On 12/21/23 14:39, Chris Adams wrote:
Once upon a time, Thomas Cameron <thomas.cameron@xxxxxxxxxxxxxxx> said:
So my question is, is there any sort of software which is similar to
Quick Assist we can install on our Linux laptops so that the Linux
team sysadmins can get access to laptops? I've seen folks on this
list talk about TeamViewer and AnyDesk, but both of those seem to be
paid solutions. Is there any sort of F/OSS solution?
In essence, these solutions are functionally like using a VPN. The
computer keeps an open connection to a server whenever it can, and that
connection can then be used to allow the server to access the computer.
So you could set up a separate "management" VPN system, like OpenVPN,
that then isolates each client connection (so one user can't access
another user's computer directly across it). Don't send a default
route, just use an independent RFC1918 (or IPv6 ULA) block from any
other corporate networks.
Yeah, I was looking at things like Nebula for a sort of background VPN
for systems management, but that looks like overkill.
I may wind up just having a tiny OpenVPN instance in the cloud that
users can connect to so admins can ssh in or run playbooks over the VPN.
I was hoping for something less manual, though. With the Windows
laptops, as soon as folks authenticate to Azure AD, the helpdesk guys
can just fire up a remote desktop. I'd love something that easy.
I suppose I could set up the laptops so that they log into the VPN at
boot, that would do the same thing and the staff on the Linux laptops
wouldn't have to do anything manual. But I don't want to chew up that
VPN bandwidth if I don't have to.
Thomas
--
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue