Remote Access
Remote access empowers you to connect to your servers and devices from anywhere, be it within your local network or on the other side of the world. This eliminates the need for physical presence in the office, offering a far more convenient alternative to commuting.
In this video, I will look at Telnet, Secure Shell, and Remote Desktop Services. All these allow you to access your computers and devices remotely, either from the local network or from the other side of the world.
Telnet
Telnet is a terminal emulator that allows access to a terminal over a network. It essentially provides the same terminal you would get if you were in front of the computer or device. It is important to remember that the network traffic uses port 23 and is plain text.
Terminal communication may also be called TTY after Teletypewriter. Before computers, Teletypewriters were used to send messages over communication lines like dedicated cables and radio waves.
Due to Telnet security concerns, modern operating systems do not include it, so you will need to install it.
I will now open a command prompt and run the following command to install the Telnet feature. Once installed, I will run Telnet followed by the IP address of the Linux computer that I want to access.
Telnet will now connect to the Linux server and display a terminal screen just like you would get if you were physically in front of the computer. Linux has Telnet access disabled by default. For this demonstration I have already enabled it.
I will now enter a username and password. Once logged in, you will find that modern operating systems’ Telnet access will most likely be disabled by default. To demonstrate how insecure Telnet is nowadays, I have been capturing the data transmitted using Wireshark.
Each character of my password was transmitted in a separate packet. When I click on each packet, I can see the letter of my password. You can see why Telnet is not secure at all and why in a modern world it is not used anymore. For the A+ exam, the most important point to remember is that the port number used is 23. If you get a question on it, it will most likely be testing if you know the port number.
Secure Shell (SSH)
To address Telnet not being secure, Secure Shell was developed as a replacement for Telnet. Secure Shell uses a client-server design. The device that you are connecting to is the Secure Shell server. The way it works is a secure channel is created between the two. The Telnet data travels over this secure channel, making it secure.
Although designed as a replacement for Telnet, it can also be used for other protocols like Secure FTP. Secure Shell uses port 22. It is important to remember this port number as you may get a question on it in the exam.
Secure Shell was traditionally used in Linux and Unix-based systems but is now included with Windows. On this Windows computer, I have already installed SSH. It is an optional feature that can be installed.
To connect to my Windows Server using Secure Shell, I just need to enter SSH followed by the IP address. Notice when I connect, I get a message telling me what the fingerprint is for the server. When you first connect using SSH, you should check to make sure that you are connecting to the right server. The fingerprint will be saved by Windows, and you will not be prompted again. If you are prompted, the fingerprint has changed and you should ask the question, how did it change? It is possible the keys on the server have changed or an attacker is pretending to be your server.
I will enter “yes” to continue, acknowledging the fingerprint is correct. If you are not sure, check. Once I enter the password, I will be connected to the server.
Once connected, it will look just like a command prompt running on the local computer. It is easy to get confused with a command prompt running on your computer. Thus, if you are not sure, look for the username at the start of the prompt followed by the computer name. It is very easy, with the command prompt looking very similar, to accidentally run commands on the wrong computer.
PuTTY (Free Open-Source Software)
If you don’t want to use the Microsoft SSH client software, I would recommend PuTTY. PuTTY is free open-source software that runs on Windows as well as other operating systems. PuTTY supports Telnet, Secure Shell, and serial connections. Once you have your session configured the way you want you can save it for future use. I personally prefer it to the command prompt because if I connect to a Windows Server, the title bar is different, giving me a visual indication I am accessing a remote server and not the local command prompt.
I have looked at Windows Secure Shell solutions in this video, but alternative operating systems work the same way. The Secure Shell protocol is an open protocol, and thus it does not matter which operating system you use it on; it will work the same way. Telnet and Secure Shell do not support graphics, so you will not be able to use them to access the desktop.
Remote Desktop Services
Remote Desktop Services allows the desktop to be controlled remotely. The graphics are transferred over the network from one computer to another. This includes sound, printers, and local storage.
Remote Desktop Services was developed by Microsoft but is available on other OSs. It tends to work best with Microsoft products, in my opinion.
Remote Desktop Services uses port 3389. For the exam, you should remember this port number as you may get a question on it.
The protocol is designed to send minimal data over the network and supports compression. Although it is designed to show what is on the other screen, settings can be changed to reduce the amount of data over the network, which reduces the quality but on a slow network makes it more responsive.
Let’s explore how Remote Desktop Services works! I will be using my computer running Windows Server, but remember – Remote Desktop Services allows connections to any compatible computer, not just Windows Server. In this demonstration, I’ll be connecting to a Windows 11 machine. As long as the target computer has Remote Desktop Services enabled, you can connect remotely. This could be useful for accessing your home PC from work, for example, assuming it is set up and your network allows it.
To connect to another computer, I will search for “remote” and select Remote Desktop Connection. This will open Remote Desktop Connection. I will next enter the computer name, which in this case is WS1.
There are a lot of additional options that can be set for Remote Desktop Connection. To see these, I will select the option “Show Options.”
At the bottom, you have the option to save the configuration. If you are planning to connect to the same computer later on, it is worthwhile saving the settings so you don’t have to configure it again. If you are setting up a connection for a user, save the settings so the user can use the saved settings rather than having to configure it themselves.
I will now select the tab “Display.” On this tab, you can set the resolution used for the connection. This is useful to reduce the size if you have a big monitor and want to fit multiple remote desktop sessions on the same screen.
Under this is the option for “Use all my monitors for the remote session.” If you have multiple monitors, the remote desktop session can be displayed using all your monitors; otherwise, it will be limited to just the one monitor.
Under this, I have the option to change the color depth for the connection. Reducing the color depth will significantly reduce the amount of data that needs to be transferred over the connection. If you don’t require good color, you may want to consider changing this setting to make your connection more responsive.
I will next select the tab “Local Resources.” At the top are audio and keyboard controls. These are pretty self-explanatory, so I will not look at them. At the bottom is “Local devices and resources.” By default, printers and the clipboard are shared between the local computer and the remote computer. If you are using Remote Desktop Connection in a secure environment, you most likely want to disable local devices and resources to prevent data from being taken from the secure environment. However, I would recommend this by another method, like using Group Policy; otherwise, the user can change the settings.
I will now press the button “More.” You can see that there are other devices that you can share with the Remote Desktop Connection if you wish. Remote Desktop does not support sharing USB devices over the connection, so if you want to use these devices, you need to select them here assuming that Remote Desktop Connection supports it.
Notice that under “Drives,” you can choose to share drives on your local computer with the remote computer. This includes devices like USB sticks. When you share a drive between the local computer and the remote computer, it appears in Windows Explorer under the redirected drive and folders section. This is not quite the same as accessing the USB drive directly but allows you to transfer files between both.
I will next select the “Experience” tab. Although changing the color depth is one way to reduce data transferring over the connection, there are also other things that you can disable. For example, how smooth the graphics look on the screen and what animations are used when displaying windows. These effects make things look better but do increase the amount of data that is transmitted over the network.
By default, Remote Desktop Connection is set to “Detect connection quality automatically” and will change according to the network conditions. However, you can manually set it if you wish. The lower the connection is set, the more graphical-based options will be disabled, making your experience not as good but more responsive. If you have a slow connection and don’t value the graphics as much as the response time, you may want to consider configuring a lower setting.
At the bottom is the option “Persistent bitmap caching.” When this is enabled, Remote Desktop Connection caches previously transferred images to the local computer rather than downloading them again. This can speed the connection up; however, it does use local storage to store the cache.
I will now press the “Connect” button to connect to the remote computer. By default, the current username will be used. In this case, the computer is part of a domain, so Remote Desktop Connection will default to the domain account. This can cause problems if you want to use a local account rather than a domain account.
To use a different account, I will press “More choices.” Once selected, I will press the option “Use a different account.” To use a local account rather than a domain account, I will enter the computer name followed by a backslash and the user account name followed by the password.
Once I press “OK,” the computer will start connecting to the other computer. I will be prompted with a dialog saying the computer certificate could not be verified. Certificates have not been set up on this network, and thus the certificate cannot be verified. If you get a message like this, if you are going to complete the connection, you need to make sure the computer you are connecting to is the right computer and not an attacker trying to pretend to be that computer in order to steal your usernames, passwords, and data.
I will press “yes” to accept the certificate, and the connection to the remote computer will be initiated. You will notice a window will appear giving me control of the remote computer. I will be able to open applications like I could if I were sitting in front of the computer. Remote Desktop is pretty good nowadays, and thus you will be able to perform most of the functions that you would be able to if you were sitting in front of the computer.
End Screen
So why did the remote desktop go to school? It wanted to improve its desktop management skills. Until the next video, I would like to thank you for watching.
References
“The Official CompTIA A+ Core Study Guide (Exam 220-1101)” pages 207 to 208
Credits
Trainer: Austin Mason http://ITFreeTraining.com
Voice Talent: HP Lewis http://hplewis.com
Quality Assurance: Brett Batson http://www.pbb-proofreading.uk