Life Skills, Technology, Tutorial, Ubuntu

How to Securely Control a Remote Ubuntu Machine with VNC and SSH

I have been trying to do this for a while because I don’t like using WINE and the only other option that gave me headache free access to another machine was a proprietary one.  I wanted to be able to tunnel into my mom’s computer and offer her full tech support visually, just like any other remote access software. I knew it existed for Ubuntu built in but I couldn’t find time to do it.  Finally I forced myself and you can benefit from the fruits of it.

First, credit where credit is due.  I figured it out using this tutorial as a base, however, it still confused the crap out of me and didn’t work because this tutorial had a few confusing lines.

I will copy and paste the stuff that worked well for me and then tweak a few parts or add notes as I go along.

Before I begin, here are my list of assumptions:

  • you are using Ubuntu on both machines.  If not, you are lost and need not continue until you fix the first problem.  😉
  • You understand that ‘host’ means the computer to which you will tunnel in, and which will receive the incoming tech support and that ‘client’ means you, the tech support giving person, or the person who wishes to reach the remote machine
  • you have full administrative access to the router on the host side, with all passwords if a router in fact exists at all (usually does these days). This can be obtained from side of router or from ISP
  • you understand that the IP address on the host computer’s side may change unless they are paying for a static IP service, or have a service called dynamic dns going and that the settings on the client side will have to adjust accordingly with each change of IP.  I am not covering static ips or dyndns services in this tutorial
  • you have either created a full-powered user account on the host ubuntu machine, or have the password for the main user on the machine.  In the case of my mom, I just user her user/login but this won’t work if it ain’t your mom.
  • you are running a recent version of Ubuntu which comes with Remmina installed.  Just push the super key and start typing ‘remmina’ to be sure.  On the client side, you would need to make sure that ‘Desktop Sharing’ shows up.  I’m running on 14.04 now as I create this so adjust accordingly
  • you have created a static IP address on the host network (not covered in this tutorial)
  • you have opened port 22 (SSH) in the host’s router and pointed it towards the static ip of the host computer
  • you have opened port 5900 (VNC) in the host’s router and pointed it towards the ip address of the host computer

ON THE HOST SIDE – SETUP

1. open ubuntu software centre and install openssh-server as per screenshot:

01-openssh-server

 

2.  Go to Preferences > Remote Desktop and select the following preferences:

  1. Check “Allow other users to view your desktop”;
  2. Check “Allow other users to control your desktop”;
  3. Check the security settings you desire (mine are there as example, you can chage);
  4. NOTE: VNC is very unsecure. You really must at *least* make a password below.  I would make it different from the user login and all the other passwords, but I’ll leave that in your hands.  Some password is better than no password.  By using SSH (that’s what this tutorial is all about) you are MUCH more secure than just using VNC by itself.

02-host-desktop-sharing

3. Find out your current IP address from your ISP by searching ‘what is my IP?” into a search engine, or by looking inside your router settings. You will need it for the client side setup below.  See warnings above again about static versus changing IPs.

ON THE CLIENT SIDE – SSH KEY SETUP

1. in the HUD type ‘passwords’ and open up the ‘passwords and keys’ thing:

03-passwords-keys

2. click the green arrow and choose ‘secure shell’ like this:

04-pass-keys-opened

3. Walk through the setup.  You will need the IP address of the host side now so make sure you have that.

I use a higher encryption strength than the default one but it’s up to you.

05-keys-wizard

4. Click ‘create and setup’ .  Note it takes a few seconds before it prompts you to create a password.  It’s not broken while you are waiting.

5. Choose a password. Don’t lose this password or you won’t get into mom’s computer easily or securely 😉

For me, I chose the exact same password as the user on my mom’s computer so that I could easily remember or log it.  I might even recommend this move to you…

07-user-server

You should now see your new SSH key in the list after pressing ‘setup’

ON THE CLIENT SIDE – REMMINA SETUP

1. Open Remmina (there are two m’s btw)

08-remmina

2. Set up Remmina in the “basic” tab and the “SSH” tab

09-remmina-setup-2

10-remmina-setup-03

3. Click ‘connect’ and you should now be prompted for a password from mom’s host computer for the SSH connection like this:

11-remmina-ssh-connect

4. A few other prompts happen while logging and then you should now be prompted for the VNC connection (the thing that lets you see your mom’s computer screen)

12-remmina-vnc-connection

Done.  You should now be inside mom’s Ubuntu machine and able to do whatever she has permitted you to do in step #2 at the top. In my case, I am able to log in, even when she isn’t around and fix up stuff.

I hope this was helpful and adds yet more value to your Ubuntu life and community.

 

 

Tagged , ,

Leave a Reply

Your email address will not be published. Required fields are marked *