VNC2me - Secure OpenSource Remote Support solution via SSH

[JDaus]

http://vnc2me.org/

Version History:

• 2/2009 - 0.2 released - complete rewrite
  9/2008 - 0.1 first initial release for public beta testing

VNC2Me is essentually an SSH wrapper for UVNC SC (with VNC server integration to come soon)

VNC2Me homepage
Latest Product and website News (with updates posted there)
VNC2Me Downloads (no need to login, but would appreciate the feedback)

can i get some feedback on its functionality (or lack of) please


FAQ and more to come soon (when time)[/list]

[JDaus]

oh, vista compatability is in the pipeline (on the svn) but as yet untested)

[jameshanley39]

what does this app do exactly?

can't any "application" be used with SSH anyway?
--
jameshanley39

[JDaus]

what does this app do exactly?

can't any "application" be used with SSH anyway?

YES, any application can tunnel through SSH, provided the application only uses specified ports, and only uses TCP.

this application aim to replicate the abilities of showmypc but in an open-source form, and (eventually) with an easy to use builder that walks you through creating your own custom version.



on the to-do list is the following:

• Create Collaboration functionality - which allows multiple viewers to connect to one desktop
  Create a stand-alone tunnelling application that can be installed as a service.
  Modify the UVNC repeater to create and maintain SSH connections, allowing "at-call" connection to regular customers (no customer interaction needed)

of course, all this will take time, so don't expect it all now

[JDaus]

I have updated the SVN, and am looking for people to test the latest version (with support for VISTA), and provide feedback. (PM me for the test file location)

I'm hoping to get the main code implemented into the UVNC SC sometime in the future, any pointers / help with this would be great.

[jameshanley39]

what does this app do exactly?

can't any "application" be used with SSH anyway?

YES, any application can tunnel through SSH, provided the application only uses specified ports, and only uses TCP.

this application aim to replicate the abilities of showmypc but in an open-source form, and (eventually) with an easy to use builder that walks you through creating your own custom version.



on the to-do list is the following:

• Create Collaboration functionality - which allows multiple viewers to connect to one desktop
  Create a stand-alone tunnelling application that can be installed as a service.
  Modify the UVNC repeater to create and maintain SSH connections, allowing "at-call" connection to regular customers (no customer interaction needed)

of course, all this will take time, so don't expect it all now

Not having used showmypc..

I guess you're suggesting that showmypc uses many ports.
and (therefore) is difficult to use with SSH

And I guess you think showmypc is much better than VNC (otherwise, one may as well just use VNC with SSH)

[JDaus]

Not having used showmypc..

I guess you're suggesting that showmypc uses many ports.
and (therefore) is difficult to use with SSH

And I guess you think showmypc is much better than VNC (otherwise, one may as well just use VNC with SSH)

Sorry i didn't explain myself very well i guess ...

Showmypc uses SSH to tunnel VNC through (although they use tightvnc)

the main differences between SMPC (showmypc.com) and vnc2me, is that vnc2me is opensource, uses UltraVNC SC (so therefore by default is more secure, plus can do file transfers), will have support for several different operating systems, will remain opensource (SMPC started as open-source, then went closed source with no reason given)

[JDaus]

Work has started on getting UVNC SC coded to use the latest VISTA alterations, and incorporate several key features from VNC2Me (namely SSH encryption if selected

Work has started on providing functionality on several alternate Operating systems, such as linux and mac OSX.

i recently found a few C# projects that, when combined look good as a way of providing a viewer for .NET capable OS's (such as windows mobile). if anyone with C# experience could start me in the righ direction, that would be great.

[jameshanley39]

still very unclear...

Isn't PChelpware ultra vnc SC, -not open source-

so using your 'complete program' (vnc2me w/ PCHW ultravnc SC) it would be kind of not open source, since it uses PCHW uVNC SC.

And regarding the SSH. Am I correct in saying that this is just built in to save the user from the 'hassle' of doing it manually ?

note- technically, the big advantage is the single click. Since UltraVNC is open source(I think), and (I think) has a reverse connection option(I guess. like RealVNC has that option), and like most things, can be connected to SSH. So it is already a "Secure OpenSource Remote Support Solution via SSH" that lets the end user initiate connection, it's just not single click for the end user..

note2- big advantage of course of ultra vnc over realvnc, is ability of file transfer. Both are open source, so I see the sense of using ultra vnc for this.

