Differences

This shows you the differences between two versions of the page.

--- remote_assistance [2024/04/02 23:09] – steve
+++ remote_assistance [2025/10/02 23:27] (current) – steve
@@ Line 67: / Line 67: @@
 mkdir -m 0700 -p ~/.ssh
 cp /mnt/AssistanceKey ~/.ssh/
-chmod 0600 .ssh/AssistanceKey
+chmod 0600 ~/.ssh/AssistanceKey
 cp /mnt/AssistanceKey.pub ~/.ssh/
-chmod 0644 .ssh/AssistanceKey.pub
+chmod 0644 ~/.ssh/AssistanceKey.pub
-cat .ssh/AssistanceKey.pub >> .ssh/authorized_keys
+cat ~/.ssh/AssistanceKey.pub >> ~/.ssh/authorized_keys
-chmod 0644 .ssh/authorized_keys
+chmod 0644 ~/.ssh/authorized_keys
 mkdir ~/bin
 cd ~/bin
 # The construction below creates a file (adminaccess.service) and then cats
 # everything to it until it matches the string 'EndOfText'. The dash strips
-# out the leading tab that was added to make this easier to read.
+# out the leading tab that was added to make this easier to read. The "$(whoami)"
+# returns the user you're logged in as, and this is the user that will get assistance.
 cat <<- EndOfText > adminaccess.service
 	[Unit]
@@ Line 104: / Line 106: @@
 	WantedBy=multi-user.target
 EndOfText
 chmod a+x adminaccess.service
 sudo cp adminaccess.service /etc/systemd/system/adminaccess.service
 echo "Added adminaccess.service (1)" | Log
-cat <<- 'EndOfText' > Help
+# Script below is a helper to enable the service, the "'" around EndOfText makes
+# The variables remain as variable instead of expanding.
+cat <<- 'EndOfText' > Steve
 	#!/bin/bash
 	# This script connects to cyli.org for assistance, opening
@@ Line 124: / Line 129: @@
 	esac
 EndOfText
-chmod a+x Help
+chmod a+x Steve
-echo "Added Help (2)" | Log
+echo "Added Steve script (2)" | Log
 EndOfScript
@@ Line 137: / Line 142: @@
 It should create a folder or two, and a script to use to make the tunnel.
-When the user needs assistance, have them run the 'Help' command, then, on your server, do the following;
+When the user needs assistance, have them run the 'Steve' command, then, on your server, do the following;
 <code>
 sudo su - secretuser
 # You need access to the keys.
-ssh -i ~/.ssh/AssistanceKey -p 2223 <remote users login>@localhost
+ssh -i ~/.ssh/AssistanceKey -p 2223 <remote user login@>localhost
 # This should log you in to their machine, as them.
 # Do what you need to do to fix any issues, have the user verify the work, then;
-Help q
+Steve q
 # To shut down the session, or use 'logout' if you may need to reconnect.
-# Until you run 'Help q' or 'Help x', the tunnel will persist, through restarts of either end.
+# Until you run 'Steve q' or 'Steve x', the tunnel will persist, through restarts of either end.
 </code>
@@ Line 152: / Line 157: @@
 <code>
 Host Betty
-Hostname localhost
+    Hostname localhost
-Port 2223
+    Port 2223
-User betty
+    User betty
-ForwardX11 yes
+    ForwardX11 yes
-IdentityFile ~/.ssh/AssistanceKey
+    IdentityFile ~/.ssh/AssistanceKey
 </code>
 Then, when Betty calls needing assistance, all you need to type is 'ssh Betty'.
-A nice thing to do, create an entry in /etc/sudoers.d/Help
+Another nice thing to do, create an entry in /etc/sudoers.d/Steve
 <code>
 Cmnd_Alias SystemCTL = /usr/bin/systemctl
@@ Line 169: / Line 174: @@
 Note that the connections can be made as any user that has those keys, so if you copy AssistanceKey from secretuser to your own ~/.ssh/ then you shouldn't need to become another user.
-Another nice thing to do is to set up a [[Shared 'screen' session]] on the Assisted user's machine, it could even be set up as part of the 'Help' command to automatically connect the Assisted user to that screen. Maybe even close out the session when they press Ctrl-D.
+Another nice thing to do is to set up a [[Shared 'screen' session]] on the Assisted user's machine, it could even be set up as part of the 'Steve' command to automatically connect the Assisted user to that screen. Maybe even close out the session when they press Ctrl-D.