i’ve been using it to support friends and works very well, the weird part is that i have access to those computers at anytime if they’re on, without settings available to require the user’s permission! it seems quite invasive. because of this i have instructed them to block/remove it until it’s needed again
before this, what would people use to access Windows desktops from Linux? i know about VNC but didn’t find a client for both
anydesk is fairly popular afaik and cross platform, just not FOSS. I used to use it to control my steam deck from my Windows PC. One major upside is anydesk requires the user to accept a connection before control is handed over
i forgot about that criteria, being FOSS. i’ve used AnyDesk before, but avoid doing so now.
i’ve also used Remmina, but some of the people i support use Windows Home edition, which doesn’t include an RDP server. i don’t kbno if i could use it with VNC
I’ve tries it for a while and there were configuration issues, including being unable to lock it down securely so people don’t start sharing screens with griefers. It’s still on the radar since I honestly hate keeping TV on the network.
Do you know how it compares to NoMachine, Any Desk, or Team Viewer for speed over a LAN connection? I’ve tried all three in the past, and get slowdowns every now and then, even if the network is fine.
I’ve found that VNC can have some slowdowns, but it seems to be faster than the others I mentioned. I can’t remember why I switched away from it now though.
It sounds like it’s worth giving Rustdesk a try, so that might be my next project :)
Honestly I mean this in the nicest way but the commercial version really doesn’t interest me. I think Rustdesk should just have a SaaS that is just the normal server hosted by them for a fee. If they could bundle some sort of support into into it we would be golden.
Backup on different levels, one of my clients who I would say has similar ifrastructure uses following approach:
backup on the vm level - backing up snapshot of the entire virtualization guest - at least once a week, always before update/upgrade. These can be big - consider ZFS pool w/ compression and deduplication active - but that is also hw intesive. On the other hand, I don’t think you need to keep more than last two successfull backups.
filesystem level - run rdiff-backup against the / of the filesystem several times a day. SInce it is essentially versioning, you are only backing up new changes. No zetabyte needed here, ext3/4 will do.
drop database somewhere ideally several times a day - even if there are no incidents, your developers will love you.
The recovery strategy is as follows:
pull the guest out of the last vm backup
sync up the files from last rdiff-backup run
discuss w/ the developer DB recovery - or just recover the last backup and hope for the best…
While it’s true that “It depends on your business needs”, most often I’ve seen backup schemes which work on a minimum of a daily backup of most data. For example, on a larger, busier system, it might have a full backup done over the weekend when the system isn’t as busy and therefore has a lower business impact. Then daily differential backups are done each night. For smaller systems, it might just be a full backup of critical data every night.
For highly active, critical SQL databases, I’ve also seen this extended where the a full backup was done of the database weekly, with differential backups done nightly and transaction log backups done every 15 minutes. This obviously had full transactional logging turned on for the critical databases.
As a concrete example, on my home “server” (desktop with delusions of grandeur), the main data partition is running on ZFS with snapshots taken every 15 minutes, hourly, daily, weekly and monthly. The 15 min. snapshots are kept for an hour. Hourly snapshots are kept for 24 hours. Daily snapshots are kept for 31 days. Weekly snapshots are kept for 8 weeks. Monthly snapshots are kept for 12 months. There’s a bit of overlap in the daily and weekly schedules, as those are most likely to cover my arse from an “oops” factor.
The downside of the snapshot setup is that it doesn’t provide disaster recovery. And, I’ll admit, for my home stuff I haven’t gotten around to sorting this out. Ideally, I should be taking a weekly backup, compressing and encrypting it and pushing it to a cloud service somewhere. Laziness has meant that hasn’t been done yet.
Most VMs backed up daily, depending on how vital then stored for anything from 3 days - 30 days. Few machines are backed up 3 times a week cause they’re tests servers and we’ll take snapshots as and when they’re getting actively used. Finally a couple of machines are backed up 6 hourly for data relevancy.
Everything replicated to a second backup server off-site and have a hardened repo for immutable backups.
Storage arrays: hourly snapshots stored for 24 hours, daily snapshots stored for one week.
Longer term stored in veeam on a different array, those are taken daily and stored for 30 days typically. Sometimes longer archival copies if the business needs.
Bare metal usually daily
We also replicate all data live up to the cloud, for DR. (windows dfsr)
In all honesty of you are in a commerical environment and scale where PCI and mesh VPNs are cropping up you should consider hardware firewalls.
FortiNet has FortiGate ADVPN as part of the base image and no extra licenses required. If you include the licenses you can get PCI reports from the FortiGate.
Juniper has SRX mesh, don’t go for the cisco tax of DMVPN, Palo Alto has LSVPN
I am actually managing a bunch of locations with only 1-3 people at each. Full firewalls feel overkill but maybe there is a middle ground. I’ve actually considered openWRT with ansible but keeping openWRT updated is a pain in the ass.
For now I’ll just stick with Tailscale and some sort of management software.
Sysadmin
Hot