[JDaus]

James,
UltraVNC SCII (and SCIII) = opensource (but no longer maintained) its a simplified UVNC server that ONLY does reverse connections (viewer in listening mode)
PCHELPWARE = closed source (due to encryption i think), but free

so, to sum it up, i use UVNC SC (opensource), plink (opensource) and VNC2Me (opensource)
so the solution is opensource

VNC2Me.exe is simply a wrapper application (at this time) that initiates an SSH tunnel (plink), then creates a VNC connection(UVNC SC) through that tunnel.

SSH is just built in to save the user from the 'hassle' of doing it manually

if you have ever tried to talk a technically challenged person through downloading and executing an application over the phone, then imagine trying to explain to them how to:

• Download putty
  setup tunneling in putty (as well as saving the profile)
  login
  starting VNC
  right mouse clicking
  ........... etc ...

yes its to save the "hassle", and the headaches


PM me for the download link, download the app, and take a look, if you don't like it, or don't think its useful, don't use it.
I program for myself, I release the source in the hope that others may find it useful, if you don't find it useful, such-is-life, sorry i couldn't help you.

[jameshanley39]

James,
UltraVNC SCII (and SCIII) = opensource (but no longer maintained) its a simplified UVNC server that ONLY does reverse connections (viewer in listening mode)
PCHELPWARE = closed source (due to encryption i think), but free

so, to sum it up, i use UVNC SC (opensource), plink (opensource) and VNC2Me (opensource)
so the solution is opensource

VNC2Me.exe is simply a wrapper application (at this time) that initiates an SSH tunnel (plink), then creates a VNC connection(UVNC SC) through that tunnel.

SSH is just built in to save the user from the 'hassle' of doing it manually

if you have ever tried to talk a technically challenged person through downloading and executing an application over the phone, then imagine trying to explain to them how to:

• Download putty
  setup tunneling in putty (as well as saving the profile)
  login
  starting VNC
  right mouse clicking
  ........... etc ...

yes its to save the "hassle", and the headaches


PM me for the download link, download the app, and take a look, if you don't like it, or don't think its useful, don't use it.
I program for myself, I release the source in the hope that others may find it useful, if you don't find it useful, such-is-life, sorry i couldn't help you.

thank you, that does explain clearly what it does.

hopefully your explanation will help others too if it wasn't clear to them.

I prob won't be using it 'cos I am content enough with PCHelpware even though it doesn't use tunnelling. You mentioned that PCHW uses encryption though. Sounds secure.

I see the advantage your program has in usability, over manually doing ultra vnc and ssh.

But how about the advantage in function of your package over PCHelpware?

SSH(which your package uses) is I suppose, tunneling+encryption+a sort of tcp port proxy. (encryption being the really big end user advantage that people like - the security)

PCHelpware has the encryption (I think you said).

Is the tunneling+tcp port proxy thing , the main benefit of your program over pchelpware?
That, and the fact that your package is open source.

[JDaus]

Is the tunneling+tcp port proxy thing , the main benefit of your program over pchelpware?
That, and the fact that your package is open source.

I have only ever used pchelpware once, so i don't know how up-to-date it is (ie does it function well with vista), but VNC2me has the following benefits over the SC application:

• SSH encryption allows secure transmition (only improvement over SCII)
  SSH Compression (uses less bandwidth for screen updates, allowing realistic use by dialup users)
  Ease of use (one download can contain both viewer and server)
  Vista updates (disables Aero and other things for duration of session)

Vista updates where successfully tested recently, meaning the beta release is coming closer.

visit http://vnc2me.org for all related news

[JDaus]

New additions:

• New Website (see first post, or my sig)
  Session Timer displayed at end of session (popup msgbox)
  Veiwer Tab now has changes for Collaboration server (radio buttons to select SC or SeRVer (defaults selectable in INI file)
  Website has forum (with FAQ on the way)

as stated in first post, updates are posted on the website regularly, but i will post here when time.

beta version is not far away, have interested parties offering server hosting, so we will see where that leads ...

Documentation (on basic usage, security concerns, etc) is in final stages of completion, and will include links to setting up a SSH server for windows (although i personally have never done this).

