@stacksofplates said in Remote management of VMs hosted in colocation: @dashrender said in Remote management of VMs hosted in colocation: @stacksofplates said in Remote management of VMs hosted in colocation: @scottalanmiller said in Remote management of VMs hosted in colocation: @stacksofplates said in Remote management of VMs hosted in colocation: @scottalanmiller said in Remote management of VMs hosted in colocation: @eddiejennings said in Remote management of VMs hosted in colocation: Allowing an SSH connection to the managementVM from the Internet I have not tried this approach yet, and it appears more risky than the Screen Connect approach, since SSH to that VM would be open to the Internet. Unless I'm missing some benefit to this approach, I'll not be using it. Use a strong key, lock to your IP. Very safe. Add Fail2Ban, of course. Or add Salt and open/close based on need so it doesn't stay open. Fail2ban doesn't work with keys. But it would work normally with people attacking using non-keys, would it not? Or am I missing something about what it would do? Why would you not require keys? Not making them mandatory defeats the purpose of using them. I think he means - if a hacker is trying to use a password on a system setup to only allow keys - the fail2ban will block those users, or won't it? No. It's dropped before fail2ban even sees it. Oh, makes sense. There is no "attempt" like with a password, it is "already blocked."

@jaredbusch said in I need to control a chromebook with no user interaction: @scottalanmiller said in I need to control a chromebook with no user interaction: Only the Chrome RDP code of which I am aware. You need that everytime right? Yes, I've looked into automating it and couldn't find a way.

@dbeato said in RDS 2016 Remote App issue: @dafyre said in RDS 2016 Remote App issue: @dbeato said in RDS 2016 Remote App issue: @dafyre said in RDS 2016 Remote App issue: @dbeato said in RDS 2016 Remote App issue: I am also leaning to do this: https://social.technet.microsoft.com/Forums/windows/en-US/96cf9ef3-6ec2-4c7a-9e9f-21aeb6ef794d/remote-desktop-collection-is-missing-properties-i-would-like-to-add?forum=winserverTS That's essentially why the powershell script does... So you ran the script and you're still not getting correct RDP files from the RD Web site? yeah, it didn't really work since it is not updating anything on the connection broker. I am going to redo it all... Curious. You mean after I finish redoing it? Just strange that it isn't working. I have Gateway, Web, and Connection Broker on same system here, so that could be part of it.

@scottalanmiller posted here too https://mangolassi.it/topic/16567/dell-machines-unable-to-vpn-due-to-smartbyte-bloatware

@mike-davis said in How MSPs provide their services: @scottalanmiller said in How MSPs provide their services: That's a lot of investment for a system like that. If you have hundreds of customers, it can make sense. But it takes a lot of customers to recoup the lost time into that system. It can work out well for a traditional MSP, but depends on large scale standardization to justify the investment. I don't know about hundreds of customers. The number of end points might be more relevant. For me at about 10 MSP customers I can justify the investment. When you look at the time it takes to set up something like a zabbix server and maintaining a WSUS server vs not having to that helps make it worth it. Missed revenue because you didn't have a system in place to capture every minute hurts. It would be a blend, I'm sure. A single customer with a million end points wouldn't make sense because you'd use more traditional tools in a single customer scenario. And a hundred with only one end point each wouldn't do it either. So some combination of enough end points for volume and enough customers for complexity put together.

@dbeato said in Passing traffic between a remote access VPN and Site-to-site VPN on an Edge Router Lite: @dashrender said in Passing traffic between a remote access VPN and Site-to-site VPN on an Edge Router Lite: @dbeato said in Passing traffic between a remote access VPN and Site-to-site VPN on an Edge Router Lite: @eddiejennings said in Passing traffic between a remote access VPN and Site-to-site VPN on an Edge Router Lite: Thanks to @Dashrender for the assist. It looks like the problem was authentication. I authenticated to the VPN using domain\username rather than using the User Principal Name. Doing the latter allowed me to reach DFS shares. Woops, that's crazy but definitely there is an issue with DNS huh? If the user cannot login with UPN there is an issue with DNS.... As you should be able to use domain.com. User can login with UPN. They were using the old domain\username method rather than UPN, which apparently caused problems with accessing stuff via the DFS namespace.

ListeningOn = ::1, fe80::ad99:8e4d:c356:9939%5, fe80::c0a1:571b:2955:87be%7, fe80::cda4:4841:5bff:7b5c%8, fe80::f902:5ea5:2d74:a154%3 Interesting - the server is only listening on IPv6 addresses. Turns out IPvX filters are for the addresses that are listening (i.e. the local IP on the machine you are trying to remote into). I set a filter like this 10.0.0.1-10.0.5.254 (where my admin machines would live). Unfortunately, since this isn't an incoming filter (that's the firewall's job) this filter wasn't large enough to cover all of my production networks. I had 10.1.0.1-10.1.0.254 that wasn't inside the above range, and of course keep the machine from listening on it's IPv4 (the IPv6 was listening because I just left it wide open - testing, not using IPv6 in general, so left it as default (*)) So tweaking my filter to 10.0.0.1-10.0.5.254, 10.1.0.1-10.1.0.254 solved my problem.

