MultiOs Remote Access Pc

[ShatteredPsycho]

Hello everyone,

 

I am looking to make my PC remotely accessible while having it run multiple OS, Plex Server, NAS,etc

So, what I am trying to figure out is the best way to have multiple OS and applications (Linux, Windows, Plex,) in the same machine and being able to manage them all remotely.

I need to have GPU in most of them.

 

My current setup is:

3700x, 5700 XT, GTX 1060, 32Gb 3200mhz DDR4, about 6Tb of storage (256gb NvMe, 500 SSD, rest HDDs)

 

I was looking at unRAID, proxmox, vagrant, etc
But so far i've not figured out how to properly do it and if it will work at all (information in forums sometimes contradicts itself)

 

Thanks

[Eigenvektor]

6 minutes ago, ShatteredPsycho said:

So, what I am trying to figure out is the best way to have multiple OS and applications (Linux, Windows, Plex,) in the same machine and being able to manage them all remotely.

Do you want to be able to switch between these operating systems (multi-boot), or do you want them to run at the same time on the same machine?

 

Because in the second case, you're essentially looking at a virtual machine host, that runs multiple virtual machines, each with its own OS dedicated to a certain task. I'd primarily go for a Linux host system and use it to run most services you need in Docker containers. Then use a virtual machine to run Windows and whatever else that can't be run as a Docker container. You should be able to manage the host via SSH and use RDP for Windows.

[Oshino Shinobu]

Assuming you mean running them at the same time, VMs are really the best way to do this. You can go for a dedicated Hypervisor like VMWare ESXi or put Windows server on it and run them through HyperV..

 

In terms of remotely accessing them, do you need to access them only within the local network or over the internet as well?

 

If it's local, then all you need is a remote desktop application. WIndows supports this natively and for Linux you could use VNC (unless there's a RDP server for Linux, I'm not too familiar with Linux) along with the appropriate application firewall rules (port 3389 for RDP).

 

For access over the internet, the above is still true, but you'd also need to allow connections from outside the network. You can technically do this through RDS and just open up the firewall, but I wouldn't recommend it. Best solution is to setup a VPN. I personally use RRAS on Windows Server, utilising L2TP with IPSec PSK. You can also use something like Softether which I believe has a Linux version as well if you want to host it there. 

[ShatteredPsycho]

4 minutes ago, Eigenvektor said:

Do you want to be able to switch between these operating systems (multi-boot), or do you want them to run at the same time on the same machine?

 

Because in the second case, you're essentially looking at a virtual machine host, that runs multiple virtual machines, each with its own OS dedicated to a certain task. I'd primarily go for a Linux host system and use it to run most services you need in Docker containers. Then use a virtual machine to run Windows and whatever else that can't be run as a Docker container. You should be able to manage the host via SSH and use RDP for Windows.

All run at the same time.

 

Yes, I suppose virtualization is the way to go. Most of my work is done on Linux so Windows would be for games only

Thanks for the tips!

[ShatteredPsycho]

1 minute ago, Oshino Shinobu said:

Assuming you mean running them at the same time, VMs are really the best way to do this. You can go for a dedicated Hypervisor like VMWare ESXi or put Windows server on it and run them through HyperV..

 

In terms of remotely accessing them, do you need to access them only within the local network or over the internet as well?

 

If it's local, then all you need is a remote desktop application. WIndows supports this natively and for Linux you could use VNC (unless there's a RDP server for Linux, I'm not too familiar with Linux) along with the appropriate application firewall rules (port 3389 for RDP).

 

For access over the internet, the above is still true, but you'd also need to allow connections from outside the network. You can technically do this through RDS and just open up the firewall, but I wouldn't recommend it. Best solution is to setup a VPN. I personally use RRAS on Windows Server, utilising L2TP with IPSec PSK. You can also use something like Softether which I believe has a Linux version as well if you want to host it there. 

Running all at the same time. And remote acces over internet 
Thanks for the tips! I'll explore it.

I should probably have it hosted on Linux since I only use Windows for games.

[Eigenvektor]

5 minutes ago, Oshino Shinobu said:

For access over the internet, the above is still true, but you'd also need to allow connections from outside the network. You can technically do this through RDS and just open up the firewall, but I wouldn't recommend it. Best solution is to setup a VPN. I personally use RRAS on Windows Server, utilising L2TP with IPSec PSK. You can also use something like Softether which I believe has a Linux version as well if you want to host it there. 

