Stories
Slash Boxes
Comments

SoylentNews is people

How do you Remotely Manage the Family's Computers?

posted by martyb on Sunday April 30 2017, @01:22PM   Printer-friendly
from the Ask-Soylent dept.

An Anonymous Coward writes:

Recently, someone in my family was not able to get into their home PC with their password, and called for assistance. This means having to drive down to the machine to see what they are doing, and log in with the appropriate account that can reset that password. Work commitments preclude driving there right away to see what is happening, and I am trying to locate a remote access solution. If they were logged into the machine, I could use some sort of remote assistance tool, but that is not an option in this case. There is the possibility of setting up SSH or OpenVPN to access the machine via the Internet, but I am not certain leaving those tools running all the time is the smartest idea in this day and age.

What recommendations do the Soylent community have for securely managing a machine over the Internet when someone is not logged into it?

Original Submission

 
This discussion has been archived. No new comments can be posted.
How do you Remotely Manage the Family's Computers? | Log In/Create an Account | Top | 78 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Informative) by Anonymous Coward on Sunday April 30 2017, @02:18PM (1 child)

    by Anonymous Coward on Sunday April 30 2017, @02:18PM (#501858)

    For someone I regularly help i.e. parents, then I have OpenVPN running permanently on a standalone linux box on the same LAN. You could also get away with a Pi or similar instead if you're concerned about power and footprint. It connects _out_ from their network to a server I control, so it doesn't directly expose their network to the Internet. Then iptables can be configured with NAT and Masquerade targets as appropriate on both ends of the VPN tunnel so less need to think about configuring networking and routing, if that's not your forte.

    This gives me access to their their LAN. From there I have TightVNC running in service mode on their Windows machines, restricted to accepting connections from certain private IPs only. Service mode TightVNC allows full desktop access even if no-one's logged in to the machine. If your target machine is Linux or MacOS instead of Windows, well you can access SSH over the VPN tunnel instead, it's still not exposed to the Internet so is fine.

    Starting Score:    0  points
    Moderation   +5  
       Interesting=2, Informative=3, Total=5
    Extra 'Informative' Modifier   0  
    Total Score:   5  

  • (Score: 3, Interesting) by opinionated_science on Sunday April 30 2017, @04:31PM

    by opinionated_science (4031) on Sunday April 30 2017, @04:31PM (#501898)

    I have used something similar. One pro-tip I would give, is get a UPS for both machines (yours , the modem, network etc and the pi - and their PC).

    Dirty power/lightning can mess with delicate electronics...