Become a fan of Slashdot on Facebook


Forgot your password?
Open Source

Ask Slashdot: Options For FOSS Remote Support Software? 247

Albanach writes "I'm sure I'm not alone in being asked to help friends and family with computer issues. These folk typically run Windows (everything from XP onward) or OS X (typically 10.4 onward). Naturally, desktop sharing is often much easier than trying to talk the other end through various steps. I've found free sites like but they don't work with OS X 10.4, neither does the Chrome plugin. I'd also prefer not to compromise security by using a third party in the middle of the connection. Is there a good, free solution I can run on my linux box that supports old and new clients that run Windows, OS X and possibly linux? I'd love it if the users could simply bring their systems up to date, but that doesn't solve the third party issue and it's not easy when it requires a non-trivial RAM upgrade on a Mac Mini."
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Options For FOSS Remote Support Software?

Comments Filter:
  • by Nimey ( 114278 ) on Sunday August 19, 2012 @06:52PM (#41049099) Homepage Journal

    Because that's what you want.

    • OK, that's a stretch....
      • you can install sshd on windows, but you won't be helping relativers with their GUI or windows admin problems with it....

        • Re:Or, ssh? (Score:5, Insightful)

          by RealGene ( 1025017 ) on Sunday August 19, 2012 @07:08PM (#41049201)
          Since VNC is notoriously insecure, it's good practice to only run it over ssh on an untrusted network.
          So, the answer is both.
          • Re:Or, ssh? (Score:4, Insightful)

            by rubycodez ( 864176 ) on Sunday August 19, 2012 @07:45PM (#41049433)

            nonsense, no one is going to intercept your VNC stream during the time you are helping your relatives. get real, no one at your ISP is snooping traffice from home looking for a VNC session to tamper with. have your relatives turn off the server when done. you are more likely to get struck by lightening.

            or entertain us by your laughingly improbable method by which you will intercept someone's VNC packets.

            • Re:Or, ssh? (Score:5, Funny)

              by binarylarry ( 1338699 ) on Sunday August 19, 2012 @07:55PM (#41049479)

              Exactly. That's why I use rsh on all my servers.

              It's faster and easier and no one on the internet is possible sniffing my packets.

            • Re:Or, ssh? (Score:5, Insightful)

              by RealGene ( 1025017 ) on Sunday August 19, 2012 @09:02PM (#41049849)
              Have you ever tried to help an 80+ year-old relative with their computer?

              "Just start the VNC server, auntie."
              "Is that the 'start' button thingy?"
              "No, just click on the icon that says 'VNC'."
              "All I see is the email from cousin Ruby."
              "Ok, close the email first."
              "Do I turn off the computer? That's what I do when I'm done reading my mail..."
              (continues for 35 minutes)

              The point being, the folks who need the help can't be relied upon to start/stop a VNC server, or carry out any other task
              that isn't part of their normal routine. And leaving a VNC server running, with circa-1985 eight-character password, on a standard port,
              is a security risk.

              • I give my (almost) 80-year-old a desktop icon which is called "Call John" and it starts up the VNC server with the appropriate command line options to start up a reverse connection to my computer.

                If my IP address changes, I just email her a new shortcut file to replace the one on her desktop.
              • Re:Or, ssh? (Score:5, Informative)

                by hairyfeet ( 841228 ) <> on Monday August 20, 2012 @03:41AM (#41051851) Journal

                Bimbo Newton Crosby, if they'd ever tried to actually support a completely clueless user they'd know that VNC would be a BAD idea.

                Honestly i just don't see how he is gonna be able to pull it off on both Windows AND OSX without some service in the middle, i really don't. Everything else is gonna require the user to at least have enough skills to start the thing up which is far from assured and leaving it running 24/7 is just asking for trouble.

                This is why I'm glad I have all my family and customers on Win 7, MSFT may have made plenty of dumb moves but EasyConnect is a fricking Godsend, its the easiest damned thing I've ever dealt with for remote assistance. I simply pin Remote Assistance to the start menu and its as easy as "Hit start, see that thing at the top that says remote assistance? Yeah click on that, hit next, see my name? Yeah click on my name...hold on...okay I'm hooked up, see that little box that popped up that asks if I can have full control? Just click yes...okay I've got it now" and then I can just sit in my comfy chair and work the system like i was sitting right in front of it.

