Our devices have a user interface, a display where the user can control the device.
For support purposes the user should be able to temporarily enable remote access to this user interface.
I am inspired by how some of the PC support frameworks works (e.g. fastsupport or teamviever). The user and the supporter just needs to exchange a support key and then a remote session can be established.
I am considering using the balena public url concept to achieve something similar.
Web interface access will probably do the job. I don’t need full remote desktop access.
My thoughts and questions so far:
- Is the public URL secure all the way to the device? Can I leave it turned on for all devices 24/7? Can it be turned on/off through the supervisor API?
- Since the public URL remains the same, it is not itself useful as a temporary session key. I could make the public URL point to some kind of device login, where the temporary session key would be the credential.
- The remote supporter should NOT have access to the balena web interface. I could create a web interface that when a “session key” and “device ID” is entered would forward the supporter to the public url, which would allow access with exactly that session key.
- Is this a reasonable way to solve this?
- Have others been doing similar?
- Have others tried to incorporate any 3rd party support solution on a Balena device like e.g. fastsupport or teamviewer?