diff --git a/docs/docs/meshcentral/debugging.md b/docs/docs/meshcentral/debugging.md index 0c93a338..745da169 100644 --- a/docs/docs/meshcentral/debugging.md +++ b/docs/docs/meshcentral/debugging.md @@ -1,4 +1,10 @@ -Youtube video about websockets: https://youtu.be/3vI4URd3VzU +## Websockets Video + +
+ +
+ +## Enabling trace in your browser Dev Tools `Trace=1` as a parameter in chrome dev tools for debugging @@ -26,7 +32,7 @@ If you want to change node to meshcentral in journalctl, add this to /etc/system SyslogIdentifier=meshcentral ``` -## Logging it all +## Server: Logging it all To log everything that's possible, prepare the log directory. @@ -89,6 +95,8 @@ obj.fs.writeSync(obj.xxLogFile, new Date().toLocaleTimeString() + ' - ' + source `log.txt` will now log everything in the Trace tab, but not formatted as nice. +## Restricting server to specific IP(s) + When doing debugging on my development server, I use this line in the settings section to block all agent connections except the agent I want: ``` @@ -97,9 +105,10 @@ When doing debugging on my development server, I use this line in the settings s Of course, this is just for debugging. - ## Finding system ID types - + aka trying figure out what this is + +![ID](images/determine-id.png) ## General server statistics related \ No newline at end of file diff --git a/docs/docs/meshcentral/images/determine-id.png b/docs/docs/meshcentral/images/determine-id.png new file mode 100644 index 00000000..4e1bf8b7 Binary files /dev/null and b/docs/docs/meshcentral/images/determine-id.png differ diff --git a/docs/docs/meshcentral/images/user_tokens1.png b/docs/docs/meshcentral/images/user_tokens1.png new file mode 100644 index 00000000..a81985f4 Binary files /dev/null and b/docs/docs/meshcentral/images/user_tokens1.png differ diff --git a/docs/docs/meshcentral/images/user_tokens2.png b/docs/docs/meshcentral/images/user_tokens2.png new file mode 100644 index 00000000..bcafaa1c Binary files /dev/null and b/docs/docs/meshcentral/images/user_tokens2.png differ diff --git a/docs/docs/meshcentral/tokens.md b/docs/docs/meshcentral/tokens.md new file mode 100644 index 00000000..c190d674 --- /dev/null +++ b/docs/docs/meshcentral/tokens.md @@ -0,0 +1,15 @@ +# 14.1 Tokens + +## User Tokens + +![User Tokens 1](images/user_tokens1.png) + +![User Tokens 2](images/user_tokens2.png) + +## Software Integration Tokens + +Currently, the login tokens in the user manual section 14.1 can't be tracked, deleted or revoked. They are generated with: + +```bash +node meshcentral --loginTokenKey +``` diff --git a/docs/docs/meshcmd/index.md b/docs/docs/meshcmd/index.md index ee9cea92..8eb362cc 100644 --- a/docs/docs/meshcmd/index.md +++ b/docs/docs/meshcmd/index.md @@ -5,5 +5,5 @@ ## Video Walkthru
- +
diff --git a/docs/docs/meshrouter/images/download-link.png b/docs/docs/meshrouter/images/download-link.png new file mode 100644 index 00000000..08ee692b Binary files /dev/null and b/docs/docs/meshrouter/images/download-link.png differ diff --git a/docs/docs/meshrouter/images/login.png b/docs/docs/meshrouter/images/login.png new file mode 100644 index 00000000..cd060264 Binary files /dev/null and b/docs/docs/meshrouter/images/login.png differ diff --git a/docs/docs/meshrouter/images/port_maps.png b/docs/docs/meshrouter/images/port_maps.png new file mode 100644 index 00000000..973afe16 Binary files /dev/null and b/docs/docs/meshrouter/images/port_maps.png differ diff --git a/docs/docs/meshrouter/images/port_maps2.png b/docs/docs/meshrouter/images/port_maps2.png new file mode 100644 index 00000000..e2ee7935 Binary files /dev/null and b/docs/docs/meshrouter/images/port_maps2.png differ diff --git a/docs/docs/meshrouter/images/port_maps3.png b/docs/docs/meshrouter/images/port_maps3.png new file mode 100644 index 00000000..64957677 Binary files /dev/null and b/docs/docs/meshrouter/images/port_maps3.png differ diff --git a/docs/docs/meshrouter/index.md b/docs/docs/meshrouter/index.md index f47d6110..ad845aed 100644 --- a/docs/docs/meshrouter/index.md +++ b/docs/docs/meshrouter/index.md @@ -7,3 +7,136 @@
+ +## Downloading + +MeshCentral router is a Windows application that comes built-into the MeshCentral server or can +be downloaded at: + +It’s probably best to use the MeshCentral router that comes with your version of the MeshCentral +server as the two will likely be most compatible. A given MeshCentral Router version may not +work with any MeshCentral server versions. On MeshCentral, you can download MeshCentral +Router with this link: + +![Download](images/download-link.png) + +_The router link will only show up on Windows browsers._ + +## Login + +MeshCentral router will need to login to your MeshCentral server just like any browser. You can +do this by entering the server name and account username and password. Depending on your +server and account situation, you may see some or all of the