If the host is Linux, then I'd say the best remote management option is SSH. You can tunnel anything else you need through this connection (e.g. RDP), which is essentially just as secure as a VPN.

5 minutes ago, ShatteredPsycho said:

Yes, I suppose virtualization is the way to go. Most of my work is done on Linux so Windows would be for games only

This could get a bit more complicated in terms of GPU. I know that e.g. ESXi supports GPU passthrough, which allows you to make the GPU available to a guest. But afaik that GPU is then dedicated to that one guest and I'm not sure you can switch that between different guests on the fly. So gaming might be a bit of a hassle.

[Oshino Shinobu]

1 minute ago, Eigenvektor said:

If the host is Linux, then I'd say the best remote management option is SSH. You can tunnel anything else you need through this connection (e.g. RDP), which is essentially just as secure as a VPN.

The data encryption is, but I'm not sure if you can use PSK + Authentication with SSH tunnels. I'd still go with VPN for remote network access over SSH, even if hosting on Linux, L2TP IPSec or IKEv2 is still supported and not too difficult to setup. 

[ShatteredPsycho]

4 minutes ago, Eigenvektor said:

If the host is Linux, then I'd say the best remote management option is SSH. You can tunnel anything else you need through this connection (e.g. RDP), which is essentially just as secure as a VPN.

This could get a bit more complicated in terms of GPU. I know that e.g. ESXi supports GPU passthrough, which allows you to make the GPU available to a guest. But afaik that GPU is then dedicated to that one guest and I'm not sure you can switch that between different guests on the fly. So gaming might be a bit of a hassle.

Hm, that was one of my main concerns from reading stuff about this.

Maybe by scripting some config file that changes gpu allocation after restart or anything of the sort?

 

If this proves to be too difficult I might host everything from Windows and just work by ssh with Linux as I don't really need gui in those

[ShatteredPsycho]

2 minutes ago, Oshino Shinobu said:

The data encryption is, but I'm not sure if you can use PSK + Authentication with SSH tunnels. I'd still go with VPN for remote network access over SSH, even if hosting on Linux, L2TP IPSec or IKEv2 is still supported and not too difficult to setup. 

Another question. Options for low power mode if system is idle, any way to be smart about this?

Also, is the "Magic Packet" Wake On Lan setup possible to do?

[Oshino Shinobu]

1 minute ago, ShatteredPsycho said:

Another question. Options for low power mode if system is idle, any way to be smart about this?

Also, is the "Magic Packet" Wake On Lan setup possible to do?

If you know there's certain times where you're not going to need to access some of the things that you're running, you can set up a sleep schedule through the OS's built in power management. 

 

Yes, that's possible. WoL is done through the MAC/Physical address, which each VM's virtual NIC will have. 

[ShatteredPsycho]

2 minutes ago, Oshino Shinobu said:

If you know there's certain times where you're not going to need to access some of the things that you're running, you can set up a sleep schedule through the OS's built in power management. 

 

Yes, that's possible. WoL is done through the MAC/Physical address, which each VM's virtual NIC will have. 

I shall get to work then

Thank you

[Eigenvektor]

9 minutes ago, Oshino Shinobu said:

The data encryption is, but I'm not sure if you can use PSK + Authentication with SSH tunnels. I'd still go with VPN for remote network access over SSH, even if hosting on Linux, L2TP IPSec or IKEv2 is still supported and not too difficult to setup. 

SSH is already encrypted. It can also use private-public-key exchange for authentication (in fact that is recommended over passwords for security). I don't see any benefit in running SSH through a VPN. That's just more potential attack surface to worry about.

 

I manage all of my Linux servers through SSH. After initial setup password authentication is disabled, which means login with a password is no longer possible and the only allowed authentication method is PPK. You can combine that with something like fail2ban to block repeat intrusion attempts from within the same network.

 

SSH also allows you to tunnel additional ports through that connection (e.g. ssh <hostname> -L3389:localhost:3389) would accept a connection on port 3389 on the machine that established the connection and forward that to "localhost:3389" on the other side of the SSH connection. This means you can tunnel RDP through that connection without having to expose that port over the Internet.