0.5.0 MIT/X Consortium License    
4.0/5 1
Yet Another REmote Support Tool





YAREST is a simple custom system in Python to tunnel VNC over SSH.

YAREST was designed, and written, to help those who help others.

i originally wrote this for a friend, and i'm placing it here just in case it might be useful to anyone else. As i am not a programmer by trade, and my Python experience until now was limited to simple scripts written for my own sysadmin needs, this should definitely fall into the category of BETA software.

This software is geared primarily towards technical providers that are looking for a customizable cross-platform solution. To use the system an SSH server is required; if you can comfortably setup and manage one or more servers that are used purely for authentication and TCP forwarding by both your technicians and end-users, then this software may be of service to you.

Included in this package is hopefully enough for any astute technical provider to create their own pre-configured solution that can be deployed to their end-users. To that extent some pre-built binaries are available for you to download and try out on Windows, and Installation instructions are provided to help you get a completely functional setup on Windows or Linux (any POSIX system really). As i don't have access to any OS X system, no such install instructions are provided, however this software should work on OS X as well and the overall install process is surely similar to the POSIX install.

The provided Windows installer downloads are intended simply as demonstrations, ideally you as the provider would modify the included NSIS installer script and/or create your own simple install routine to automate the basic setup requirements. With that said, this package is usable as-is for anyone willing to perform the basic install steps manually on each computer, which really only takes a few minutes per machine (once you've done it a few times).

How It Works

- Provider = Person who is giving remote support

- Consumer = Person who is receiving remote support

- Server = SSH server that both Provider and Consumer can connect to

1. Provider connects to Server, reverse forwards random internal server port to local VNC port, starts VNC viewer in listen mode bound to "localhost:VNC port".

2. Provider gives random server port number to Consumer (we label it the "access code").

3. Consumer connects to Server, forwards local VNC port to remote server port, starts VNC server in reverse connection mode bound to "localhost:VNC port".

4. Server receives the connection request from Consumer, forwards it over to Provider, then Server routes the VNC conversation between the two tunnels until either side ends the support session.

SSH Server Security Considerations

Only the main SSH port needs to be accessible on any server(s) used, and ideally such is the only port open on any server(s) firewall(s).

Unless you have a need otherwise, the simplest option is usually to chroot the entire SSH server to the bare-minimum environment.

If you do need the SSH server for other purposes, then setup groups for your technicians and end-users and confine them to their own chroot environments.
Last updated on July 4th, 2012

0 User reviews so far.