Im gearing up to teach a physical class on linux. Its got some weird requirements and this is out of my expertise. Mostly on the seeing what they do.
Let 6-8 People (maybe more) remote into a “box” (probably vm or dedicated machine i remote into)
Let me see what they are typing
The first one im flexible with how they remote into it. can be ssh, vnc, etc. Physical is not a option because i dont that many machines that they can play freely on, nor the peripherals to supply the machine.
If you need to see realtime, this is actually a problem that my company is trying to solve. There are some commercial solutions for this, but it’s not what you’d call “affordable”
Closer to real time the better. I would like to see what they are typing so i can have them run root commands without them just thrashing the system. Goal it to be quick to restore
give them a chroot / jail on a ZFS volume and snapshot it every X minutes?
If the goal is “make sure they don’t trash the box” or “be able to recover it easy” then
you won’t be able to monitor 8 people’s input at the same time as a human AND teach a class
you won’t be able to intercept the rm -rf / in real time anyway
having them learn by breaking is still learning . It may not be the course material but it is still valuable lessons… in what should be a safe, rebuildable environment.
So it becomes a case of either recovery or preventing the entire box being trashed. And restoring their environment from a snapshot.
I’d abandon the monitoring being your primary defence, and just chroot/jail them on a ZFS volume you can take snaps of
In freenas, spinning up a jail running a command line unix variant is a 30 second exercise…