MeshCentral is a free open source web-based remote computer management software. Target end-points are Linux, BSD, MacOS and Windows computers with Intel AMT or where an agent is installed. It allows to remotely manage and control computers on a LAN or a WAN, performing remote desktop, remote terminal, file transfers…
MeshCentral includes its own messaging web application it can be used to chat, transfer files and optionally used for audio and video chat.
MeshCentral will work on NodeJS 6.x and higher (some features, like multilanguage support, require NodeJS 8 at least, built-in letsencrypt requires at least NodeJS 10.12). The default database is suitable to manage less than 100 computers, but for larger scale scenarios MongoDB can be used. MeshCentral can be combined with a reverse proxy and has built-in support for Let’s Encrypt.
Default ports (note it can try the next higher port if it fails to connect to the default one):
80 (to redirect from http to https)
443 (https)
4433 (for Intel AMT)
Development stage: beta (at the time of writing) License: Apache 2.0 What to backup:meshcentral-data and meshcentral-files directories. MongoDB databases if used. Configuration file:meshcentral-data/config.json (unless MeshCentral is run in state-less mode). To enable any config parameter make sure to remove the initial underscore ( _ ) from the variable and to restart MeshCentral to apply the changes.
Other features:
server peering (load-balancing)
2FA
built-in support for HashiCorp Vault
Hardware keys support (YubiKey)
multi-tenancy
custom branding and terms of use
multi-language
MeshCtrl CLI tool
MeshCmd CLI tool
MeshCentral Router: a Windows application that performs TCP and UDP port mapping from a local machine to any remote computer thru a MeshCentral server. This feature can be useful to, for example, perform a remote desktop session using RDP.
Am trying to understand what exactly it is in genrall, ill have to test ride or install to get a footing. It sounds something close to pulseway or manageeninge etc.
MeshCentral sounds good, but AFAIK is ONLY for Intel CPUs…
and:
According to Wikipedia:
or in german:
Intel confirmed a Remote Elevation of Privilege bug (CVE-2017-5689, SA-00075) in its Management Technology on May 1, 2017.[12] Every Intel platform with either Intel Standard Manageability, Active Management Technology, or Small Business Technology, from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME.[13][14] Some manufacturers, like Purism[15] and System76[16] are already selling hardware with Intel Management Engine disabled to prevent the remote exploit. Additional major security flaws in the ME affecting a very large number of computers incorporating Management Engine, Trusted Execution Engine, and Server Platform Services firmware, from Skylake in 2015 to Coffee Lake in 2017, were confirmed by Intel on November 20, 2017 (SA-00086).
Seems they don’t have much regard for security, not an Intel first!
Only: one can hardly evade Intel completly…
This looks interesting. Simple enough to install on a Ubuntu VM, but the “agents” don’t seem to work–I’ve installed it on three Linux servers and one FreeNAS box, and none of them are showing up in my dashboard. The guide says it may take up to a minute to appear; these aren’t showing up after an hour.
guacamole can be used as a central gateway to access any number of machines running different remote desktop servers (RDP, VNC, SSH…) while MeshCentral can use either an agent on the remote computer (Intel/AMD…) or agentless using Intel AMT (with more options specific to Intel AMT). It can be extended using/developing plugins.
Some users were asking for DASH support for AMD but as the developer works for Intel that won’t happen unless done by the community of users.
I’ve tried a minimal part of it over Ubuntu/Debian. By default it is started for only LAN but using the --cert parameter can be started with WAN support (forwarding necessary ports on the gateway). After switching from one mode to the other I found it easier for the machines to show up to restart the client service on remote computer.
Today I’d the same problem. MeshCentral configured in Hybrid mode (LAN+WAN). Agent on remote computers (WAN). Previously used agents (debian/ubuntu) were grayed out. New agents not showing up (windows 7/8/10). After deactivating a software firewall on the computer where MeshCentral is hosted, the agents started to show up (20s-2 minutes).
MeshCentral is a great, fast tool for remote control/managing.
I tested with MeshCentral server on Nethserver and agents on Nethserver, Neth/ARM, Proxmox, Debian, Ubuntu, Win10 and all are working so far.
All except one agent are in my home network.
You can add and control the local server too.
I am using rh-nodejs10, a virtualhost reverse proxy, WAN only mode and this way only need to port forward 443 from my router to the Nethserver. I assume on a gateway it just works.
I need to get all my notes and the cmdline history together, then I am going to create a howto asap.
Apr 24 06:18:58 testserver systemd: Started MeshCentral Server.
Apr 24 06:18:59 testserver node: MeshCentral HTTP redirection server running on port 81.
Apr 24 06:18:59 testserver node: MeshCentral v0.5.13, WAN mode, Production mode.
Apr 24 06:19:00 testserver node: MeshCentral Intel(R) AMT server running on server.domain.tld:4433.
Apr 24 06:19:00 testserver node: MeshCentral HTTP server running on port 8989, alias port 443.
I Use Meshcentral for 3 “Clients” including multiple Notebooks/Server in many locations and it works great.
Updates are smooth and still use it in Combination with Guacamole as I do want to have alternative ways at hand.
I do have one question they added web RDP do you have implemented a prop setting for this in your build?
I think a prop for that is not implemented, but shall be fairly easy to add it.
The related parameter goes to the config.json file, within the domains section.
found and worked thanks
Again this is the best Remote tool I ever worked with forget TeamViewer i do anything with it
constant updates constant improvements and thanks to Markus all in our proven Nethserver.
love it
Kind Regards Shodan
MeshCentral requires Node v11 or above, current version is v10.24.0.
But how do I change the Node version ?
simple install of rh-node12 does not solve this as npm seems to be bound to 10.
Is there a “simple” way to change it or to a newer version ?
thanks a lot.
Had some problems related to parsing problems with the config file.
I had more time today to check
the upgrade and moved a backup config file in now everything works and is up to date.
thanks the backup file and the config file were the same i thought but who know.
