Ask Slashdot: Options For FOSS Remote Support Software?

Albanach writes "I'm sure I'm not alone in being asked to help friends and family with computer issues. These folk typically run Windows (everything from XP onward) or OS X (typically 10.4 onward). Naturally, desktop sharing is often much easier than trying to talk the other end through various steps. I've found free sites like join.me but they don't work with OS X 10.4, neither does the Chrome plugin. I'd also prefer not to compromise security by using a third party in the middle of the connection. Is there a good, free solution I can run on my linux box that supports old and new clients that run Windows, OS X and possibly linux? I'd love it if the users could simply bring their systems up to date, but that doesn't solve the third party issue and it's not easy when it requires a non-trivial RAM upgrade on a Mac Mini."

You've really never heard of VNC?

[Nimey]

Because that's what you want.

Re:You've really never heard of VNC?

[Albanach]

I'm the submitter. I presume your friends and relatives are stunningly more technically adept than mine.

I have personally been using VNC for over a decade. Judging by your /. uid, that's probably a good bit longer than you.

How about you take a moment to read the question. I'm looking for remote support software similar to join.me or the chrome plugin. That means the other end uses their browser, goes to the URL I give them and with as little other input as possible, I can share their desktop.

That does not describe VNC. I already have a vnc/ssh based solution. It's convoluted and yes, they find it difficult. Perhaps you've never assisted folk in their 70s with IT, but yes, for many, something that simple is difficult. It's difficult because it's unfamiliar. They use their web browser and they use email. That's what they know about their computer.

Now VNC may be part of the solution - indeed I would fully expect that. But not plain old vnc or a combination with SSH. The end user shouldn' t need to locate software, open firewall ports, execute shell scripts or type convoluted SSH commands.

Finally folk do, frequently ask me for advice. They do so for the simple reason that I try and give them a solution that meets their needs. That solution is not VNC or I wouldn't have posted the question. I think if you'd read the question rather than trying to get the first moral superiority post you might have realized that.

VNC?

[Dan+East]

VNC is probably the most prolific remote access client / server software in existence. It is open source, although some companies have created enhanced functionality on top of VNC which is available as commercial products. OSX supports VNC type remote access natively.

Reverse VNC

[InfiniteZero]

Other posts have already mentioned VNC, naturally. But more specifically, what you want is reverse VNC. You set up a VNC listener, and firewall port forwarding etc. on you end. Then ask the user to download a simple server executable (e.g. tvnserver.exe in the case of Windows/TightVNC) and connect to your IP address.

Re:Reverse VNC

I completely agree... I've been doing this for many years. The main advantages are:
  - Nobody has an internet-exposed vnc server
  - The people you're supporting don't need to make holes in their firewall
  - As the OP requested: no 3rd party for the connection to go through (a boon to both latency and security)
  - FOSS

For ease of use, make a .bat file on their desktop that gives them icon to click that:
  - starts the vnc server service (i.e. net start vncserver)
  - tells the vnc server to add a new client (the name you've registered with dyndns).

When they want to share their screen with you, you'll need to be running the vnc listening viewer first, and have an open port on your firewall.

Re:teamviewer

[BoogeyOfTheMan]

I have to agree. It may not be OSS, but it is free for non-commercial use and it works on Windows, Linux, and OSX. You can even use it from an Android device to control someones machine. I've used it on Windows and Linux to control other Windows and Linux machines, on Linux to control a machine running OSX, and on Android to control my Linux machine when I wasnt at home.

If you can walk someone through downloading, installing and running something, TeamViewer is perfect. Once its running, all you need to have them do is tell you their ID number and passcode, which is prominently displayed when TV is running.

I use it a lot to help my friend whos a complete computer newb to fix and/or learn things.

PuTTY with VNC

I've been helping my now 83-year-old dad since the Win2K days using this solution:
- On dad's machine, install VNC server and PuTTY SSH client
- Set the VNC server NOT to run in service mode.
- Set the VNC server to accept connections from localhost (That used to be a registry setting, but it might be the default now)
- Set up a user called "sonarman" on my Linux machine. sonarman's shell is a script that loops forever, printing the date and hostname, then sleep 60.
- Set up a public/private keypair so sonarman can log into my linux machine without a password
- Set up a PuTTY session for sonarman that uses the private key to connect, and that forwards some port on my linux machine to the VNC server port on my dad's computer (5901)
- If necessary, tell Windows to allow PuTTY.exe to go OUT through the Windows firewall.
- Created a folder on dad's desktop called "Get help from Mike" - inside are two windows shortcuts, one to start sonarman's ssh connection to form the encrypted tunnel, and one to start the VNC server.

So when dad has a problem, he calls me, he opens the "Get help from Mike" folder, and double-clicks the PuTTY shortcut. When he says "OK, it's showing me today's date", I tell him to double click the other shortcut, and he tells me when the VNC icon shows up in the notifications area.

Once that's done, I connect a vncviewer to localhost:<whatever port I set up>, and I have a view of and control of Dad's desktop.

He can't do any harm to my system, because sonarman's shell doesn't accept any input.
Because his computer is initiating the connection, he doesn't need a fixed IP, nor any holes through the firewall besides the *outgoing* ssh connection.
My linux machine has an entry in DynDNS, and dad's PuTTY connects to my machine by hostname, so as long as my dyndnsd keeps the name up-to-date with Comcast's periodic re-assignments of my IP address, dad's computer can always find mine.
My firewall must be configured to allow incoming ssh connections (but I want that anyway).

Re:TeamViewer

[asmkm22]

I'm going to second this. It's free for non-commercial use, so it's great for helping out family and friends. It's really easy to use and, like the poster said, there's no install needed. Just make sure they hear you correctly and go to "teamviewer.com" and not "teenviewer.com". I had that happen once, and it was a bit awkward.

Re:teamviewer

[number11]

And my mom has no idea how to configure the firewall on her router or enable port forwarding. And neither do I since I have never seen her router

Vnc is useless if mom can't get it to work

UltraVNC has a "single click server". You configure (via UVNC's website) a custom server that is a single 166K executable file that requires no installation and is hardwired to connect to your computer, and (when the time comes) you run your VNC viewer in "listen" mode and have them doubleclick the icon. Since they're the ones initiating the connection, firewall shouldn't be a problem. Works great, you can email the file to them, so long as you can explain how to save an email attachment to their desktop. There are some restrictions (Win only, you need either a fixed IP or something like dyndns to specify your address, and they need to be able to receive an executable attachment), but it works really well. Dunno what to do about the OSX, though.

Re:Or, ssh?

[hobarrera]

A few years ago, I was sitting in front of two PCs, using just one, but after a minutes, I noticed the start menu opened on the other, and some commands started typing themselves in. I immediately noticed the VNC icon notifying me someone was connected.

My guess: there's thousands of bots looking for open VNC connections. You don't have to be targeted specifically. Lesson: don't leave VNC to an open internet connection, even with a strong password.

Re:Or, ssh?

[MikeBabcock]

You do realize that there are automated port scanners running on botnets all over the internet all the time, right?

I get hit with thousands of SSH requests a day on the machines I administer, all with random username/password attempts (none of which will work because I only ever allow public key auth). When one of those port scanners notices 5900 open on your granny's computer, and the password is brute-forced in a few seconds, I think you'll rethink your perspective on the issue.

Interception isn't necessary to hack a connection. There's a reason we firewall people are so difficult.

PS you could just add your own netblock to your relatives' firewall software on port 5900 and limit exposure.

Re:Or, ssh?

[hairyfeet]

Bimbo Newton Crosby, if they'd ever tried to actually support a completely clueless user they'd know that VNC would be a BAD idea.

Honestly i just don't see how he is gonna be able to pull it off on both Windows AND OSX without some service in the middle, i really don't. Everything else is gonna require the user to at least have enough skills to start the thing up which is far from assured and leaving it running 24/7 is just asking for trouble.

This is why I'm glad I have all my family and customers on Win 7, MSFT may have made plenty of dumb moves but EasyConnect is a fricking Godsend, its the easiest damned thing I've ever dealt with for remote assistance. I simply pin Remote Assistance to the start menu and its as easy as "Hit start, see that thing at the top that says remote assistance? Yeah click on that, hit next, see my name? Yeah click on my name...hold on...okay I'm hooked up, see that little box that popped up that asks if I can have full control? Just click yes...okay I've got it now" and then I can just sit in my comfy chair and work the system like i was sitting right in front of it.

I wish there was something truly universal and that simple to use but if its out there so far I haven't found it. Just remember when you suggest programs we are talking normal folks, the stuff YOU would think is trivial to do is often so completely over their head it would literally be quicker to simply drive out to where they are and do the work than to sit their on the phone trying to talk them through it.

Oh and one final bit of advice for those that have to support the clueless...get Comodo Time Machine and install it NOW, you'll be glad you did. Think of it as a system restore that actually works and which doesn't get infected by malware. When my GF had to go across the state to take care of a sick relative and her niece screwed her laptop up so bad the thing wouldn't even boot to desktop it took me less than 15 minutes to get her back up and running thanks to CTM. Just set it to use around 10%-15% of the HDD space for snapshots and have it take a snapshot at boot (if you boot more than once a day it'll only take one snapshot so you won't run out of space) and you are golden. You can even lock a snapshot so you can have your own version of a factory refresh that will put the system right back to the way you had it with no muss or fuss. Just have them hit the Home key when they see the big clock, tell them what day you want them to go back to and voila! Instant fix.

UltraVNC Single Click.

You all are trying to go at this the wrong way.

You should run a 'listening server' on your end, and send them a VNC single click binary.

http://www.uvnc.com/products/uvnc-sc.html

Single click binary does need to be setup by the admin (Ultra VNC has a webpage that generates the executable, the admin can do anything from having a single entry that just connects to your IP (on the listening server) upto having pretty graphics and customized greeter screens.). Having a dns entry that always points to your domain (johnsupport.dyndns.com in the worst case for example) also makes those single click instances working for quite some time.

I'm quite surprised so little people know about SC, even though VNC is quite well known here.

And again, TeamViewer is nice (albeit closed source) one always has to wonder, why would a company give you such a service, for free. Yes, they also have commercial offerings where there bread and butter comes from I'm sure. So does google/facebook, yet we all know what they really sell.