remote helpdesk, remote rescue and VPN/ssh
I've done a few experiments with remotely helping users who boot into a
Live desktop environment and also using a Live disc as an alternative to
a lights-out card, booting a broken server to remotely change
partitioning, boot manager, etc
This has been done with both ssh and strongSwan IPsec. In most cases,
both means of connectivity have worked for a range of different users.
Debian Live has made this very easy.
Has anybody implemented or documented anything like this in a more
formal manner, either for Debian Live or related systems?
One document I came across is here:
http://security.utexas.edu/consensus/How_To_UTIRD2.pdf
Some of the additional things that come to mind (not covered in my own
build or that PDF)
- making it easier for the person booting a broken server to manually
enter the IP and test network settings before the remote admin takes
over the box (currently the local user has to add ip=eth0:X:Y:Z to the
kernel command line)
- dynamically trying to discover IP and proxy settings by analysing the
local disk (if one exists)
- making the ssh tunnel work through a proxy using HTTP CONNECT
Reply to: