[Gloucs] Administration of home computer
Glyn Davies
glynd at walmore.com
Fri Apr 29 23:23:50 BST 2005
Steve Greig wrote:
> Hi all, I am getting into Linux very much as a home user. My dad's
> windows computer finally died and about 2 months ago I (with some help
> partly from you) set him up with a new computer running Fedora.
> Generally it is going really well and he likes it which is great.
> However, he does occasionally run into problems which I try and sort
> out when I get over to where he lives. My question is: would it be
> possible, indeed sensible, to somehow link his computer with my (or
> someone else's) computer using broad band connections so I would be
> able to remotely log into his computer either as root or as a user and
> then actually see what is going on on his computer and carry out jobs
> (for example running the up2date routine which I have not taught him
> yet as he has enough on his plate learning how to use email, browser
> and word processing already)?
>
> I hope the answer is yes because it would seem such a practical way to
> maintain a computer in someone's house without having to wait until
> you have time to get round there.
Steve,
Just to echo what tother Steve said and to add a little bit too.
Use ssh to access the remote machine. It's nice and secure (i.e. no
plain text passwords over the network). If you use the command
ssh -X -o "Compression yes" remotehostname
you will get X forwarding (tunneled) over ssh (that's the -X) plus the
ssh traffic will be compressed meaning you will get better performance
over broadband or dialup links. Note: some versions of the ssh command
accept the arguments in a friendlier format or have them as defaults.
Mine doesn't though (FC3). Above, remotehostname is the name (see below)
of the machine you want to connect to or the IP address.
Before you can ssh in, you have to be able to find your father's machine
on the Net. One presumes he will have a dynamic IP allocated each time
he connects. I have been using dyndns for ages to do this. It's free
although a few quid their way wouldn't hurt. Basically, you run a client
on the remote machine that registers its IP with dyndns (you need to
create an account on dyndns first). You can then find the remote machine
on the Net by referring to its dyndns name i.e. ssh bonzo.dyndns.org
(bonzo be your Dad's dyndns account). More info at http://www.dyndns.org
Use VNC to give yourself a 'desktop' on the remote machine. This will
allow you to run all your GUIs. Of course, you can run them without VNC
but I find they tend startup quicker in VNC desktop (X isn't greater
over Internet). Also, have the Gnome/kde start menu saves you having to
remember the command line names of all those apps you see and use off
the desktop menu. VNC is quite easy to set up. If you want a v. quick
HOWTO I can post one here.
As said elsewhere, the remote machine should use a firewall, preferably
as a separate device. If you are looking at buying an ADSL connection,
get a combined ADSL/router/switch. You can get a £30 one from Ebuyer.
While the one I played with had an awful firewall (awful to configure) I
found the Network Address Translation good enough protection (I would
add that I had another firewall machine behind it for strength in
depth). An ADSL router/switch will almost certainly provide an Ethernet
connection as opposed to USB. I think the Ethernet way is much better.
Configure your modem/router to allow ssh through to your father's
machine and you should be able to connect to it over the Net. I'd
configure sshd to only accept connections from one obscure username and
add that user to the machine. This will stop the brute force attacks
trying typical username/password combos. It happens a lot and I'm afraid
steve is just too typical a username. Use a decent password on the
account too.
HTH
--
Best Regards
Glyn Davies
More information about the gloucs
mailing list