Remote Access Ubuntu

[C0NFUS3D]

Currently I have about 50 Ubuntu 10.04 machines set up at different locations that are used as a basic informational kiosk. I know it's not the most up to date version, but it works with the hardware I was given.

At most of these locations, I have a port forwarded to these machines where I can access them via SSH and then VNC (if necessary) through an SSH tunnel.

The problem I'm facing is that port forwarding is not always an option for some locations. I have a cronjob that connects to a remote server for updates on a daily basis, so it's not so much SSH that's the problem.. I need to be able to remote access the actual desktop (such as through VNC) without a forwarded port and/or any user interaction. Though I'll settle for minor user interaction (such as access a java applet via a web page) if absolutely necessary.

An example of such applicable services would be LogMeIn, where I could download a small program that automatically runs in the background that allows me to access the desktop without end user interaction when ever I need to. The problem with LogMeIn is that they don't support Ubuntu.

Are there any such services, programs, hacks, etc that might allow me to accomplish what I need? I own these machines, so even if I "hack" them, it's not a problem.

Any help would be appreciated!

[Infiltrator]

I think GoToAssist.com has this capability if I am not mistaken.

[C0NFUS3D]

But they require user interaction, correct? I would like to pursue this as a last resort.. or is that my only option?

[Infiltrator]

I may be wrong on this one, but for the initial set up user interaction will be required, but once installed it should allow you to remote in and take control of the PC without any user interaction. At least that's how I interpret it when I see Darren doing the GoToAssist sponsor thanks segment during the show.

However, there is another way you could remote in, without enabling port forwarding but it involves a bit of configuration. It's called Port-knocking, you might want to check it out for more information.

http://www.portknocking.org/.

Edited March 5, 2012 by Infiltrator

[bobbyb1980]

I recently accomplished this but it wasn't exactly free of end user interaction.

I wanted to do this from over the internet and no ports were forwarded. What I did was I obtained a meterpreter shell on the victim machine (the one I wanted GUI axx to). Once I did that I uploaded a reverse_vnc payload so the victim would connect back and viola, there's your GUI over https.

I noticed though that in practice Ubuntu in general (maybe even Linux in general) is not friendly to remote VNC connections. I believe (although can't confirm) that iptables blocked a lot of connections.

Either way, metasploit has tons of VNC payloads, just get a shell on the victim and give them all a try until you find one that suits your needs.

[01000010]

vpn or ssh tunnel out from those machines to a central server and then use that to enter devices. I would set up the remote desktops to send a ssh tunnel back to my machine then connect that way encryting stuff to boot. Or I would set them up to be on a vpn.