Silk Road forums
Discussion => Security => Topic started by: kvalitetsbevisst on December 14, 2012, 11:58 am
-
In you experience, what is the best setup to remote control a PC over the internet?
It could be either a remote control method for a Linux or Windows PC, the only criteria I have is that I need a GUI (not a basic SSH shell).
If anyone has any reccomendations, please let me know :)
-
Google TeamViewer.
Easy, free, reliable, many features.
Edit: I overlooked the "secure" part, dumb suggestion
-
It has crossed my mind, but I'm not really sure if I feel safe using that one.
A complex password might help me along the way though .. but for some reason it just feels strange relying on TeamViewer :p
Is there any way to get a GUI remote through the SSH protocol, though? I'd be more comfortable using something that I can set up for my self and where the traffic only goes from one computer to another (over an encrypted tunnel on the internet, of course).
-
Use something open source and independent of third party servers. I don't know how teamviewer works but I would use VNC viewer/server through an encrypted tunnel.
-
ssh -X you@your-server
with the -X flag you can run apps over the network as long as you have an x server on the machine you're connecting from, which Linux desktops do.
Otherwise just use VNC with tight security settings, or using ssh tunnelling
-
Thanks, woahmang & StrangeHands. That sound more like what I had in mind.
-
TeamViewer (and all proprietary software for that matter) sucks massive donkey dick and is definitely not safe. Use VNC and tunnel it through SSH. That solution is cross-platform too so it'll work on Linux, Windows, Mac and even Android.
-
I have used Radmin a few years back. Alot of EDU's use this espcially in Asia. Look into it. Fast and easy.
-
I have used Radmin a few years back. Alot of EDU's use this espcially in Asia. Look into it. Fast and easy.
Proprietary, therefore unsafe, 100% too expensive and just generally evil.
-
ssh -X you@your-server
with the -X flag you can run apps over the network as long as you have an x server on the machine you're connecting from, which Linux desktops do.
Otherwise just use VNC with tight security settings, or using ssh tunnelling
ssh is the best way ;)
or a pptp dial in .... lol, im joking :D
-
ssh -X you@your-server
with the -X flag you can run apps over the network as long as you have an x server on the machine you're connecting from, which Linux desktops do.
Otherwise just use VNC with tight security settings, or using ssh tunnelling
ssh is the best way ;)
Now I've had a think about it, I'm not actually sure ssh -X is best. VNC is basically a "remote framebuffer" and deals mostly with pixels, mouse movements and so on. X11 is an enormous API with loads of surface area (for information leakage) and although it was supposed to be used over the network most people use it locally, so the Firefox and Bitcoin devs don't use it over the network and it's unlikely to be optimized for this use-case.
So VNC is probably better because it's simpler and less well integrated into your system. If someone hacked into a server you were VNCing into the worst thing they could get access to is your clipboard, I'm not even sure how much information could be leaked to someone who'd broken into your ssh server but I suspect it's lots.
Of course ssh -X is really easy to set up and offers great protection against an eavesdropper so I guess it depends on how secure you need to be, it works well enough for me anyway.
-
ssh -X you@your-server
with the -X flag you can run apps over the network as long as you have an x server on the machine you're connecting from, which Linux desktops do.
Otherwise just use VNC with tight security settings, or using ssh tunnelling
ssh is the best way ;)
Now I've had a think about it, I'm not actually sure ssh -X is best. VNC is basically a "remote framebuffer" and deals mostly with pixels, mouse movements and so on. X11 is an enormous API with loads of surface area (for information leakage) and although it was supposed to be used over the network most people use it locally, so the Firefox and Bitcoin devs don't use it over the network and it's unlikely to be optimized for this use-case.
So VNC is probably better because it's simpler and less well integrated into your system. If someone hacked into a server you were VNCing into the worst thing they could get access to is your clipboard, I'm not even sure how much information could be leaked to someone who'd broken into your ssh server but I suspect it's lots.
Of course ssh -X is really easy to set up and offers great protection against an eavesdropper so I guess it depends on how secure you need to be, it works well enough for me anyway.
Excellent point. Even in the man page it hints at some of the problems:
-X Enables X11 forwarding. This can also be specified on a per-host basis in a configuration file.
X11 forwarding should be enabled with caution. Users with the ability to bypass file permissions on the remote host (for the user's X authorization database) can access the local X11 display through the forwarded connection. An attacker may then be able to perform activities such as keystroke monitoring.
At least -X is better than -Y :P
-
Glue it to an RC car. There you go remote control PC :D
-
Glue it to an RC car. There you go remote control PC :D
Ahahahaha +1 ;D
-
Is there any way to get a GUI remote through the SSH protocol, though?
Not sure if this has been said but you can use ssh to port forward any port you want. Then run a VNC connection over
that ssh port forward connection.
http://www.cyberciti.biz/tips/tunneling-vnc-connections-over-ssh-howto.html
-
ah, lots of great feedback here. thanks to all of you, I will take my time and look into the best solution for me.
-
subscribing this.