Merge branch 'master' of https://github.com/Ylianst/MeshCentral
@ -1,4 +1,10 @@
|
|||||||
Youtube video about websockets: https://youtu.be/3vI4URd3VzU
|
## Websockets Video
|
||||||
|
|
||||||
|
<div class="video-wrapper">
|
||||||
|
<iframe width="320" height="180" src="https://www.youtube.com/embed/3vI4URd3VzU" frameborder="0" allowfullscreen></iframe>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
## Enabling trace in your browser Dev Tools
|
||||||
|
|
||||||
`Trace=1` as a parameter in chrome dev tools for debugging
|
`Trace=1` as a parameter in chrome dev tools for debugging
|
||||||
|
|
||||||
@ -26,7 +32,7 @@ If you want to change node to meshcentral in journalctl, add this to /etc/system
|
|||||||
SyslogIdentifier=meshcentral
|
SyslogIdentifier=meshcentral
|
||||||
```
|
```
|
||||||
|
|
||||||
## Logging it all
|
## Server: Logging it all
|
||||||
|
|
||||||
To log everything that's possible, prepare the log directory.
|
To log everything that's possible, prepare the log directory.
|
||||||
|
|
||||||
@ -89,6 +95,8 @@ obj.fs.writeSync(obj.xxLogFile, new Date().toLocaleTimeString() + ' - ' + source
|
|||||||
|
|
||||||
`log.txt` will now log everything in the Trace tab, but not formatted as nice.
|
`log.txt` will now log everything in the Trace tab, but not formatted as nice.
|
||||||
|
|
||||||
|
## Restricting server to specific IP(s)
|
||||||
|
|
||||||
When doing debugging on my development server, I use this line in the settings section to block all agent connections except the agent I want:
|
When doing debugging on my development server, I use this line in the settings section to block all agent connections except the agent I want:
|
||||||
|
|
||||||
```
|
```
|
||||||
@ -97,9 +105,10 @@ When doing debugging on my development server, I use this line in the settings s
|
|||||||
|
|
||||||
Of course, this is just for debugging.
|
Of course, this is just for debugging.
|
||||||
|
|
||||||
|
|
||||||
## Finding system ID types
|
## Finding system ID types
|
||||||
|
|
||||||
<https://serverurl/meshagents>
|
<https://serverurl/meshagents> aka trying figure out what this is
|
||||||
|
|
||||||
|
![ID](images/determine-id.png)
|
||||||
|
|
||||||
## General server statistics related
|
## General server statistics related
|
BIN
docs/docs/meshcentral/images/determine-id.png
Normal file
After Width: | Height: | Size: 19 KiB |
BIN
docs/docs/meshcentral/images/user_tokens1.png
Normal file
After Width: | Height: | Size: 203 KiB |
BIN
docs/docs/meshcentral/images/user_tokens2.png
Normal file
After Width: | Height: | Size: 166 KiB |
15
docs/docs/meshcentral/tokens.md
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
# 14.1 Tokens
|
||||||
|
|
||||||
|
## User Tokens
|
||||||
|
|
||||||
|
![User Tokens 1](images/user_tokens1.png)
|
||||||
|
|
||||||
|
![User Tokens 2](images/user_tokens2.png)
|
||||||
|
|
||||||
|
## Software Integration Tokens
|
||||||
|
|
||||||
|
Currently, the login tokens in the user manual section 14.1 can't be tracked, deleted or revoked. They are generated with:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
node meshcentral --loginTokenKey
|
||||||
|
```
|
@ -5,5 +5,5 @@
|
|||||||
## Video Walkthru
|
## Video Walkthru
|
||||||
|
|
||||||
<div class="video-wrapper">
|
<div class="video-wrapper">
|
||||||
<iframe width="320" height="180" src="https://www.youtube.com/embed/xfN3YbY6t7E" frameborder="0" allowfullscreen></iframe>
|
<iframe width="320" height="180" src="https://www.youtube.com/embed/AzdKyzqmpIs" frameborder="0" allowfullscreen></iframe>
|
||||||
</div>
|
</div>
|
||||||
|
BIN
docs/docs/meshrouter/images/download-link.png
Normal file
After Width: | Height: | Size: 212 KiB |
BIN
docs/docs/meshrouter/images/login.png
Normal file
After Width: | Height: | Size: 453 KiB |
BIN
docs/docs/meshrouter/images/port_maps.png
Normal file
After Width: | Height: | Size: 274 KiB |
BIN
docs/docs/meshrouter/images/port_maps2.png
Normal file
After Width: | Height: | Size: 196 KiB |
BIN
docs/docs/meshrouter/images/port_maps3.png
Normal file
After Width: | Height: | Size: 220 KiB |