I've only used Remmina and Remote Desktop Viewer. Both seem fine.

@scottalanmiller said in Out of Band Management - does it mean no keyboard at all: @JaredBusch said in Out of Band Management - does it mean no keyboard at all: @scottalanmiller said in Out of Band Management - does it mean no keyboard at all: @Carnival-Boy said in Out of Band Management - does it mean no keyboard at all: Well, I'm glad that's been cleared up. You can probably delete the thread now I don't even know what the original thread was! And that is why you have no concept of what you posted being completely wrong for the context of the thread. Honestly, it is pretty straight forward if you read the first post. https://mangolassi.it/topic/13595/out-of-band-management-does-it-mean-no-keyboard-at-all The first post also contains links back to the thread that @DustinB3403 pulled this from. I was responding the post quoted, though. Which was in the context of the entire thread. If you want to cherry pick something, then clearly, state as much. You did not.

Viscosity is a nice OpenVPN client

@JaredBusch said in Which IT Collaboration / Meeting Tool do you use?: @scottalanmiller said in Which IT Collaboration / Meeting Tool do you use?: @Dashrender said in Which IT Collaboration / Meeting Tool do you use?: Could a FreePBX state be setup with all of features requested? I'm guessing a third party client software would be needed. Of course we have Telegram and Rocket.chat, but those are chat only clients, I think... So missing the rest. That's why Elastix insists on having OpenFire built in. You can do a lot of that stuff with the combination. FreePBX offers a XMPP module. Have not used it for the same reason I have not used OpenFire in Elastix. No one in my current customer base wants an in house only chat platform. Yeah this is the problem, internal only chat is damned near useless.

@Jason said: @gjacobse said: @MattSpeller said: @coliver said: @MattSpeller said: @coliver said: I've had a low success rate with startech devices. They are cheap and when they work they work ok... but most of the time they don't. Even if one had been working fine come in the next day and it doesn't work at all. Exactly my experience, but I will add that the more complicated the product is the lower it's chances of working properly. It's a sliding scale from "meh, yeah, ok" to "possessed by demons" to "complete and utter failure to chooch" At a former job we bought a serial to USB from them for a PLC once... never again. It did funky things and inserted random characters into programs. We returned it for a replacement... the second one didn't work at all. Oh sweet jesus those are the exception. NEVER buy one unless it's straight from these guys. Trust me, I spent years doing electronics engineering programming chips and bit banging http://www.ftdichip.com/Products/Cables/USBTTLSerial.htm Yea,.. there is a lot of fakers that just won't work on those FTI drivers... ugh. The driver has a verification software in the download you can check the chip with though.. in Windows 7 the fake ones would still work I believe. Until FTDI decide to block them again heheh

@BRRABill said in Accessing a Linux Server via SSH: @scottalanmiller said The default of what is to copy, paste and hit return? PUTTY. Be default when you right click something to copy, it copies it and pastes it and then hits return. I guess perhaps just highlighting it copies it? I like the Windows method. No it does not. I thought maybe you were thinking this but did not want to imply it. That's a misunderstanding of what is happening. It only does that IF your Windows environment and your actions are copying a carriage return into the clipboard (which Windows does by default.) This has nothing to do with PuTTY and is all about your Windows desktop AND it only does this if YOU make it happen, it does not do that for the rest of us. We don't copy the carriage return into the clipboard unless we want it. Windows makes this easy to control as a feature, but it is an invisible feature of the Windows environment so if you are not a Windows power user, you might not be aware that there is an interface to it that you are misusing. PuTTY simply does what Windows tells it to do, PuTTY has no default behaviour like you are imagining.

Just an FYI... These instructions also still work on Mint 18 as well.

Looks like SPICE could do it, found this comment on Wikipedia: Xspice The X.Org Server driver for the QXL framebuffer device includes a wrapper script[11] which makes it possible to launch an Xorg server whose display is exported via the SPICE protocol. This enables use of SPICE in a remote desktop environment, without requiring QEMU/KVM virtualization.

@Carnival-Boy Here if you have questions about similarities/differences. Just ping me or email. [email protected]

@Kelly said: That's what the NSA fears most. Being Snowed In. cough I'll show myself out.

@gjacobse I didn't think the NoMachine client was compatible with X2Go.