If you ever need to remote control the device of someone, you probably use TeamViewer or AnyDesk. But if I told you that a fully open source solution exists ?
Well there are several solutions but here I will present you the ones that can self-host the server, an advantage for privacy and control.
Introduction
Presenting you MeshCentral. Don’t be fooled with his Windows 7 look !
MeshCentral is a web based application that use multitudes of protocols to manage remote or local devices easily.
You can control remotely the desktop, accessing, uploading and downloading files and launch a terminal into the device.
With group management and advanced permissions control, you can precisely setup accounts with limited access.
There is also the support of two-factor authentication with one time password and YubiKey ! This is the minimum level of security since this software allows you to manage devices.
Protocols
The supported protocols are:
- MeshAgent
- Intel AMT
- SSH, SCP and VNC or RDP named Application
MeshAgent
This is the basic usage of MeshCentral, the agent allow you to access files, terminal desktop and activity of a device locally or remotely through internet.
This agent is an executable file generated by your server for Linux, Windows or macOS. It can be used as a one time access or installed to be persistent. (An Android app also exists)
The agent is preconfigured with all the needed information of the MeshCentral server, so no configuration is needed in the client side.
For the connection to the MeshCentral server, the agent only needs access to the server port for http/https (80/443), so no need to expose or configure exceptions on the client side.
Also, you can ask or warn the user when accessing the computer remotely.
Application
The application connection allows you to use known protocol like SSH or RDP to manage remotely a device without installing an agent.
The only drawback is that you need local access to the machine, or exposed ports on the client side.
The SSH, SCP and VNC combo allow a connection to any device with an ssh server reachable. You have access to the terminal, files and desktop if available.
The RDP option permit the desktop remote control to a Windows machine that allow it.
Intel AMT
This technology is out of my knowledge, but the creator and developer of MeshCentral is an Intel engineer, so MeshCentral is well integrated with this technology.
Router
The router allow you to forward TCP port from a device managed by MeshCentral to your local device.
On Windows and macOS, there is the MeshCentral Router application that give you a nice GUI.
For Linux user, you have to download the MeshCmd (at the bottom of your devices list page) and download the meshaction.txt on a device page to have all the parameters. Edit the local and remote port, generate a token if needed, and you can use the router.
For example, you can establish an SSH or RDP connection from your local computer to a remote device behind MeshCentral without using the web interface.
Conclusion
Personally, I use MeshCentral to manage my two laptops remotely because they can be on any network, so I can’t create easily an access to them.
I also installed a MeshAgent on my dad computer to have an easy control and view when I’m helping him.
I think that MeshCentral is a good software for computer management and support, especially with Intel AMT.
The possibility to ask for user consent before accessing or use an agent only one time is also a great feature for privacy for remote IT assistance.
Honorable mention to an alternative, RustDesk, I hope that the new server version is fully open source and doesn’t need a license.