Remote support

Overview

This page is about getting the ability to remotely connect to computers for FreeGeek tech support. This would allow us to do more complicated tasks over the internet instead of requring users to bring in the system.

Options

Reverse VNC connection to tech support: This would work by having the user initate a connection to a VNC server running in 'listen' mode on tech supports end. This would give us full graphical access to the user's system.

Reverse VNC over SSH tunnel: Same as above but with ssh encrypting the connection. Would require an ssh server running at freegeek which all users can easily log in to.

Installing SSH by default on FreekBoxen: This would allow us access to all freekboxen using ssh. We would use a username and password specific for tech support. We would want to disable access to oem over ssh, and possibly setup ssh so that it will only accept connections from freegeek (using keys, or whitelisting our IP).

K.I.S.S.

In order to keep things simple we will need to create a package which can run a simple GUI to initiate the connection. This would also allow us to only enable ssh or vnc on the users system when needed. We currently have a script written for VNC.

To use ssh we'd want a way for the boxes to 'phone home' with an ip address (to avoid complications, and save time). This could be part of the script we use, but we'd need a way of logging it here at freegeek so tech support can view the information.

Caveats

All of these methods more or less pose some type of security risk, either to freegeek, our users, or both. We will need to make sure that whichever method we choose is as secure as possible.

We'll want to keep dial up users in mind.

Obviously this wont fix internet problems, but those are usually hardware or isp issues.