Secure Remote Access To Machine?

I have a local network of 80 machines, all with Ubuntu 10.04 installed on them. All the machines are connected to a central switch.

I have some contractors that are located overseas. I would like to dedicate each of them a single machine, so that all the work they do will be performed on one of my 'local' machines (through remote access).

Ideally, I'd prefer a secure solution (VPN?) that will allow each of the users to securely connect to a remote machine, view 'X' (meaning, be able to open programs like Evolution, send emails, write documents using Open Office etc) and also open a terminal, run scripts etc. Ideally, the solution should be fast (meaning, I don't want a long delay between every punch on their keyboard to when their screen gets updated) and secure.

I should also have the ability to access the machine they're working on and block their access, in case they're doing something they're not supposed to do.

Is it easy to handle / setup? any idea what the costs are?


The simplest thing to do (requires almost no set-up) is just using SSH to tunnel X connections. SSH can forward your local computer's x-server connection to the remote computer. That way you can run a program on a remote computer but display it's windows locally. The performance isn't too great though. If your contractors are using Windows then they'll need to download Putty and Xming. You can also tunnel VNC over SSH if they have a VNC client, but VNC's performance is even worse.

If you want to minimize the time you are paying your contractors to look a loading screens then you'll probably want to use NX. While X works remotely it's not optimized for non LAN networks. NX fixes this by using compression and getting rid of redundant Xlib calls.

While the NX client is free, NoMachine's NX-server isn't. Luckily, if you don't mind a little work, you can use Google's NX-server NeatX. NX uses SSH tunneling behind the scenes so it is as secure as ssh -X. And doesn't require setting up a VPN.

If your desktop machines are behind a NAT or a proxy though, you'll need to use a VPN.

Setting-up a VPN is a little bit of work though. Luckily I find the community documentation of OpenVPN to be pretty easy to follow.


What you are searching for is a VNC (Virtual Network Computing) Solution.

Ubuntu already has a Programm preinstalle it's called Vino
Other popular Programms are:

  • UltraVNC
  • TightVNC
  • RealVNC

To make this more secure you can use it via SSH ( https://help.ubuntu.com/community/VNC?action=show&redirect=VNCOverSSH )

Another nice and easy Solution is TeamViewer although this might not be the best solution when managing 80 computers. ( http://www.teamviewer.com )

Edit: TeamViewer even has an android client. On a phone it might be a little small but a tablet should be nice.