Remote access audit
With qbee.io the same security mechanism that is used for metrics and configuration management can also be used for remote console access. The tool has a build in web based remote console for ssh. This enables a quick way to access remote devices like Raspberry Pis or odroids, even behind a firewall.
In addition to that we offer a local client called qbee-connect that allows to tunnel any port or protocol via https into a local browser through an integrated VPN. This allows you to access SCADA systems, configuration tools or node-red instances as if they were running on your local machine. Get ssh access through your local terminal or make all your units available to Ansible with our connector. qbee-connect runs on all major desktop platforms like Linux, Mac OS X and Windows. It can be downloaded from the packages menu.
Use qbee for quick web based ssh access. Or use the power of qbee-connect to map any remote port to your local machine. This could be http (80), https (443), Node-Red (1880) or even a connection from a remote VNC server that is securely mapped to the VNC viewer on computer. In a demo we even ran a Minecraft server on a RPI over this.
Now all remote access is logged in the audit trail
We just introduced a new feature. All remote access through qbee, either via the web console or qbee connect will be logged with who and to what device. In the user settings an administrator can define who should be allowed to have remote access. This way, assuming that all other ports are closed, it is possible to identify when and to what device a remote access attempt has been made and it even logs who it was.
This example maps a Node-Red Scada system to localhost on your local machine.
Here we use VNC to map a remote VNC server to a local machine: