No, its not local.

SSH is great...just not for this instance.

 

[DoFoT9]

ok im out, ill just stay here to read what the smart people have to say

 

[displaced]

Without port-forwarding, your options are severely limited.

Chat applications such as iChat can traverse firewalls and NAT without port forwarding because each end of the chat connect to the iChat server to act as a relay (since both firewalled ends are able to connect to the iChat server ).

There is a service I've used on PCs regularly called LogMeIn. It takes a similar approach to that of iChat for firewall/NAT traversal, but allows full screen-sharing.

Luckily (although I've not tested it), there's a preview version of LogMeIn for the Mac here.

 

[opusthe2nd]

interesting........

 

[DoFoT9]

OMG just tried that logme in, i signed up and everything and it works like a charm!!!! so easy to use and to set up!!! im ssooo using that from now on!!!

thanks displaced!!!!! so much

 

[displaced]

OMG just tried that logme in, i signed up and everything and it works like a charm!!!! so easy to use and to set up!!! im ssooo using that from now on!!!

thanks displaced!!!!! so much

That's good to hear!

I think I'll give it a whirl on my Mac Mini media centre box -- could be quite handy. It's got us out of some scary situations at work (with Windows machines).

 

[opusthe2nd]

I will too try it this evening. Thanks for the tip.

 

[numlock]

does this logmein work if im on my mac and want to connect to a pc with the pc owner still able to observe?

 

[DoFoT9]

does this logmein work if im on my mac and want to connect to a pc with the pc owner still able to observe?

YES it most certainly does, you can also have 3rd party people observe aswell....from what im aware of.

 

[semaja2]

You could create a application that would simple open a SSH connection to your server, and forward its ports through to you.

Then make the little application launch the VNC daemon.

This application wouldnt take too much effort i believe, BUT i dont have the knowledge in SSH port forwards under unix so... just a bit of research

 

[plinden]

No, its not local.

SSH is great...just not for this instance.

You may have this fixed already with Logmein, but if you have ssh access, you don't need to do anything else on the remote end, apart from enable Remote Desktop.

On your side, you do an ssh tunnel -

ssh user@remotehost -L 5900/127.0.0.1/5900

This passes all packets you send to your local host's 5900 to the remote machine's port 5900.

So using either Apple Remote Desktop if you have it, or Chicken Of the VNC, connect to port 5900 on your own machine, and you'll have full control of the remote machine.

 

[displaced]

You could create a application that would simple open a SSH connection to your server, and forward its ports through to you.

Then make the little application launch the VNC daemon.

This application wouldnt take too much effort i believe, BUT i dont have the knowledge in SSH port forwards under unix so... just a bit of research

Not directly to what I've quoted, but it made me think...

As a piece of proprietary network software, LogMeIn's security cannot be independently assessed, unlike open-source software such as SSH.

Of course, that's not necessarily a reason not to use it! However, you need to keep in mind the security of your client's machines. Take advantage of whatever security options LogMeIn provides. If you're using passwords, make sure they're strong. Also, I'd suggest you ask your client to only have LogMeIn running when you've asked them to (i.e. when you're about to connect). Make sure they close it when you're done. In fact, if you're remotely operating the machine, you could probably shut down LogMeIn yourself as the last thing you do (because it'll kick you out when you do!).

 

[DoFoT9]

On your side, you do an ssh tunnel -

ssh user@remotehost -L 5900/127.0.0.1/5900

uumm what would u put in for remote host???

 

[plinden]

On your side, you do an ssh tunnel -

ssh user@remotehost -L 5900/127.0.0.1/5900

uumm what would u put in for remote host???

Well, you need to know the remote host to able to access it no matter what you use. It can be an IP address.

 

[DoFoT9]

Well, you need to know the remote host to able to access it no matter what you use. It can be an IP address.

aahh ok so IP address it is.. i thout it might be a DNS name or summin. cauz like my name from my server is just to crazy and long to think about.

ok that seems pretty easy now..

 

[displaced]

aahh ok so IP address it is.. i thout it might be a DNS name or summin. cauz like my name from my server is just to crazy and long to think about.

ok that seems pretty easy now..

Be a tad careful with SSH, though. For real security, it needs to be set up with PKI certificates for authentication. If it's using standard password authentication then it's still vulnerable to weak passwords that can be guessed. SSH will really secure traffic sent back and forth once connected, but it's not a panacea

 

[DoFoT9]

Be a tad careful with SSH, though. For real security, it needs to be set up with PKI certificates for authentication. If it's using standard password authentication then it's still vulnerable to weak passwords that can be guessed. SSH will really secure traffic sent back and forth once connected, but it's not a panacea

just got it too work, thanks for the tips i shall rememember that and only use it when needed.

 

[opusthe2nd]

SSH tunnel is fine, but I cant for this. The remote end cant do port forwarding. I need something that will slip in without messing with ports.

My clients are very challenged people!!

 

[semaja2]

SSH tunnel is fine, but I cant for this. The remote end cant do port forwarding. I need something that will slip in without messing with ports.

My clients are very challenged people!!

Thats why you use a solution like mine, where you upload the appliction somewhere, and then simply tell them to download, input password and away you go you have a direct SSH tunnel to their machine, i could make this program if someone can tell me the command to:

Forward the CLIENTS port to the SERVER, so client connects to server, client forwards VNC to server, server then has VNC client which connects back.

PS. This solution basically only requires your machine to have its SSH port open, and you can close, reset passwords etc right after.

 

[opusthe2nd]

Forward the CLIENTS port to the SERVER, so client connects to server, client forwards VNC to server, server then has VNC client which connects back.

Thats the issue. Most people go through a router, which they have no idea how to get into, let alone configure.

 

[semaja2]

Thats the issue. Most people go through a router, which they have no idea how to get into, let alone configure.

I think you failed the see the key concept, the key concept was it was that this is a self contained program that would do the tunnelling and forwarding for the user, all they have to do is click enable and you can connect right in

 

[opusthe2nd]

Ahhhh...gotcha.

 

[jklps]

Would using SSH just within a network that is using wireless MAC address filtering(ie only these MAC addresses allowed in) be ok?