                I wish there was something truly universal and that simple to use but if its out there so far I haven't found it. Just remember when you suggest programs we are talking normal folks, the stuff YOU would think is trivial to do is often so completely over their head it would literally be quicker to simply drive out to where they are and do the work than to sit their on the phone trying to talk them through it.

                Oh and one final bit of advice for those that have to support the clueless...get Comodo Time Machine [] and install it NOW, you'll be glad you did. Think of it as a system restore that actually works and which doesn't get infected by malware. When my GF had to go across the state to take care of a sick relative and her niece screwed her laptop up so bad the thing wouldn't even boot to desktop it took me less than 15 minutes to get her back up and running thanks to CTM. Just set it to use around 10%-15% of the HDD space for snapshots and have it take a snapshot at boot (if you boot more than once a day it'll only take one snapshot so you won't run out of space) and you are golden. You can even lock a snapshot so you can have your own version of a factory refresh that will put the system right back to the way you had it with no muss or fuss. Just have them hit the Home key when they see the big clock, tell them what day you want them to go back to and voila! Instant fix.

            • you haven't looked at the logs and seen people knocking on vnc ports have you?

              • sure. a dictionary password will fall to brute forcing, and a strong one will take longer than the life of Sol to get....

            • Re:Or, ssh? (Score:5, Informative)

              by hobarrera ( 2008506 ) on Sunday August 19, 2012 @10:24PM (#41050297) Homepage

              A few years ago, I was sitting in front of two PCs, using just one, but after a minutes, I noticed the start menu opened on the other, and some commands started typing themselves in. I immediately noticed the VNC icon notifying me someone was connected.

              My guess: there's thousands of bots looking for open VNC connections. You don't have to be targeted specifically. Lesson: don't leave VNC to an open internet connection, even with a strong password.

              • Agreed. We see VNC port probing all the time. This is why we do not leave the server code running (as a service). If someone needs remote assistance, they launch the vnc server and it will wait for about 30 seconds for a connection before it gives up and dies.

                • Why not an SSH tunnel, isn't it simpler? You could just make a tiny software the opens the tunnel for your users anyway.

            • Re:Or, ssh? (Score:5, Informative)

              by MikeBabcock ( 65886 ) <> on Monday August 20, 2012 @12:28AM (#41051007) Homepage Journal

              You do realize that there are automated port scanners running on botnets all over the internet all the time, right?

              I get hit with thousands of SSH requests a day on the machines I administer, all with random username/password attempts (none of which will work because I only ever allow public key auth). When one of those port scanners notices 5900 open on your granny's computer, and the password is brute-forced in a few seconds, I think you'll rethink your perspective on the issue.

              Interception isn't necessary to hack a connection. There's a reason we firewall people are so difficult.

              PS you could just add your own netblock to your relatives' firewall software on port 5900 and limit exposure.

            • Or, possibly someone is sniffing around for unsecured vnc traffic, spots yours and sets up packet sniffing for the next time you use it and gets your cleartext password. So easy it could be automated and thus most likely is.

              Just tunnel through SSH and you're good to go.
          • Parent is over-rated. Exactly how is VNC "notoriously insecure"? Because it is not encrypted? Do you really think someone is going to intercept the screen drawing compressed bitmap traffic during some ad-hoc session? And what exactly will they get? A temporary visual of someone's screen?

            Security really depends on how it is all implemented. I typically set it up so the person on the other end has to launch the VNC server, it has a strong password (which is not the same as any user), and it will only al

            • If your relatives leave the VNC server running, that's a VERY easy attack vector for anyone with a port scanner. If they leave an SSH server running (assuming you're smart and disable password authentication) and port-forward the VNC port over that (so the VNC port is never forwarded past the router), then there is VERY little chance anyone is going to use it against them.
            • Re: (Score:3, Insightful)

              by rtfa-troll ( 1340807 )

              Parent is over-rated. Exactly how is VNC "notoriously insecure"? Because it is not encrypted? Do you really think someone is going to intercept the screen drawing compressed bitmap traffic during some ad-hoc session?

