[Gloucs] Administration of home computer

Steve Greig steve at stevespages.org.uk
Sat Apr 30 21:55:38 BST 2005 

----- Original Message ----- 
From: "Glyn Davies" <glynd at walmore.com>
To: "Gloucestershire LUG" <gloucs at mailman.lug.org.uk>
Sent: Friday, April 29, 2005 11:21 PM
Subject: Re: [Gloucs] Administration of home computer


> Steve Greig wrote:
>
>> Hi all, I am getting into Linux very much as a home user. My dad's 
>> windows computer finally died and about 2 months ago I (with some help 
>> partly from you) set him up with a new computer running Fedora. Generally 
>> it is going really well and he likes it which is great. However, he does 
>> occasionally run into problems which I try and sort out when I get over 
>> to where he lives. My question is: would it be possible, indeed sensible, 
>> to somehow link his computer with my (or someone else's) computer using 
>> broad band connections so I would be able to remotely log into his 
>> computer either as root or as a user and then actually see what is going 
>> on on his computer and carry out jobs (for example running the up2date 
>> routine which I have not taught him yet as he has enough on his plate 
>> learning how to use email, browser and word processing already)?
>>
>> I hope the answer is yes because it would seem such a practical way to 
>> maintain a computer in someone's house without having to wait until you 
>> have time to get round there.
>
> Steve,
>
> Just to echo what tother Steve said and to add a little bit too.
>
> Use ssh to access the remote machine. It's nice and secure (i.e. no plain 
> text passwords over the network). If you use the command
> ssh -X -o "Compression yes" remotehostname
>
> you will get X forwarding (tunneled) over ssh (that's the -X) plus the ssh 
> traffic will be compressed meaning you will get better performance over 
> broadband or dialup links. Note: some versions of the ssh command accept 
> the arguments in a friendlier format or have them as defaults. Mine 
> doesn't though (FC3). Above, remotehostname is the name (see below) of the 
> machine you want to connect to or the IP address.
>
> Before you can ssh in, you have to be able to find your father's machine 
> on the Net. One presumes he will have a dynamic IP allocated each time he 
> connects. I have been using dyndns for ages to do this. It's free although 
> a few quid their way wouldn't hurt. Basically, you run a client on the 
> remote machine that registers its IP with dyndns (you need to create an 
> account on dyndns first). You can then find the remote machine on the Net 
> by referring to its dyndns name i.e. ssh bonzo.dyndns.org (bonzo be your 
> Dad's dyndns account). More info at http://www.dyndns.org
>
> Use VNC to give yourself a 'desktop' on the remote machine. This will 
> allow you to run all your GUIs. Of course, you can run them without VNC 
> but I find they tend startup quicker in VNC desktop (X isn't greater over 
> Internet). Also, have the Gnome/kde start menu saves you having to 
> remember the command line names of all those apps you see and use off the 
> desktop menu. VNC is quite easy to set up. If you want a v. quick HOWTO I 
> can post one here.
>
> As said elsewhere, the remote machine should use a firewall, preferably as 
> a separate device. If you are looking at buying an ADSL connection, get a 
> combined ADSL/router/switch. You can get a £30 one from Ebuyer. While the 
> one I played with had an awful firewall (awful to configure) I found the 
> Network Address Translation good enough protection (I would add that I had 
> another firewall machine behind it for strength in depth). An ADSL 
> router/switch will almost certainly provide an Ethernet connection as 
> opposed to USB. I think the Ethernet way is much better. Configure your 
> modem/router to allow ssh through to your father's machine and you should 
> be able to connect to it over the Net. I'd configure sshd to only accept 
> connections from one obscure username and add that user to the machine. 
> This will stop the brute force attacks trying typical username/password 
> combos. It happens a lot and I'm afraid steve is just too typical a 
> username. Use a decent password on the account too.
>
> HTH
>
> -- 
> Best Regards
> Glyn Davies
>
>
> _______________________________________________
> gloucs mailing list
> gloucs at mailman.lug.org.uk
> http://mailman.lug.org.uk/mailman/listinfo/gloucs
> Virtual IRC meets every Sunday 8-10pm in #glug on irc.slashnet.org
>

Hi All,
thanks very much for your helpful suggestions. It is quite a long term 
project for me but I am definitely keen to pursue it and will get googling 
using your advice as a starting point. Also, thanks for comments about 
thread hijacking and also top-posting. I am afraid I plead guilty to both 
these but will reform from now on. When I had a look at my dad's computer it 
turned out that the only problem was that he had inadvertantly hidden the 
address toolbar on his browser and that was enough to stop him in his 
tracks. I got it back and explained how he can do that himself in future. As 
a matter of interest would the type of PuTTY / ssh approach you are 
suggesting actually allow me to make a change like that to his browser or 
are there limits to what I would be able to change on his computer remotely?
Best wishes from Steve

More information about the gloucs mailing list