@ -7,3 +7,136 @@
|
|||||||
<div class="video-wrapper">
|
<div class="video-wrapper">
|
||||||
<iframe width="320" height="180" src="https://www.youtube.com/embed/BubeVRmbCRM" frameborder="0" allowfullscreen></iframe>
|
<iframe width="320" height="180" src="https://www.youtube.com/embed/BubeVRmbCRM" frameborder="0" allowfullscreen></iframe>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
## Downloading
|
||||||
|
|
||||||
|
MeshCentral router is a Windows application that comes built-into the MeshCentral server or can
|
||||||
|
be downloaded at: <http://info.meshcentral.com/downloads/MeshCentral2/MeshCentralRouter.exe>
|
||||||
|
|
||||||
|
It’s probably best to use the MeshCentral router that comes with your version of the MeshCentral
|
||||||
|
server as the two will likely be most compatible. A given MeshCentral Router version may not
|
||||||
|
work with any MeshCentral server versions. On MeshCentral, you can download MeshCentral
|
||||||
|
Router with this link:
|
||||||
|
|
||||||
|
![Download](images/download-link.png)
|
||||||
|
|
||||||
|
_The router link will only show up on Windows browsers._
|
||||||
|
|
||||||
|
## Login
|
||||||
|
|
||||||
|
MeshCentral router will need to login to your MeshCentral server just like any browser. You can
|
||||||
|
do this by entering the server name and account username and password. Depending on your
|
||||||
|
server and account situation, you may see some or all of the following screens.
|
||||||
|
|
||||||
|
![Login](images/login.png)
|
||||||
|
|
||||||
|
If the second factor authentication is required, MeshCentral Router does not support hardware
|
||||||
|
keys (WebAuthn), but does support the YubiKey™ OTP.
|
||||||
|
|
||||||
|
## Creating Port Maps
|
||||||
|
|
||||||
|
Once logged in, you can start adding port maps using the “Add Map…” and “Add Relay Map…”
|
||||||
|
buttons on the bottom right. You can then create a map and open the associated application
|
||||||
|
using the “Open…” button and remote to port map using the “Remove” button.
|
||||||
|
|
||||||
|
![port_maps](images/port_maps.png)
|
||||||
|
|
||||||
|
There are two different types of ports mappings. A normal port map and a relay port map. A
|
||||||
|
normal port map will route packets to the selected destination computer that is running the mesh
|
||||||
|
agent as shown here.
|
||||||
|
|
||||||
|
![port_maps](images/port_maps2.png)
|
||||||
|
|
||||||
|
A relay port map will route traffic thru the server and thru the remote agent to a target IP address
|
||||||
|
on the remote agent’s network as shown here.
|
||||||
|
|
||||||
|
![](images/port_maps3.png)
|
||||||
|
|
||||||
|
Note that all traffic is encrypted using TLS from MeshCentral Router to the MeshCentral server
|
||||||
|
and from the server to the MeshAgent. The server and the agent do have access the traffic so it’s
|
||||||
|
recommended to use port mappings to tunnel data that is also encrypted for that end-to-end
|
||||||
|
encryption is assured.
|
||||||
|
|
||||||
|
## Command Line Arguments
|
||||||
|
|
||||||
|
MeshCentral router can be run with command line arguments to make it quicker and easier to
|
||||||
|
use. The arguments range from debugging to being able to quickly login and setting up port
|
||||||
|
maps.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
-debug
|
||||||
|
```
|
||||||
|
|
||||||
|
Causes MeshCentral Router to generate a “debug.log” dump file that can be useful for
|
||||||
|
debugging.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
-host:<hostname>
|
||||||
|
-user:<username>
|
||||||
|
-pass:<password>
|
||||||
|
-ignorecert
|
||||||
|
```
|
||||||
|
|
||||||
|
This set of command line arguments make logging into the MeshCentral server easier. Note that
|
||||||
|
specifying the password using a command line argument may not be secure as the command
|
||||||
|
shell can record the password in the command history. The “ignorecert” argument is not
|
||||||
|
recommended as it’s going to cause MeshCentral Router to ignore untrusted server certificates.
