Re: How can you get remote access to laptops behind a NAT/firewall?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/21/23 14:39, Chris Adams wrote:

Once upon a time, Thomas Cameron <thomas.cameron@xxxxxxxxxxxxxxx> said:

So my question is, is there any sort of software which is similar to
Quick Assist we can install on our Linux laptops so that the Linux
team sysadmins can get access to laptops? I've seen folks on this
list talk about TeamViewer and AnyDesk, but both of those seem to be
paid solutions. Is there any sort of F/OSS solution?


In essence, these solutions are functionally like using a VPN.  The
computer keeps an open connection to a server whenever it can, and that
connection can then be used to allow the server to access the computer.
So you could set up a separate "management" VPN system, like OpenVPN,
that then isolates each client connection (so one user can't access
another user's computer directly across it).  Don't send a default
route, just use an independent RFC1918 (or IPv6 ULA) block from any
other corporate networks.
Yeah, I was looking at things like Nebula for a sort of background VPN for systems management, but that looks like overkill.
I may wind up just having a tiny OpenVPN instance in the cloud that users can connect to so admins can ssh in or run playbooks over the VPN. I was hoping for something less manual, though. With the Windows laptops, as soon as folks authenticate to Azure AD, the helpdesk guys can just fire up a remote desktop. I'd love something that easy.
I suppose I could set up the laptops so that they log into the VPN at boot, that would do the same thing and the staff on the Linux laptops wouldn't have to do anything manual. But I don't want to chew up that VPN bandwidth if I don't have to. 

Thomas
--
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux