Secure remote connections to Family machines and my own servers is always an interesting tech problem. While there are many options out there for achieving remote connectivity, i'm a huge fan of the ones which involve the least amount of interaction from the remote user.
Remember this is my journey, i've written this as a guide for myself and it might help others. If your setup isn't the same or you break your system because you just copied and pasted things without understanding what you are doing. Welcome to Linux.
This is not a personal afront against your beliefs. I'm open to opinion and grown up discussion, but cannot be bothered with trolls.
Also I know I can't spell and my grammar is terrible, you don't need to tell me.
I do not work for, am affliated with, or make any money from RealVNC
For a long time the answer to this was Teamviewer, I had a free account and immediate access to Family computers when they had problems. Its cross platform, supported on Windows, Linux and OSX and I can access the remote systems from my Phone, Tablet, Laptop whatever device I had with me.
This solved the family support and remote access to my Windows server problem for a very long time.
Then Teamviewer started cracking down on people like me making use, probably more than I should have of the "free tier" and booted me off the service.
I have a long conversation with thier head of sales because I had no moan about them doing what they did, they need to make money, my issue was with the cost of thier service. It had at the time no entry level package 10 machines for £10 a month sort of thing.
As the cost of entry was prohibative, we parted ways and I started looking for other low cost options.
For a while I used NoMachine's NXServer and it works quite well internally, the free tier however I personally found to be a bit troublesome trying to access my internal servers over the internet. Port forwarding, multiple ports, no obvious reverse proxy option..
There are a lot of positives internally, its quick, it renders well, its autodiscover is good
I was still looking for the solution which best suited me, and I've found it with VNC Connect.
- Internet accessible Servers and Desktops
- Easy setup
- Cross platform
- Cloud based management
So lets get a few raised eyebrows out of the way out of the gate
This is not the usual RealVNC setup the same way for local usage the same way i've just described NXServer above.
This is (as a linux user) a different set of software packages to the standard remote desktop software you'd install to enable remote desktop access on a Linux or Mac desktop.
The server software can be downloaded for various platforms.
Once installed the server software connects during config with your VNCConnect Cloud account
This cloud account is setup on https://manage.realvnc.com/en/ and when you set it up, remember to add 2FA as part of the login
A free account provides the ability to connect to 5 machines which you can manage from the web interface as well as account options, grouping, and user access.
Access to the machines which are running the VNC Connect server is achived via the VNC Connect Client which is available on a lot of different platforms.
Once installed on the platform of choice the viewer will (as the name suggests) provide you access to the devices your admin has allowed you access to.
So for ease of install it's a package which installs on the platform of choice.
The centralised cloud based management makes this simple to get access over the internet. The Server packages talk over TLS to the RealVNC Connect servers.
This is a cross platform solution in what can be run as a server or viewer
so that just leaves the security question..
While looking into this, I did find a disturbing article
Which while didn't have RealVNC listed because the softwware wasn't put forward as part of the possible expliot, the research I did seemed to imply that these expliots are "limited" to setups more like the one I had with NXServer where the server and internet connectivity is managed by the user.
On the RealVNC site they do have the following link:https://help.realvnc.com/hc/en-us/articles/360002478311-Are-there-any-known-security-vulnerabilities-#cve-2013-6886-no-remote-threat-local-access-required--0-0
This has a few I'd really be interested in thoughs on the security around RealVNC Connect specifically.
RealVNC Connect is a simple to setup replacement to Teamviewer, and while it doesn't have some of the festures of Teamviewer the core remote desktop is well presented and genuinily quick over the internet. I like the security as its suggested through the install with 2FA and password protection.