Remote-access Guide

boinc tablet remote access

by Prof. Maryam Barrows Published 1 year ago Updated 1 year ago
image

How do I set up remote RPCs for BOINC?

By default, remote RPCs are not accepted from any host. To specify a set of hosts from which RPCs are allowed, create a file remote_hosts.cfg in your BOINC data directory containing a list of allowed DNS host names or IP addresses (one per line). Only these hosts will be able to connect.

How do I add remote machines to boinctasks?

To add remote machines move onto the next step. In order for BoincTasks to be able to connect to your BOINC machines they need to be configured to allow remote connections. This can be done by modifying two configuration files inside the BOINC data directory.

How do I Manage my Remote BOINC machines from a central location?

Click on the Tasks tab to connect the computer. Repeat this step for all remote computers you want to manage. You should now be able to manage your remote BOINC machines from a central location using BoincTasks.

How can I control multiple BOINC clients at once?

You can use add-on programs such as BoincTasks or BOINCView to control many BOINC clients at once: GUI RPCs are divided into two categories: Status operations which return information about tasks, project, etc. Control operations which change the state of BOINC (suspend/resume, add project, etc.).

image

How to connect to BoincTasks?

In order for BoincTasks to be able to connect to your BOINC machines they need to be configured to allow remote connections. This can be done by modifying two configuration files inside the BOINC data directory. On Windows this should be in %programdata%BOINC and on Linux it should be in /var/lib/boinc.

Why reserve MAC address in DHCP?

Or at least reserve the MAC address in the DHCP server so that the machines are always assigned the same IP address. This will make it easier to remember what machines have what IP addresses when managing them in BoincTasks or when connecting via Remote Desktop or SSH.

What is the first file you need to modify?

The first file you need to modify is called gui_rpc_auth.cfg and it should contain the password that you would like to use to connect to the BOINC machine.

Can you manage a Boinc machine remotely?

You should now be able to manage your remote BOINC machines from a central location using BoincTasks. You should be able to do all the things you would be able to do with the normal BOINC manager like adding projects, suspending/resuming tasks and more.

What is the name of the local machine in BoincTasks?

As you can see from the image above there is only one machine called RYZEN01 being managed by BoincTasks. This is the local machine.

Can you have more than one machine running Boinc?

When you have more than one machine running BOINC it can be a bit of a pain to manage them. Fortunately there is a great tool called BoincTasks that simplifies the management process. In this tutorial you will learn how to install BoincTasks, how to configure remote BOINC machines and how to add them to BoincTasks so that they can be managed from a central location.

Do you restart BOINC after editing files?

Once you have edited the files you will need to restart the BOINC client on that machine.

What happens if you enable RPC?

If enabled, the client will use only OS-level functions to generate a random GUI RPC password, and will exit if these functions fail. Without this flag, if OS secure random functions aren't available, the client will fall back to a random-string generator based on time of day, free disk space, and other host-specific information.

How is scheduling priority determined?

A project's scheduling priority is determined by its estimated credit in the last X days. Default is 10; set it larger if you run long high-priority jobs.

What is nvc_config.xml?

The nvc_config.xml file contains up to four tags. This file is used mainly by branded clients to set special values used to determine and report whether there is a newer version available for download.

How big is a standard out log file?

Specify the maximum size of the standard out log file (stdoutdae.txt); default is 2 MB.

What does "0" mean in CPU?

Act as if there were N CPUs; e.g. to simulate 2 CPUs on a machine that has only 1. Zero means use the actual number of CPUs. Don't use this to limit CPU usage; use computing preferences instead.

What does the client do when running an app?

When running an app, the client will do everything except actually run the app, i.e. it will set up the slot dir, create the shared mem segment, etc. It will then continue as if the app were actually running, and you can then manually run your app under a debugger in the slot directory.

Does Boinc Manager have GUI?

If enabled, the BOINC Manager will display only the simple GUI.

denravonska commented Nov 6, 2016

The communication between the BOINC client and the Android UI is done through a UNIX socket instead of the optional TCP socket as is the case on desktop devices. This prevents you from using tools such as BoincTasks to monitor an entire crunching farm.

davidpanderson commented Nov 6, 2016

The Android client originally used TCP for GUI/client communication. One of our partners (HTC) thought this was a security risk, so we switched to Unix domain sockets. It's probably an #ifdef somewhere to use TCP. Right now we're trying to find someone to build the client with Android Studio.

denravonska commented Nov 7, 2016

It works the same as the desktop client. If you don't allow remote communication the BOINC client only listens to 127.0.0.1 which should be safe. If you do --allow_remote_gui_rpc or specify an allowed IP in gui_rpc_auth.cfg the client then listens to all interfaces. I guess it's some security risk if you allow all IPs to connect.

Ferroin commented Nov 7, 2016

Just listening on 127.0.0.1 is not as safe as using a UDS connection most of the time. For the loopback connection you can't set permissions on who can actually connect (yes, I know you technically can with a firewall, but that is not easy to set up and is very easy to break other things with).

denravonska commented Nov 7, 2016

Ah, true. I guess the default could be a UNIX socket when remote monitoring is disabled and a TCP socket when it's enabled. It feels iffy though.

denravonska commented Nov 8, 2016

I've been playing around with a TCP<->UNIX socket bridge and I'm not sure how, in the current state, the UNIX socket is more secure than a TCP socket. Any app is allowed to connect to the UNIX socket and communicate with the client as long as they know the password, which would be the same as listening to 127.0.0.1, right?

Ferroin commented Nov 8, 2016

I don't know how the socket is implemented here, but it is much easier to secure a UNIX socket than a regular TCP socket simply because you can use file permissions (and ACL's if the FS supports them) to get very fine-grained access controls.

Pushbullet

Pushbullet doesn’t go so far as to grant you complete control over your Android phone from a PC. However, it does put all of your notifications right at your fingertips. You can send and receive files and messages with optional encryption and use universal copy and paste to manage messages faster.

AirDroid

AirDroid is one of the more powerful ways to control Android from a PC, and it combines several features from the other apps on this list. You can manage your messages and notifications or go in-depth and mirror your screen and mouse. Not all of the mirroring features are as smooth as some other options, but they’ll do in a pinch.

Vysor

Vysor is a bit simpler than AirDroid in that it places most of its emphasis on screen mirroring. It’s a great option if you’re a developer looking to test your app while developing it or if you want to tinker with the perfect home screen setup.

Scrcpy

If you want to control your Android from a PC entirely, Scrcpy goes even further than Vysor. It’s an open-source program, though, so you’ll have to do a bit more work to reach the promised land. You can use a USB connection or Wi-Fi to pair your phone, and Scrcpy allows for screen mirroring and notification management.

Samsung Flow

If you want to control your Android phone from a PC, specifically a Samsung phone, Flow is your best bet. It allows you to bring any of your Samsung products into the same fold and seamlessly share notifications and settings. If you want to bring your texts over to your Galaxy Tab, you can do so in seconds.

TeamViewer QuickSupport

TeamViewer’s QuickSupport app is a small part of the much larger ecosystem, and it’s a must-have for just about any business. It allows you to provide tech support right from your laptop to an Android device, so long as you have the app and the desktop software downloaded.

What is a private profile rule?

The TCP "Private" Profile rule is the one that should be allowing the connections. And it is overly permissive as it should only be allowing TCP 33630 for remote console access and TCP 7396 for the web client.

What is 123.456.789.0/24?

123.456.789.0/24 is for remote access from a range of addresses (123.456.789.0 - 123.456.789.255) out on the Internet.

What is the loop back address?

The loop back address, 127.0.0.1, should only be used as the IP address for the local machine on the local machines FAHControl. Use just the remote IP address for the IP address of the remote machine.

What is FAH.net?

FAH.net a application for Windows and F@H Mobile Monitor an iOS App

What port does Advanced Control use?

The Advanced Control uses TCP port 36330 ( and can be also accessed using using any TELNET client that supports UNIX terminal emulation such as PuTTY, which the Windows Telnet Client, unfortunately does not )

Is firewall a bane?

Windows firewall is the bane of my existence at work. Even in an Enterprise environment every once in a while a Windows Update will turn it back on and all the Windows System Administrators will start panicking as things break left right and center

Do you need to add IP address and mask to passwordless IP address restriction?

The IP Address and Mask just needs to be added to the "Passwordless IP Address Restriction" section and not the "IP Address Restriction" also but there's no harm in doing both.

image
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9