[The1stImmortal]

Hi, had a poke at VNC2me and been reading your descriptions etc... looks cool btw

Firstly, from the earlier stuff you seem to be aiming at more of a hosted-style "Connect to my PC from anywhere" product with a potential for hosted accounts. Later on you seem to focus more on the Technician-assiting-user type solution. Which is your primary goal? (I'm assuming the latter)

I see a couple of benefit/drawback tradeoffs of using VNC over SSH. For one, a big one, if your viewer is being connected to via the net (ie, the server/user at one site behind a NAT and the client/technician at another site behind a NAT) then the service you're exposing to the internet is an open SSH port rather than VNC viewer port, and all due respect the the UVNC devels, VNC is first up a remote access tool with security secondary, and SSH(2) is meant to be a security product first and a shell second, so I'd trust an open SSH port more than an open VNC port

With regard to SSH compression, I'm not sure you'd cut bandwidth that much through this - SSH compression I've found to be slightly laggy, and when compressing VNC data... well VNC is generally *already* somewhat compressed, and double-compression isn't very efficient. Add to that the overhead produced by encryption, I wouldn't be surprised if you actually ended up consuming slightly more bandwidth than a straight VNC connection. Not that I'm discouraging you, but be careful about claiming SSH compression's going to make a big difference. Might be worth running some comparative tests to find out (eg simultaneously export the same directly over VNC and over SSH and measure the bytes/sec of each)

BTW, rather than ship multiple binaries etc, and do textual shell calls and IPC, there's a couple of PuTTY-as-library or even OpenSSH-as-library solutions around that might be helpful to consolidate the SSH more into the VNC2ME client package.

Finally, if you're hoping to get this through corporate firewalls at any point, bear in mind that a LOT of corporate firewalls outright block port 22 traffic. Several also actively filter other port connections for SSH traffic and block it. You may need to keep this in mind and allow future expansion to alternative connection methods (such as HTTPS CONNECT tunnelling - which although not ssh is still SSL encrypted). Once again theres a couple of libraries around to implement this. Speaking of which, why on earth doesn't VNC have a standard SSL version anyway?

Finally, make sure you've got a specific SSH server in mind for the other end of the connection, and a guide or preconfiguration examples on how to lock it down to do only VNC traffic. The client machines are going to have a nice easy path to a shell on the vncviewer or middle-man system, and that may not be a Good Thing when you don't 100% trust the clients (after all, they're the ones supposed to be being controlled!)

Cheers,
The1stImmortal

[JDaus]

Hi, had a poke at VNC2me and been reading your descriptions etc... looks cool btw

Thanks, your the first person of a technical nature that has made comments on it in this forum (other then friends, and you cannot believe that they will tell you 100% truths)

Which is your primary goal?

The first Application is a technical support style one, with others on the way (hopefully dependant on the popularity of this) which will incorporate the collaboration, and "connect to site" styles through the use of UVNC server & repeaters respectively

I see a couple of benefit/drawback tradeoffs of using VNC over SSH..... the service you're exposing to the internet is an open SSH port rather than VNC viewer port ...... I'd trust an open SSH port more than an open VNC port

Agreed ... this is a big one, and SSH is the only port i ave open to the net ...

SSH compression - I'm not sure you'd cut bandwidth ... SSH compression I've found to be slightly laggy

Over a lan, the compression adds approx 500 millisecond to a full screen refresh (1280x800 256colors) making it about a second, over the INET, the compression shows its own, with a round trip from AUS to the US and back - full screen refresh taking about 2 seconds ... (thats basically right round the world ...)

compressing VNC data... well VNC is generally *already* somewhat compressed, and double-compression isn't very efficient.

Bandwidth usage is about 2/3 when using compression, but i probably need to make compression optional through an ini setting ... so that those that are using a local server and clients, don't have to spend the time compressing and decompressing ... good thought !!!

BTW, rather than ship multiple binaries etc, and do textual shell calls and IPC, there's a couple of PuTTY-as-library or even OpenSSH-as-library solutions around that might be helpful to consolidate the SSH more into the VNC2ME client package.

I'm interested in this, and have not found any C or C++ dll's, only C# (i don't like .net dependancies), any you can point me towards would be much MUCH appreciated ...

Finally, if you're hoping to get this through corporate firewalls at any point, bear in mind that a LOT of corporate firewalls outright block port 22 traffic. Several also actively filter other port connections for SSH traffic and block it.

Yep, already thought of this (and come accross it in practise), i got around this by making SSH listen on 443 (SSL port) ... but i have never come accross those really REALLY good firewalls yet ... MS proxy (can't recall the name atm) doesn't allow SSH connections anymore (not from putty / plink anyway)

You may need to keep this in mind and allow future expansion to alternative connection methods (such as HTTPS CONNECT tunnelling - which although not ssh is still SSL encrypted). Once again theres a couple of libraries around to implement this.

Finally, make sure you've got a specific SSH server in mind for the other end of the connection, and a guide or preconfiguration examples on how to lock it down to do only VNC traffic.

The client machines are going to have a nice easy path to a shell on the vncviewer or middle-man system, and that may not be a Good Thing when you don't 100% trust the clients (after all, they're the ones supposed to be being controlled!)

this is the primary reason i have not yet setup a public VNC2Me server ... i'm in the process of setting up a VPS with CHROOTED sshd and denying the user shell access ... but this is still in the wings ...

Cheers,
The1stImmortal

thankyou for all your comments, its always good to get constructive critisism, and you put some thought into it a bit before posting comments, so thanks.

[JDaus]

Beta version released
has full vista support, session timers and much more.

visit http://vnc2me.org for full details

[kal10bach]

seems 2 be a little bit tricky getting the beta
login
downloads
beta
*******
VNC2Me SC (Pre-Rolled) Installer

This location is for Registered Users Only.
Please login or Register.
*******
and the story starts again


georg
=/:-)

[JDaus]

Yeh ... probably should ave mentioned that as its a beta, its for registered users only (at this stage anyway)

if there aren't many problems with it, then i will lift the login requirement.

sorry ... forgot to mention this little bit ...

updated first post to reflect current release details

[JDaus]

After two months of beta release, i am having minimal responce (either good or bad), and as such, decided to remove the login to download restriction ... so you will now be able to download without creating an account.

i would like to hear back from anyone who has tried vnc2me in the last two months, to let me know if it worked for you or not ...

[JDaus]

version 0.2.0.0 will be out in a few days time ... this is a complete re-write of the core code, to many bug fixes to count (and probably many bugs introduced in the process)

SVN was updated a few hours ago ...

[JDaus]

its finally out ... 0.2 beta has been released free to download.

I would appreciate people testing this out again, as its a complete rewrite of the app.

[JDaus]

0.2.1 has been released to testers.
0.2.2 will incorporate UVNC SC with limit of 20 (aprox) predefined connections (each able to have individual connection image).

[AngelReign]

the capital differences amid SMPC (showmypc.com) and vnc2me, is that vnc2me is opensource, uses UltraVNC SC (so accordingly by absence is added secure, additional can do book transfers), will accept abutment for several altered operating systems, will abide opensource (SMPC started as open-source, again went bankrupt antecedent with no acumen given

_________________
IP PBX

[JDaus]

the capital differences amid SMPC (showmypc.com) and vnc2me, is that vnc2me is opensource, uses UltraVNC SC (so accordingly by absence is added secure, additional can do book transfers), will accept abutment for several altered operating systems, will abide opensource (SMPC started as open-source, again went bankrupt antecedent with no acumen given

glad to see someone else gets it ... i was a massive fan of SMPC, but when he refused to answer my emails offering assistance and requesting access to latest source, i got rather suspicious. only to find the files had been removed from the project site within a few weeks. he apparently closed the source without telling anyone ... and the site still has no indication of why (besides greed) that was done ...

[lupick]

any new version of vnc2me will be released soon??

[JDaus]

any new version of vnc2me will be released soon??

Yep ... just have to find the time to sit and code ... then i will update with all the latest code changes i have done through scprompt and other things ...

sorry it has been a while, but i have been busy with other things (like work )

[JDaus]

new updates are on their way.

svn code has been updated to latest testing version.

some updates include:

• new mini sc GUI - only when v2msc.exe is only app
  code additions to keep up with scprompt - debuglog, _translate() and much more
  code fixes to better handle errors
  code updates to make ready for servicemode
  disclaimer.html - if present, it creates a new GUI with accept / reject buttons

[B]

Great to hear that VNC2Me is still in active development!

Could you please distinguish between this and SCPrompt for those of us who tend to forget? I know VNC2Me is a bit more ambitious and includes much better security.

Does the new VNC2Me include repeater support (as SCPrompt does)?

[supercoe]

If I remember correctly the biggest difference was that VNC2Me was self aware and had full control of the matrix.

[JDaus]

self aware and had full control of the matrix.

OMG ... ROTFL

scprompt = uvnc sc replacement with extra features.
vnc2me = vnc over ssh tunnel.