[CentOS] [OT] Remote control of a WinXP machine from a Linux host

Fri Jan 9 20:41:56 UTC 2009
Marko Vojinovic <vvmarko at panet.co.yu>

Sorry for an off topic post, but a lot of you folks are sysadmins here or 
there, and just might have a suggestion... ;-)

I have a WinXP machine that is to be unattended for a period of 3 years (yes, 
I know, it sounds ridiculous, but still...). What I need is remote access to 
it to perform regular system maintenance, virus cleanups, occasional software 
installations, reboots, config changes, etc.

Of course, rdesktop would do it, or vnc server or something else. The problem 
is that this machine is behind a NAT, and I cannot access it remotely from 
outside (and I need access from whereever on the planet I may happen to be).

Basically, I need to setup some type of ssh tunnelling from XP (machine A) to 
my static-IP-24/7-high-bandwidth-CentOS server (machine B) and then further 
to my laptop (machine C, Fedora 10) located elsewhere (possibly behind 
another NAT, I can't know in advance). I have root access for all three 
machines (A, B and C). Of course, all three are on different LANs.

However, I have never done anything like this before, so I wonder what is the 
best method of creating such a setup?

One of my ideas was to make some script on A which would connect to B once 
every 15 minutes or so, look for a flagfile, and if present, initiate 
connection with C directly or through B if necessary. That means, if I want 
access from C to A, I ssh from C to B and create a flagfile, wait 15 minutes 
or so, and a rdesktop (or vnc or other) appears on my laptop. In theory.

Or is there some other XP-tool that might do what I want out of the box? 
However, it need be absolutely automatic, there will be nobody around to do 
anything locally on A once I leave it.

Another idea I had was to have machine A running as a virtual machine on a 
CentOS host (vmware or such would suffice). Then I could easily configure the 
above A-to-B-to-C scenario, shutdown the virtual A, pull its hard disk file 
to C, start it locally, perform maintenance, push it back to host A and run 
it again as a vm. But this is highly complicated, takes too much time and 
bandwidth, so I hope something simpler is available.

Yet another idea is to ask A's ISP to provide a static IP for that machine, or 
to forward some available port to A, which could be used by rdesktop in some 
customized fashion. But the ISP may refuse such requests, and I need a robust 
solution.

Yet even another idea is to put another CentOS machine (D) between A and A's 
ISP (create a local LAN). Then initiate ssh -X connection from C to D 
(somehow, via flagfile scenario or such), and then rdesktop from D to A over 
a local LAN.

The main problem is NAT, if machine A had a world-accessible IP, I would just 
rdesktop from C to A, but alas, it doesn't... :-(

Any suggestions about the best way of doing this?

Thanks, :-)
Marko