following screens. + +![Login](images/login.png) + +If the second factor authentication is required, MeshCentral Router does not support hardware +keys (WebAuthn), but does support the YubiKey™ OTP. + +## Creating Port Maps + +Once logged in, you can start adding port maps using the “Add Map…” and “Add Relay Map…” +buttons on the bottom right. You can then create a map and open the associated application +using the “Open…” button and remote to port map using the “Remove” button. + +![port_maps](images/port_maps.png) + +There are two different types of ports mappings. A normal port map and a relay port map. A +normal port map will route packets to the selected destination computer that is running the mesh +agent as shown here. + +![port_maps](images/port_maps2.png) + +A relay port map will route traffic thru the server and thru the remote agent to a target IP address +on the remote agent’s network as shown here. + +![](images/port_maps3.png) + +Note that all traffic is encrypted using TLS from MeshCentral Router to the MeshCentral server +and from the server to the MeshAgent. The server and the agent do have access the traffic so it’s +recommended to use port mappings to tunnel data that is also encrypted for that end-to-end +encryption is assured. + +## Command Line Arguments + +MeshCentral router can be run with command line arguments to make it quicker and easier to +use. The arguments range from debugging to being able to quickly login and setting up port +maps. + +```bash +-debug +``` + +Causes MeshCentral Router to generate a “debug.log” dump file that can be useful for +debugging. + +```bash +-host: +-user: +-pass: +-ignorecert +``` + +This set of command line arguments make logging into the MeshCentral server easier. Note that +specifying the password using a command line argument may not be secure as the command +shell can record the password in the command history. The “ignorecert” argument is not +recommended as it’s going to cause MeshCentral Router to ignore untrusted server certificates. +This should only be used for debugging. + +```bash +-map::::: +``` + +The “map” argument will automatically create a network map once MeshCentral Router is logged +In. The protocol must be “TCP” or “UDP, the local port can be 0 for any. The computer name is +the server-side name of the computer, if many computers have the same one, one of them will be +selected. The app can be empty for a custom application, or can be “HTTP”, “HTTPS”, “RDP”, +“PuTTY” or “WinSCP”. For the UDP protocol, no apps are currently supported so it should be left +blank. For example you can use: + +```bash +-map:TCP:0:"MyComputer":HTTP:80 +-map:UDP:1235:"MyComputer"::1234 +``` + +The first example will map a random local port to port 80 of “MyComputer” and is expected for +use with HTTP traffic. The second example maps local UDP port 1235 to port 1234 on +“MyComputer”. It’s best for the computer name to be in quotes. + +In addition to port mapping, you can also setup relay maps where a remote computer is used as a +traffic relay like this: + +```bash +-relaymap::: + ::: +``` + +This will relays a local port to thru the server and thru a remote agent to a target IP address and +port. For example: + +```bash +-relaymap:TCP:555:"MyComputer":HTTP:192.168.1.1:80 +``` + +This will relay local port 555 to a 192.168.1.1:80 for HTTP traffic. A typical use of this is to be able +to remotely configure a home router from anywhere on the Internet. + +```bash +-all +``` + +The “all” switch will bind local ports to all network interfaces so that other computers on the +network can use the port maps provided by MeshCentral Router. By default, local ports will be +bound to the loopback interface so that only local application can use the port mappings. + +```bash +-tray +``` + +The “tray” switch will place MeshCentral Router on the Windows system tray instead of the +normal application bar. + +## Conclusion + +MeshCentral, MeshCentral Router and this document are all opens source and licensed using +Apache 2.0, the full license can be found at . diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml index 71457e85..a915431f 100644 --- a/docs/mkdocs.yml +++ b/docs/mkdocs.yml @@ -6,7 +6,10 @@ nav: - install/index.md - MeshCentral: - - meshcentral/index.md + - 'Index': 'meshcentral/index.md' + - 'Tokens': 'meshcentral/tokens.md' + - 'Assistant': 'meshcentral/assistant.md' + - 'Debugging': 'meshcentral/debugging.md' - Design and Architecture: - design/index.md @@ -27,7 +30,7 @@ site_description: "A remote monitoring and management tool" site_author: "Ylianst" site_url: "https://git.meshcentral.com/" -dev_addr: "0.0.0.0:8006" +dev_addr: "0.0.0.0:8010" # Repository repo_name: "Ylianst/MeshCentral" @@ -46,6 +49,7 @@ theme: - navigation.tabs - navigation.expand - navigation.top + - navigation.instant - toc.integrate extra_css: - stylesheets/extra.css