Jump to content

Recommended Posts

Posted (edited)

So, I have a client (running Windows) that I wanted to setup a remote support solution for. I do not have the money to pay for a GoTo... service, so I went with setting up VNC (TightVNC) tunneled over SSH (FreeSSHd). I know this isn't the most elegant solution, but it works. This was also made infinitely simpler since TightVNC has updated their Java VNCViewer application to support SSH Tunneling directly in the viewer application.

I knew I could script the starting and stopping of the SSH server and the VNC server along with adding port openings in the windows firewall of the client's machine. I also figure that I should safely be able to have a port forward in the client's router for SSH, especially if I only open the port on the desktop's firewall as needed. Also this should be reasonably safe as I set TightVNC to only accept loopback connections.

So my client has a "start-remote-support.bat" and a "end-remote-support.bat" which is clear, concise and easy enough for my client to use. However, this still left me with one hangup. I needed the script that started the necessary servers and opened the necessary ports to also find me the client's external IP address, and display it for the client to tell me when he calls me for remote support. (In theory I could have used a DDNS service, but he has an AT&T provided DSL router which doesn't give me many options, so I decided to do something else).

I was able to do this by having the "start-remote-support.bat" call wget, download the url http://icanhazip.com to a file, and I could then type that file to the screen with a message to call me and read me the IP address. This works great, but I was worried that if that website either changes their name, changes the way they return the address, or ceases to exist it would break my scripts. This lead me to add a little php to my own website, which I am recommending anyone else to add to their own website.

In a sub-directory on my website, I have an index.php file which echo's the external IP of anyone visiting the page, followed by a newline character which I needed for formatting purposes. You may not want to newline so feel free to take that out.

<?
$ip = $_SERVER['REMOTE_ADDR'];
echo $ip, "\n";
?>

This is simple and useful. Now there's no reason to ever use another site, which may change how they return the IP address, or disappear without notice.

Finally, in the interest of completeness here is the code for the two batch files . . .

Start-Remote-Support.bat

@echo off
title = Remote Support

:: Start VNC
echo Starting VNC Server.
start "TightVNC Server" /D"%programfiles%\TightVNC" /B tvnserver.exe

:: Start SSH
echo Starting SSH Server.
cd \
start "FreeSSHDService" /D"%programfiles%\freeSSHd" /B FreeSSHDService.exe

:: Create Port Openings
netsh firewall add portopening tcp 22 FreeSSHd
netsh firewall add portopening tcp 5900 TightVNC

:: Get IP address
echo Retrieving external IP address.
echo.
wget -q -O ip.txt http://www.yourwebsite.com/your-subdirectory/

echo Your external ip address is:
echo.
type ip.txt 
echo.
echo Call YOURNAME and tell [him/her] the address above. Please wait for them to 
echo connect, and look at the issue before continuing. You may minimize, but not
echo close, this window, and continue working while they establish a connection.
echo                                -Thank you in advance for your patients.
echo.

:: Pause to display info
pause
echo.

:: Remove ip.txt and exit
del ip.txt
exit

End-Remote-Support.bat

@echo off
title = Remote Support

:: End VNC
taskkill /F /IM tvnserver.exe

:: End SSH
taskkill /F /IM freeSSHDService.exe

:: Remove Port Openings
netsh firewall delete portopening tcp 22
netsh firewall delete portopening tcp 5900

:: Exit
exit

Thanks for reading, and I hope some of you also find this useful.

Edited by oligarchy314
Posted

I didn't know that existed or had a free version. Taking a look at the differences between Pro and Free, it looks like the Free would almost give me the features of what I have, but I would lose file transfer capability, which my solution has both through TightVNC and through SSH (SCP).

Also, I don't need this solution to work unattended on the client side. This was intended for me to walk my client through something, or for me to fix something while the client watched. So, my need for interaction with the client isn't a drawback either.

Thanks for the reply though, I always like hearing about new things.

Posted

Logmein has saved me so many headaches in the past with port forwarding client networks. If I needed to send a file, I used my FTP server or as you mentioned SCP. And from my experiences, it handles latency much better than any VNC I've seen.

Posted (edited)

Well, I'll really have to take a look at LogMeIn then. Ostensibly though, this post was more about setting up the php than the remote support stuff. That was just the back-story of why I set up the php.

Edited by oligarchy314
Posted

Checkout teamviewer - amazing and free product that should do just about everything you want. But it looks like you had a good time creating your own solution though. Reinventing the wheel can be unnecessary, but in some cases very educational and fun.

telot

Posted

@telot

Thank you for your thoughtful post, and recognizing that I enjoyed this as a learning experience. That's what I was trying to share, the joy of learning new things. I like the look of TeamViewer better than a lot of things I looked at; it looks to function more like GoToAssist. I will also have to consider it for the future.

  • 3 months later...
Posted

I personally like TeamViewer, since you don't need to do anything with port forwarding or firewall rules. Creates its own tunnel. If you register with them, you can install the static login version, and see nodes via their site or from your own client, and you can use the portable version to carry with you, on a thumb drive for when you're on the road and not at your own PC, you just need a windows machine to remote in from. There is also a TeamViewer client for MAC as well as Linux and if you're really in a pinch, (and can read tiny screens) Android phones and tablets. Its my personal choice, since I just email friends and family a link to the exe, they can run it without installing and I can get in and out when needed. Full install and registration required if you want access at any time, but for me its easy to just send mom a link, run, and I'm in, which she knows how to use now and just click the icon and read me the pin codes, which change every time so its fairly secure, not to mention, encrypted. http://www.teamviewer.com/en/index.aspx

Posted

@digip teamviewer and logmein hamachi both require interaction with an outside network - third party network. SSH, freessh, is a stand alone technology. I know from personal experience that popular freeware programs rarely every stay free forever. Do you know if the standalone teamviewer exe file calls home (requires outside authentication)? I wouldn't recommend such a service to an independent consultant. Who knows how long the CEO plans to keep it online for free to all "100 million" users.

Posted

I have two clients of mine, who paid for the full licensed version, and has unlimited use, but for the occasional "help uncle bob" or "moms computer is acting funky" which happens quite often in my family as I am the one they all call when something happens, I'll be damned if I am going to drive an hour to someones house if I can just remote in and fix it. If it requires a housecall, well, remote software of any kind won't make a difference, but I use TeamViewer as well as rdesktop from linux to windows hosts, and rdp, as well as SSH for my own websites that have shell access and so forth where I have no need for a gui. But if you like VNC, then use VNC. Me offering TeamViewer as an alternative, was my 2 cents, not to mention, I never suggested logmein, which I personally, hate, or hamachi, which I've never mentioned nor used before, so can't speak to that one. Logmein is flaky at best, although I did once use it from my BB curve, which lets just say, while it sort of worked, I never want to have to do something like that again.

Anyhoo...use what you like, but I take it you don't like my suggestion. Have a nice day. /derp

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...