|
||||||
|
This should only be used for debugging.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
-map:<protocol>:<localport>:<computername>:<app>:<remoteport>
|
||||||
|
```
|
||||||
|
|
||||||
|
The “map” argument will automatically create a network map once MeshCentral Router is logged
|
||||||
|
In. The protocol must be “TCP” or “UDP, the local port can be 0 for any. The computer name is
|
||||||
|
the server-side name of the computer, if many computers have the same one, one of them will be
|
||||||
|
selected. The app can be empty for a custom application, or can be “HTTP”, “HTTPS”, “RDP”,
|
||||||
|
“PuTTY” or “WinSCP”. For the UDP protocol, no apps are currently supported so it should be left
|
||||||
|
blank. For example you can use:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
-map:TCP:0:"MyComputer":HTTP:80
|
||||||
|
-map:UDP:1235:"MyComputer"::1234
|
||||||
|
```
|
||||||
|
|
||||||
|
The first example will map a random local port to port 80 of “MyComputer” and is expected for
|
||||||
|
use with HTTP traffic. The second example maps local UDP port 1235 to port 1234 on
|
||||||
|
“MyComputer”. It’s best for the computer name to be in quotes.
|
||||||
|
|
||||||
|
In addition to port mapping, you can also setup relay maps where a remote computer is used as a
|
||||||
|
traffic relay like this:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
-relaymap:<protocol>:<localport>:<computername>
|
||||||
|
:<app>:<remoteip>:<remoteport>
|
||||||
|
```
|
||||||
|
|
||||||
|
This will relays a local port to thru the server and thru a remote agent to a target IP address and
|
||||||
|
port. For example:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
-relaymap:TCP:555:"MyComputer":HTTP:192.168.1.1:80
|
||||||
|
```
|
||||||
|
|
||||||
|
This will relay local port 555 to a 192.168.1.1:80 for HTTP traffic. A typical use of this is to be able
|
||||||
|
to remotely configure a home router from anywhere on the Internet.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
-all
|
||||||
|
```
|
||||||
|
|
||||||
|
The “all” switch will bind local ports to all network interfaces so that other computers on the
|
||||||
|
network can use the port maps provided by MeshCentral Router. By default, local ports will be
|
||||||
|
bound to the loopback interface so that only local application can use the port mappings.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
-tray
|
||||||
|
```
|
||||||
|
|
||||||
|
The “tray” switch will place MeshCentral Router on the Windows system tray instead of the
|
||||||
|
normal application bar.
|
||||||
|
|
||||||
|
## Conclusion
|
||||||
|
|
||||||
|
MeshCentral, MeshCentral Router and this document are all opens source and licensed using
|
||||||
|
Apache 2.0, the full license can be found at <https://www.apache.org/licenses/LICENSE-2.0>.
|
||||||
|
@ -6,7 +6,10 @@ nav:
|
|||||||
- install/index.md
|
- install/index.md
|
||||||
|
|
||||||
- MeshCentral:
|
- MeshCentral:
|
||||||
- meshcentral/index.md
|
- 'Index': 'meshcentral/index.md'
|
||||||
|
- 'Tokens': 'meshcentral/tokens.md'
|
||||||
|
- 'Assistant': 'meshcentral/assistant.md'
|
||||||
|
- 'Debugging': 'meshcentral/debugging.md'
|
||||||
|
|
||||||
- Design and Architecture:
|
- Design and Architecture:
|
||||||
- design/index.md
|
- design/index.md
|
||||||
@ -27,7 +30,7 @@ site_description: "A remote monitoring and management tool"
|
|||||||
site_author: "Ylianst"
|
site_author: "Ylianst"
|
||||||
site_url: "https://git.meshcentral.com/"
|
site_url: "https://git.meshcentral.com/"
|
||||||
|
|
||||||
dev_addr: "0.0.0.0:8006"
|
dev_addr: "0.0.0.0:8010"
|
||||||
|
|
||||||
# Repository
|
# Repository
|
||||||
repo_name: "Ylianst/MeshCentral"
|
repo_name: "Ylianst/MeshCentral"
|
||||||
@ -46,6 +49,7 @@ theme:
|
|||||||
- navigation.tabs
|
- navigation.tabs
|
||||||
- navigation.expand
|
- navigation.expand
|
||||||
- navigation.top
|
- navigation.top
|
||||||
|
- navigation.instant
|
||||||
- toc.integrate
|
- toc.integrate
|
||||||
extra_css:
|
extra_css:
|
||||||
- stylesheets/extra.css
|
- stylesheets/extra.css
|
||||||
|