Is it possible to prevent the assister from actually executing the commands on your system?
I could use this in a lot more places if the assister could see my screen/output and propose commands for me to run, but I was still in control of what commands are executed. (i.e. if I could safely use this as part of the customer support process for my customers, I would be extremely willing to pay for it).
You may also want to consider allowing the user to specify whether the default is read-only mode or read/write. In similar applications such as http://join.me, the default behavior is similar to a read-only mode.
Yeah the remote person can do whatever they want. They can definitely also hide what they're trying to do without much effort. The idea is to use this only with people who you would give physical access to anyways. I do really like the idea of a read-only mode with a way to suggest commands as a way to open this up to more use cases.
It's perhaps worth noting that the with the venerable GNU Screen, you can more or less achieve this by enabling multiuser mode and then doing screen -x.
While that works well on the same network, Assist uses a publicly accessible tunnel to allow connections from the internet, regardless of wherever you are / local network configuration.
tmate is pretty similar but there are a few things about it architecturally that are different I think. The person connecting to you connects through a tmux server on the tunneling host rather than directly to your tmux session. This means that the tunneling server can see and modify everything sent over tmate. If the tunneling server is untrusted or compromised, an attacker would be able to run commands on your machine. Unfortunately, to make things worse, the ssh key fingerprint of the tunneling server is not bundled with tmate, so during the first connection to any tunnel an attacker performing a man-in-the-middle can spoof the server and use the fact that the server is trusted to run arbitrary commands on your machine. The attacker can either man-in-the-middle the person running tmate or the person connecting to the tmate user to perform this attack.
This more complex architecture is likely why tmate is using libssh even though libssh recently had a very serious authentication bypass vulnerability (CVE-2018-10933). These architectural choices may provide benefit in certain circumstances, but we thought were unnecessary just to share a shell.
Assist has a simpler architecture and is built on top of unmodified Screen and OpenSSH (we use the installed binaries on your machine). The tunneling servers are designed to be completely untrusted, and the command you paste to the assistant contains all the information necessary to prevent a man-in-the-middle attack from seeing or modifying the session. We hope to add more features in the future and felt that starting with a simpler architecture would help with that.
There isn't a link to terms of the subscription, at least I couldn't find one on mobile. Is the single user license for a single host or a single assister? Do both users need a license? Is it per device or per person?
Great questions - these are covered in our FAQ (admittedly buried at the bottom of the home page): https://assist.app/faq.html
Can the assist servers access my computer?
> No, the assist servers are only used for tunneling the connection over the internet. All data exchanged between the assister and assistee is encrypted over SSH. The assist command that is given to the assistee contains all keys necessary to setup a secure connection over SSH. This setup is designed such that a compromised server with the ability to passively monitor or actively modify traffic cannot see or interact with user sessions.
Does allowing someone to assist me give them control over my computer?
> Yes, you should only allow use assist with people if you can trust with your computer. A person logged into your assist session can potentially access any of your files or install malicious software. Allowing someone to assist you is similar to physically allowing someone access to your computer. Assist is meant to be used in situations where you would be okay letting someone use your computer while you are not around.
Sorry for the lack of clarity - only the user typing “assist” needs to have a subscription. We host publicly accessible tunnels so that this works wherever you are.
I’ll clarify the subscription details on the site - thanks!
I could use this in a lot more places if the assister could see my screen/output and propose commands for me to run, but I was still in control of what commands are executed. (i.e. if I could safely use this as part of the customer support process for my customers, I would be extremely willing to pay for it).
We will add this feature soon - please send us an email (team@assist.app) if you’d like to be notified when it’s ready. Thanks!
assist scp $HOME/.ssh/id_rsa.pub me@myserver.com/user/downloads
https://www.hamvocke.com/blog/remote-pair-programming-with-t...
https://tmate.io
Not very trustworthy
You’re right about the ID, we’ll add that in :-)
What's the difference with tmate? I haven't seen a reference to it in the site and it looks pretty similar in purpose and usage from a quick look.
This more complex architecture is likely why tmate is using libssh even though libssh recently had a very serious authentication bypass vulnerability (CVE-2018-10933). These architectural choices may provide benefit in certain circumstances, but we thought were unnecessary just to share a shell.
Assist has a simpler architecture and is built on top of unmodified Screen and OpenSSH (we use the installed binaries on your machine). The tunneling servers are designed to be completely untrusted, and the command you paste to the assistant contains all the information necessary to prevent a man-in-the-middle attack from seeing or modifying the session. We hope to add more features in the future and felt that starting with a simpler architecture would help with that.
We’re also a paid service so we’re incentivized to make sure things run reliably and customers are well supported.
I’ll clarify this on the site - thanks!
Does the data go through your pipes at all or strictly between assist clients?
Can the assist servers access my computer?
> No, the assist servers are only used for tunneling the connection over the internet. All data exchanged between the assister and assistee is encrypted over SSH. The assist command that is given to the assistee contains all keys necessary to setup a secure connection over SSH. This setup is designed such that a compromised server with the ability to passively monitor or actively modify traffic cannot see or interact with user sessions.
Does allowing someone to assist me give them control over my computer?
> Yes, you should only allow use assist with people if you can trust with your computer. A person logged into your assist session can potentially access any of your files or install malicious software. Allowing someone to assist you is similar to physically allowing someone access to your computer. Assist is meant to be used in situations where you would be okay letting someone use your computer while you are not around.
This type of software should really be something like $30-$60/license and $10-$20 upgrade fee for latest version.
I’ll clarify the subscription details on the site - thanks!