Yet Another REmote Support Tool
Project description
A simple system in Python to tunnel VNC over SSH.
YAREST was designed, and written, to help those who help others.
This software is geared primarily towards technical providers that are looking for a customizable cross-platform solution. To use the system an SSH server is required; if you can comfortably setup and manage one or more servers that are used purely for authentication and TCP forwarding by both your technicians and end-users, then this software may be of service to you.
Features
Extremely simple GUI for both your end-users and technicians
Core yarest package exports all of the functionality independent of the GUI
Usable with absolutely any VNC variant
Requires only outbound connectivity for both technician and end-user when the SSH server is on a 3rd machine
Supports multiple “connection profiles” to enable use of multiple SSH servers
Supports executing your own custom code during sessions via the “SupportExtender” interface
Includes an NSIS installer for Windows that can download and install all the necessary Python dependencies
How It Works
Provider = Person who is giving remote support
Consumer = Person who is receiving remote support
Server = SSH server that both Provider and Consumer can connect to
Provider Initiated (default)
Provider connects to Server, reverse forwards random internal server port to local VNC port, starts VNC viewer in listen mode bound to “localhost:VNC port”.
Provider gives random server port number (“access code”) to Consumer.
Consumer connects to Server, forwards local VNC port to remote server port, starts VNC server in reverse connection mode bound to “localhost:VNC port”.
Server receives the connection request from Consumer, forwards it over to Provider, then Server routes the VNC conversation between the two tunnels until either side ends the support session.
Consumer Initiated
Consumer connects to Server, reverse forwards random internal server port to local VNC port, starts VNC server in listen mode bound to “localhost:VNC port”.
Consumer gives random server port number (“access code”) to Provider.
Provider connects to Server, forwards local VNC port to remote server port, starts VNC client in regular connection mode bound to “localhost:VNC port”.
Server receives the connection request from Provider, forwards it over to Consumer, then Server routes the VNC conversation between the two tunnels until either side ends the support session.
SSH Server Security Considerations
Only the main SSH port needs to be accessible on any server(s) used, and ideally such is the only port open on any server(s) firewall(s).
Unless you have a need otherwise, the simplest option is usually to chroot the entire SSH server to the bare-minimum environment.
If you do need the SSH server for other purposes, then setup groups for your technicians and end-users and confine them to their own chroot environments.
Dependencies
Python >= 2.6 (Tested with 2.6 and 2.7, untested on 3.x)
Paramiko >= 1.7.4
pycrypto (Required by paramiko)
configObj (Tested with 4.7.2)
psutil (Tested with 0.4)
wxPython (Tested with 2.8.10) [Only required by the yarest.gui package]
setuptools [If you don’t have it already we’ll install the included Distribute]
Installation
Providers should consider creating their own simple installation package to automate these steps and include their own pre-configured profile(s). On Linux that could be done an infinite number of ways, for a countless number of distros, so nothing is provided beyond this documentation. On Windows the included NSIS installer should be a good starting point for most needs.
Steps for a functionally complete installation are as follows:
On Linux:
Install the desired VNC variant, if unsure use x11vnc if you’re the consumer (getting remote help) or vnc4viewer if you’re the provider (giving remote help); your distribution most likely has packages.
On Debian (as root):
apt-get install x11vnc
-or-
apt-get install vnc4viewer
Install the dependencies that setuptools cannot fulfill, these are Python, pyCrypto and wxPython; your distribution has packages.
On Debian (as root):
apt-get install python2.6 python-crypto python-wxgtk2.8
Optionally install additional dependencies so setuptools doesn’t have to.
On Debian [“Squeeze” or later] (as root):
apt-get install python-configobj python-paramiko
Download the yarest source distribution zip and extract it somewhere, in the following we assume the extracted folder is “/tmp/yarest-0.3.0”.
Open a root terminal and change to that folder: cd /tmp/yarest-0.3.0.
In the same terminal: python setup.py install.
Upon completion an executable script yarest is created.
yarest –help will list the available command line options.
To use the program you need one or more “connection profiles”, if you don’t have a profile it will simply prompt you to create one.
The “examples” folder in the source distribution contains a “profiles.ini” file with samples that you should be able to adapt for your own use.
On Windows:
Install a usable VNC variant, such as UltraVNC which you can download from:
http://www.uvnc.com/downloads/ultravnc.html
When installing you need the “VNC Viewer” if you’re the provider (giving remote help), or the “VNC Server” if you’re the consumer (getting remote help). Do not select the option to install the “VNC Server” as a service.
Download and install either the “consumer-win32.exe” or “provider-win32.exe” pre-built binary from the YAREST home page:
http://code.google.com/p/yarest/
The installer is made with NSIS and accomodates the most common scenarios; i.e. Windows computers with either 0 or 1 usable Python runtimes installed. If any runtime is found it’s always used, otherwise we download and install.
The installer has been tested with runtimes from the standard python.org distribution, whether it works with any other Python flavor is untested.
Anyone willing to dive into NSIS should be able to modify it easily enough, see the included “README.txt” in the installer folder for the basic steps.
The installer creates a shortcut in the “Start Menu” to run YAREST.
To use the program you need one or more “connection profiles”, if you don’t have a profile it will simply prompt you to create one.
The installer creates an “examples” folder under the installation folder (default:”%PROGRAMFILES%\YAREST\examples”) and within that folder is a “profiles.ini” file with samples that you can adapt for your own use, as well as an “ultravnc.ini” file that you can use as the configuration file for UltraVNC (To use the config file it needs to be moved to the UltraVNC installation folder, which is “%PROGRAMFILES%\UltraVNC” by default).
Bugs
Can be submitted via the issue tracker.
Changelog
0.3
Release date: 17-Dec-2011
Initial public release
0.4
Release date: 24-Jan-2012
Added the option to allow the consumer to initiate the support session.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.