              This is exactly the thing I really hate to see up here. People doling out advice when they clearly have absolutely no clue. Some belief that "if it's for 30 seconds it's too fast for them to react". Packet monitoring is done by computers. It is done any time. It is done automatically. The network guys on your network have the right to do it "for network maintenance reasons". The professional ones a) wouldn't want to see and b) earn too much to risk it. Unfortunately they have all been outsourced to

          • Re:Or, ssh? (Score:5, Interesting)

            by Wrath0fb0b ( 302444 ) on Sunday August 19, 2012 @09:15PM (#41049915)

            Since VNC is notoriously insecure, it's good practice to only run it over ssh on an untrusted network.
            So, the answer is both.

            No, the solution is to have server initiated connections to a listening client that is launched on demand, which has the amazing added benefit that the techie is the one to configure his firewall/NAT appropriate rather than the noob. Consider the following secure handshake done over the telephone:

            (Noob) Hi, can you help me with WinFooBarTunesExtreme?
            (Techie) Sure, let me fire up my listening client and open a port on my local firewall and router
            (Noob) I like turtles!
            (Techie) Click on the little VNC icon near the clock, click "Connect to Listening Viewer" and type" then click OK
            (Noob) Derp, OK, w-w-w-dot-t-e-c-h-i-e-d-o-m-a-i-n-n-a-m-e-dot-c-o-m, OK
            (Techie) Cool, now I can see your screen, please reproduce the error while explaining to me what you are trying to do. ...
            (Techie) Let's make sure that VNC is not set to accept connections, OK good, looks nice.

            When the session is done, the noob drops the server connection and all is well. VNC server is not set to accept remote-initiated connections (trivial to configure right) so there's zero risk from that end. The techie closes the listening client and disables his port mappings (I hope).

            Even the setup is easy, since the noob only has to click "Next" a bunch of time through the VNC server setup and then the techie can adjust the settings once he's connected. There's zero persistent open connections and so zero persistent attack surface. Since there's no passwords exchange, there's no risk of eavesdroppers stealing any credentials.

            • even better, you can configure a shortcut on the "noob"'s computer so they don't even have to type anything to start a connection to a listening client.

          • And to set up sshd and vnc onto a distant relative's computer, I'll just use VNC over SSH.
            Oh, wait!

          • Just use VNC in reverse connection mode. Make the server connect to you, not the other way around. Then you're the one who opens a port briefly for the connection, not your relative.

    • by mrclisdue ( 1321513 ) on Sunday August 19, 2012 @06:56PM (#41049121)

      No offense intended, but I'm having a hard time understanding why anyone would be asking the submitter for computer advice.



      • by artor3 ( 1344997 )

        Step down off that high horse of yours. Anyone who so much as knows how to copy & paste an error message into Google will get asked for computer advice. That is, unless they're so full of themselves that they look down on someone who happens not to know some random bit of knowledge. Those people will drive away anyone who might otherwise ask them for help.

      • by Albanach ( 527650 ) on Sunday August 19, 2012 @09:49PM (#41050099) Homepage

        I'm the submitter. I presume your friends and relatives are stunningly more technically adept than mine.

        I have personally been using VNC for over a decade. Judging by your /. uid, that's probably a good bit longer than you.

        How about you take a moment to read the question. I'm looking for remote support software similar to or the chrome plugin. That means the other end uses their browser, goes to the URL I give them and with as little other input as possible, I can share their desktop.

        That does not describe VNC. I already have a vnc/ssh based solution. It's convoluted and yes, they find it difficult. Perhaps you've never assisted folk in their 70s with IT, but yes, for many, something that simple is difficult. It's difficult because it's unfamiliar. They use their web browser and they use email. That's what they know about their computer.

        Now VNC may be part of the solution - indeed I would fully expect that. But not plain old vnc or a combination with SSH. The end user shouldn' t need to locate software, open firewall ports, execute shell scripts or type convoluted SSH commands.

        Finally folk do, frequently ask me for advice. They do so for the simple reason that I try and give them a solution that meets their needs. That solution is not VNC or I wouldn't have posted the question. I think if you'd read the question rather than trying to get the first moral superiority post you might have realized that.

        • Re: (Score:3, Insightful)

          by Nimey ( 114278 )

          Then you need to have put that information into the original request instead of expecting us to read your mind.

          • by Scutter ( 18425 )

            Then you need to have put that information into the original request instead of expecting us to read your mind.

            It was obvious to me that he was looking for something that wasn't VNC. I think Slashdot readers are generally so used to being highly technical that they forget that not everyone can (or wants to) roll their own solution from scratch. The users he's trying to support will certainly not have any expertise in activating a support session, or they wouldn't be calling for support to begin with. The solution, therefore, has to be as simple as possible. What he's looking for is something similar to Bomgar (w

        • Teamviewer

          • by jimicus ( 737525 )

            Doesn't pass the F/OSS test. Nor does it pass the "must not include anyone sitting in the middle" test.

            On the plus side, it does pass the "free as in beer for personal use" test.

            OP: I think you're going to struggle unless you're prepared to compromise on some of your requirements. There are loads of proprietary solutions that provide this sort of functionality, but most of them are aimed at corporates that don't care too much about the architecture of the solution as long as it works - nor do they care abou

        • Re: (Score:3, Informative)

          by adolf ( 21054 )

          Before we start a dick measuring contest based on Slashdot UIDs:

          First off, if you've got your users grabbing random (to them) software and slogging through a shell, you're doing it wrong. Whatever it is that you've got them doing is something that you've already failed to automate on their behalf.

          Secondly, don't throw out the baby with the bathwater. It seems to me that if there were software in existence that worked just like VNC but in reverse, it would fit your important* requirements just fine.

          Now, su

        • ...Judging by your /. uid, that's probably a good bit longer than you...

          ...which lends credence to my original query, How can my uid have ANYTHING to do with how long I have been involved in remote support (22 years, beginning with software which I believe was included in AccPacc, by Winsim - it may have been called PC-Commute, and ran on Win 3.1) ?


    • by gmack ( 197796 )

      The downside of VNC is that you need to create a hole in your firewall for it and you also must know the host name, that puts it a step down from things like which I've used to repair windows laptops in cases where I don't control the firewall (in one case Iraq).

      I also would be interested in something like that that I could control using my own server and happens to be cross platform.

    • Teamviewer is much better than VNC. I love VNC. But lately Teamviewer is the one I prefer because of it's wonderful features.
    • Ok, so, i have the VNC client, my friend has the VNC server, now, only if i could remember what his IP is.. and port..
    • by bcmm ( 768152 )
      And use a reverse VNC connection (where the viewer listens on a port for the "server" to open a connection). That way, you only need to worry about your own NAT router. There are some VNC servers that allow you to create a nice package that when run automatically opens a reverse connection, which, combined with a dynamic DNS service for your own network, could give an idiot-proof way to get things started.
  • VNC? (Score:5, Informative)

    by Dan East ( 318230 ) on Sunday August 19, 2012 @06:53PM (#41049107) Journal

    VNC is probably the most prolific remote access client / server software in existence. It is open source, although some companies have created enhanced functionality on top of VNC which is available as commercial products. OSX supports VNC type remote access natively.

  • Google+ (Score:5, Interesting)

    by Anonymous Coward on Sunday August 19, 2012 @06:54PM (#41049113)

    The Google+ hangouts works for my students when they have software issues. I second-seat them and things run smoothly. If you are doing the maintenance on their computers, you can ensure that the plugin installs correctly and go from there. -TN

  • teamviewer (Score:4, Informative)

    by alen ( 225700 ) on Sunday August 19, 2012 @07:05PM (#41049175)

    its free for non-commercial use. my mom lives almost 2000 miles away and that's what i use to help her.

  • Doesn't exist (Score:4, Insightful)

    by Cosmos_7 ( 128549 ) on Sunday August 19, 2012 @07:21PM (#41049293)

    What you're looking for doesn't exist. VNC is great, but without the middleman you're never going to have ease-of-use for the people you're trying to help... they're going to give up trying to get port-forwards set up on their router long before you actually get in to help them.

    Logmein / Teamviewer / etc is what is needed, and just plain works. If you have to choose one, it should be Teamviewer... can run client and support on all three specified platforms, and the QuickSupport option on Windows is a godsend - nothing like telling a client / grandma / whoever to simply download and run a small executable to let you in and help them.

    • So the solution is obviously to make your own teamviewer-like solution since Teamviewer isn't free for commercial use. After much hairpulling I realized VNC is the answer but I wanted a use-anywhere-help-anyone solution. I then realized I needed a VNC repeater, this is basically what teamviewer et-al do. Otherwise YOU have to be behind a configured firewall.

      Chunk VNC (you can google it yourself ;-p) is a project that is imminently doable. I deployed a repeater on my own always-on computer, configured the fi

  • Reverse VNC (Score:5, Informative)

    by InfiniteZero ( 587028 ) on Sunday August 19, 2012 @07:22PM (#41049297)

    Other posts have already mentioned VNC, naturally. But more specifically, what you want is reverse VNC. You set up a VNC listener, and firewall port forwarding etc. on you end. Then ask the user to download a simple server executable (e.g. tvnserver.exe in the case of Windows/TightVNC) and connect to your IP address.

    • Re:Reverse VNC (Score:5, Informative)

      by Anonymous Coward on Sunday August 19, 2012 @07:37PM (#41049395)

      I completely agree... I've been doing this for many years. The main advantages are:
        - Nobody has an internet-exposed vnc server
        - The people you're supporting don't need to make holes in their firewall
        - As the OP requested: no 3rd party for the connection to go through (a boon to both latency and security)
        - FOSS

      For ease of use, make a .bat file on their desktop that gives them icon to click that:
        - starts the vnc server service (i.e. net start vncserver)
        - tells the vnc server to add a new client (the name you've registered with dyndns).

      When they want to share their screen with you, you'll need to be running the vnc listening viewer first, and have an open port on your firewall.

      • One step beyond this: Use Ultra VNC's Single Click [] mode (free). Set up the config file to automatically connect to your listening VNC port. I've fixed email in Paris, my sister (and her machine) in Tucson, and a niece in Sydney, Australia. All they do is download a 200KB EXE file from my website. I even have Office 1 and Office 2, so if I'm in my wife's office they just click on that. The whole thing takes less than ab out 30 minutes to setup and no one else ever has to deal with anything complicated.
    • by vux984 ( 928602 )

      The issues with reverse VNC are that it requires the remote user to initiate a connection to you, which is more work for them. Less perhaps then setting up their router, but still more than something like teamviewer.

      It also breaks if you can't conveniently port forward your own machine whenever you need to support them. Maybe you aren't always at home in your basement. I use teamviewer from my phone. From my laptop at on my break at work. Etc.

      I even went to the next step, and ran a VNC repeater for a while,

  • TeamViewer (Score:4, Informative)

    by vux984 ( 928602 ) on Sunday August 19, 2012 @07:22PM (#41049301)

    Its not FOSS, and there is a middle man to negotiate things to get you connected.

    It is however free for non-commercial use.

    You can remote control -from- Windows, OSX, Linux, iphone, and android.

    You can remote control -to- windows, OSX, Linux, and recently samsung androids.

    It just works. The person you are trying to support can get connected to you by clicking the "Join Remote Support Session" URL, and running the quick support app. They don't have to install the software, or configure their firewall, or fiddle with various modes etc.

    You can connect to pretty much anyone anywhere from pretty much anything anywhere.

    How does it compare to the various VNCs? Its much easier to get a connection going, and you don't waste more time trying to get a remote session going than it takes to actually perform the remote support.

    Now, VNC is great, and if you set up your own public VNC repeater, and bundle your own VNC client to use that repeater you can get most of the way towards what you get with teamviewer without any effort at all.

    • Re:TeamViewer (Score:4, Informative)

      by asmkm22 ( 1902712 ) on Sunday August 19, 2012 @07:46PM (#41049437)
      I'm going to second this. It's free for non-commercial use, so it's great for helping out family and friends. It's really easy to use and, like the poster said, there's no install needed. Just make sure they hear you correctly and go to "" and not "". I had that happen once, and it was a bit awkward.
    • There's a big difference between FLOSS and freeware.

      The main one being you can assertain that FLOSS software is secure, and if the middleman is trustworthy; you can't do that with freeware.

      Also, Mikogo es almost the same as teamviewer, but FLOSS.

      • by vux984 ( 928602 )

        There's a big difference between FLOSS and freeware...The main one being you can assertain that FLOSS software is secure, and if the middleman is trustworthy...

        And the people he's supporting are on Windows and OSX. If we're worried about issues with proprietary 3rd party software defeating the remote-support toolchain, then we've lost before we've even started.

        Groups like teamviewer have some major enterprise customers. Their reputation for security is worth more than spying on your remote support session w

  • I am the family geek and have found the best way of dealing with this is to organize a time to visit. Hop in car and stare at the problem in person. Set up access levels. (You don't get to be admin all the time there Mum) Set up schedules.(Leave your computer on overnight on Sunday night so the little maintenance men can do their work) Setup backups. (Where is that USB hard drive you got with this?)

    If people get into problems, and they need service right away, tell them to drop the computer off at the l

    • by Sique ( 173459 )

      Time to visit might work fine, if you live nearby. For me, a visit is a seven hours drive. Twice. It will take me the whole weekend. There is no direct flight connection, the flight connections which exist, will take (inclusive changing planes) five hours single trip and are prohibitively expensive (I just checked, $785 is the cheapest offer for next weekend).
      For some people "just schedule a visit" is not an easy solution.

  • PuTTY with VNC (Score:5, Informative)

    by Anonymous Coward on Sunday August 19, 2012 @07:34PM (#41049379)

    I've been helping my now 83-year-old dad since the Win2K days using this solution:
    - On dad's machine, install VNC server and PuTTY SSH client
    - Set the VNC server NOT to run in service mode.
    - Set the VNC server to accept connections from localhost (That used to be a registry setting, but it might be the default now)
    - Set up a user called "sonarman" on my Linux machine. sonarman's shell is a script that loops forever, printing the date and hostname, then sleep 60.
    - Set up a public/private keypair so sonarman can log into my linux machine without a password
    - Set up a PuTTY session for sonarman that uses the private key to connect, and that forwards some port on my linux machine to the VNC server port on my dad's computer (5901)
    - If necessary, tell Windows to allow PuTTY.exe to go OUT through the Windows firewall.
    - Created a folder on dad's desktop called "Get help from Mike" - inside are two windows shortcuts, one to start sonarman's ssh connection to form the encrypted tunnel, and one to start the VNC server.

    So when dad has a problem, he calls me, he opens the "Get help from Mike" folder, and double-clicks the PuTTY shortcut. When he says "OK, it's showing me today's date", I tell him to double click the other shortcut, and he tells me when the VNC icon shows up in the notifications area.

    Once that's done, I connect a vncviewer to localhost:<whatever port I set up>, and I have a view of and control of Dad's desktop.

    He can't do any harm to my system, because sonarman's shell doesn't accept any input.
    Because his computer is initiating the connection, he doesn't need a fixed IP, nor any holes through the firewall besides the *outgoing* ssh connection.
    My linux machine has an entry in DynDNS, and dad's PuTTY connects to my machine by hostname, so as long as my dyndnsd keeps the name up-to-date with Comcast's periodic re-assignments of my IP address, dad's computer can always find mine.
    My firewall must be configured to allow incoming ssh connections (but I want that anyway).

    • by humanrev ( 2606607 ) on Monday August 20, 2012 @01:24AM (#41051259)

      Now this is a great example of the DIY nature of true geeks who can build a solution using FOSS components tailored to their particular requirements but without skimping on security, and although initially a bit complicated to set up for the expert, still ultimately has ease of use on the side of the end user (the Dad in this case).

      Reading about solutions built like this is one of the reasons I still come back to Slashdot despite the site itself slowly falling into the abyss.

  • by ras ( 84108 ) <russell-slashdot&stuart,id,au> on Sunday August 19, 2012 @07:34PM (#41049383) Homepage

    I see most people here are recommending VNC. VNC and its brethren work, but can be very slow. A propriety alternative is Team Viewer []. It is free as in beer and like VNC runs on all platforms under the sun (including Android and iOS). It is unlike VNC in that it is rock solid (I've never seen it hang), always quick enough to useable and requires no special setup to pierce NAT and firewalls.

    I hope that one day open source figures our what the magic sauce is in Team View is and replicates it in VNC. Until that day arrives when I need to get shit down, I just use TeamView.

    • by Skapare ( 16644 )

      I hope that one day open source figures our what the magic sauce is in Team View is and replicates it in VNC. Until that day arrives when I need to get shit down, I just use TeamView.

      One sauce component is having connections made through the firewall and such. Do that through a "connection" layer on top of HTTP to a central server. Switch the connection to TLS encrypted. Then exchange account, identity, and authentication info. At this point the two ends can communicate via the server. In parallel, probe to find other ways to get through the firewall, such as direct TCP connections to the server. With communication to the server, any NAT being used is known (end IP != peer IP seen

  • For mac users, I make sure that my computer is reachable by ssh and I set up a "help" account. Then I email the following commands (with appropriate substitutions)

    sudo /System/Library/CoreServices/RemoteManagement/ -activate -configure -access -on -clientopts -setvnclegacy -vnclegacy yes -clientopts -setvncpw -vncpw VNC-PASSWORD -restart -agent -privs -all

    ssh -R 5901: -R 2201: help@MY-IP-ADDRESS-OR-DNS

    Next I PHONE the person and

  • Simple solution (Score:5, Interesting)

    by Cute Fuzzy Bunny ( 2234232 ) on Sunday August 19, 2012 @08:03PM (#41049543)

    Logitech and best buy routinely sell cheap decent webcams. I've picked up regular ones, and 720p and 1080p HD versions for under ten bucks each shipped.

    Bought one for each family member.

    When they have a problem, I start a video chat with them, they take the webcam off the monitor and point it at the screen. On some cams you have to click the 'mirror' button to reverse the image. Then we work on the problem. If that computer is dead, put the webcam on a laptop and use that, or do a video chat with their phone or pad if they have one.

    Securing software, poking hole in firewalls and all that seems like a waste of time when you can actually SEE whats going on for yourself.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      That has to be one of the stupidest remote support solutions I've ever heard, when you could do a better job just using Skype's free desktop sharing function in a video conference if for some reason TeamViewer scares you off.

    • Re: (Score:2, Offtopic)

      by hobarrera ( 2008506 )

      Someone please mod this funny!

    • Webcams can be cheap, but some people just don't want them for whatever reasons, including completely illogical ones. I've had people send an MMS of a screen shot, when I can't connect using logmein or VNC or RDP or whatever. The screencap idea isn't a bad one, just not easy for ad hoc support. You can't guarantee that one's nearby, but a lot of people with computers have smartphones and can get the screenshot of the error message pretty well. Beats having to spell a long error message screen string, one ch

    • Re: (Score:3, Funny)

      by Anonymous Coward

      even simpler solution- ebay and a lot of hipsters websites routinely sell decent Polaroid Cameras. I've picked up regular ones and a few packages of film for pretty cheap.

      Bought one for each family member.

      When they have a problem, I have them snap a picture of their screen and put it in an addressed, stamped envelope and send it over to me. Then we work on the problem. If that computer is dead I have them take a picture of the power cord and the outlet the computer is supposed to be plugged into to mak

  • I've been using Ultra VNC Single Click [] for years. It only works with Windows, but it is small, open source, and relatively secure.

    1 Your support client calls you
    2 You open VNC in listen mode
    3 Your support client runs a custom version of UltraVNC SC that is set to connect only to you.

    Easy. Fast. Cheap. And it works.
    • We're looking into using the alternative chunkvnc [] single click client.
      It even works with UAC if you install it as a service after firing it up the first time. Just remember to uninstall/disable it afterwards for security reasons.
  • I'd suggest TeamViewer (

    No, it's not FOSS. But it is free as in beer and it also runs on Windows, OS X and Linux (the Linux build though is technically the Windows build packaged via a Wine bottle, all self contained and preconfigured well though). Sounds like the $-free and cross-platform aspects are probably more important overall to your needs than being open source. Plus you don't have to worry about firewalls or anything - I can even access my home system at my workplace thro

  • When I sent my dad a Linux computer because his old Windows machine was taken over by malware (no amount of remote help with running various cleanup tools helped), I set it up to automatically SSH to my home server every 5 minutes and open a tunnel back to his computer desktop's VNC port as well as an SSH port as a fallback.

    it came in handy when I had mistyped his home wireless router's WPA key before sending the computer, I just had him plug the computer directly to one of his router's LAN ports, and then

  • VNC, as others have noted, works on lots of platforms (including older ones). You'll have to configure it in their firewall, and I use a non-standard port as well.

    Some VNC versions allow a form of access control, but that doesn't help if your IP or IP range changes.

    And while I realize that there is an actual cost involved to fix it, letting them stay on primitive hardware and OS is not really helping them. Sadly, "because it still works" is less and less a good reason to keep an old PC running. Not too long

  • As mentioned elsewhere there are two main commercial solutions - non-foss. Teamviewer and Logmein. Logmein free is legal for commerical purposes and I put it on clients machines when I have them on my bench but it is limited. Teamviewer is just plain awesome but is not free for commercial use and they seem to watch. As is their right.

    So the solution is obviously to make your own teamviewer-like solution. After much hairpulling I realized VNC is the answer but I wanted a use-anywhere-help-anyone solution. I

  • You might want to check out a program called Checkride. It is an open source program developed in Lazarus. It is basically a preconfigured portable VNC and stunnel package. To use you configure it to connect to your computer and give it to the person you are trying to help. The executable you send them starts VNC server and then connects to your computer via stunnel. Your PC then starts VNC viewer on your side and connects to their desktop via the secure stunnel connection.

    Checkride []

  • Mikogo ( is pretty good. I think it's pretty much what you're looking for, FLOSS and cross-platform.

  • by tdelaney ( 458893 ) on Sunday August 19, 2012 @10:56PM (#41050489)

    1. Set up a secure VPN server at your site. This serves two purposes: getting access to external machines, and security.

    OpenVPN [] is a good one to use, but if you can set up OpenVPN AS [] either on a Linux box or in a Linux VM you'll make life much simpler for everyone.

    2. Set up the people you want to support with VPN access.

    3. Set up VNC on their machines. TightVNC [] running as a service is ideal, but take the following precautions:

    a. Set the service to Manual so they have to turn it on each time.

    b. Have authentication.

    4. Create easily-accessible shortcuts for them to use, and train them to use them.

    5. At the start of a support session, get them to connect to the VPN, start the VNC service. You can either get them to tell you the IP address, or look at the currently-active VPN connections.

    6. At the end of a support session, get them to shut down the VNC service and disconnect from the VPN.

    I've found that even computer neophytes can be trained to do their part, and if they've got a minimal level of skill it's possible to talk them through the initial setup of the VPN and VNC client software. You just need to get them to the point that you can remote control, and then you can lock it down (changing service to Manual, etc).

  • As you know, in order for you to remotely control any computer, it must have real IP, static IP, whatever IP, or with other words: well known IP. And as you very well know, 99% of your friends (including you) don't have this little feature. The only possible solution to this problem is to have dedicated server, where you could rune your redirector, router, tunneler, you name it. Once you have this server, and he is under your full control, you could use any encryption, any client, any OS.
  • []
    "Gitso is a frontend to reverse VNC connections. It is meant to be a simple two-step process that connects one person to another's screen. First, the support person offers to give support. Second, the person who needs help connects and has their screen remotely visible. Because Gitso is cross-platform (Linux, OS X and Windows) and uses a reverse VNC connection, it greatly simplifies the process of getting support. "

  • I'll repeat Gitso just because of how useful it is. If you just need visual, Skype's screen-sharing can be invaluable if you already use Skype to communicate.
  • Not too sure if you have hear of teamviewer ? []

    There are clients for Windows / Linux and Mac ...

  • I have been using gitso for a few years now. My mom and sister have an icon called "help me" on the desktop. Thats all that is required.
  • I see TeamViewer mentioned a lot. Another proprietary but free as in beer alternative is CrossLoop: []. I have no experience with TeamViewer, but I am very happy with CrossLoop, which is also free for personal use, very easy to use (start it, and read a name and twelve digit code over the phone), automagically punches through NAT routers and firewalls, and is based on VNC under water. They don't have a native client for Linux, but the Windows version runs fine under Wine.

Things equal to nothing else are equal to each other.