Radarcape:SSH Tunneling: Difference between revisions
imported>Dl4mea Created page with "===== Tunneling of the receiver access through firewalls (SSH tunneling) ===== '''EXPERTS ONLY''' ==== Why SSH tunneling ==== Imagine you know a remote location with intern..." |
imported>Dl4mea No edit summary |
||
| Line 1: | Line 1: | ||
===== Tunneling of the receiver access through firewalls (SSH tunneling) | Imagine you know a remote location with internet access far off, where you like to place a Radarcape. Unfortunately this network is not accessible from your home network, as no domain name (like modesbeast.com) is given to this network. In that case you can let the Radarcape establish a tunnel connection to a known address, reachable by both, the user and the Radarcape. Such a SSH tunnel is secured by SSH, and this is the common way in networking. | ||
== Firewall Settings == | |||
== Tunneling of the receiver access through firewalls (SSH tunneling) == | |||
'''EXPERTS ONLY''' | '''EXPERTS ONLY''' | ||
==== | ==== Installation of a SSH tunnel ==== | ||
The SSH tunnel is a way to prepare a connection without opening a firewall. With this methode, the Radarcape establishes a connection to a given server and provides its ports right there. | |||
=== Radarcape | ===== Radarcape essentials ===== | ||
First, generate a SSH key pair on the local Radarcape | First, generate a SSH key pair on the local Radarcape | ||
| Line 16: | Line 17: | ||
Set attributes of ~, .ssh and authorized_keys are set to 600. | Set attributes of ~, .ssh and authorized_keys are set to 600. | ||
=== Server | ===== Server essentials ===== | ||
The server is the common connection point for the user and the Radarcape. It is not necessarily a computer for its own, it can even be the computer. | The server is the common connection point for the user and the Radarcape. It is not necessarily a computer for its own, it can even be the computer. | ||
| Line 25: | Line 26: | ||
Now the local Radarcape is accessible on <server_domain> under port 8002, 1302 and 2202. | Now the local Radarcape is accessible on <server_domain> under port 8002, 1302 and 2202. | ||
=== Server Settings === | ==== Server Settings ==== | ||
If the server is also a Radarcape, and in case that you want to get access from external devices to the ports through the tunnel, you need to add switch "'''-a'''" to the dropbear startup file '''/lib/systemd/system/[email protected]'''. | If the server is also a Radarcape, and in case that you want to get access from external devices to the ports through the tunnel, you need to add switch "'''-a'''" to the dropbear startup file '''/lib/systemd/system/[email protected]'''. | ||
Revision as of 10:43, 4 October 2013
Imagine you know a remote location with internet access far off, where you like to place a Radarcape. Unfortunately this network is not accessible from your home network, as no domain name (like modesbeast.com) is given to this network. In that case you can let the Radarcape establish a tunnel connection to a known address, reachable by both, the user and the Radarcape. Such a SSH tunnel is secured by SSH, and this is the common way in networking.
Firewall Settings
Tunneling of the receiver access through firewalls (SSH tunneling)
EXPERTS ONLY
Installation of a SSH tunnel
The SSH tunnel is a way to prepare a connection without opening a firewall. With this methode, the Radarcape establishes a connection to a given server and provides its ports right there.
Radarcape essentials
First, generate a SSH key pair on the local Radarcape
cd ~/.ssh dropbearkey -t rsa -f id_rsa
Set attributes of ~, .ssh and authorized_keys are set to 600.
Server essentials
The server is the common connection point for the user and the Radarcape. It is not necessarily a computer for its own, it can even be the computer.
Next, copy the public key given from above command to the server folder ~/.ssh/authorized_keys. Mind that the attributes of ~, .ssh and authorized_keys are set to 600. On the local Radarcape, add the command below to cape.sh. Please remember that cape.sh runs without user settings, so you need to specify the path to the SSH key absolute.
./autossh -M 6667 -f -p <server_ssh_port> -i /home/root/.ssh/id_rsa -N -R *:8002:localhost:80 -R *:1302:localhost:10003 -R *:2202:localhost:22 root@<server_domain> &
Now the local Radarcape is accessible on <server_domain> under port 8002, 1302 and 2202.
Server Settings
If the server is also a Radarcape, and in case that you want to get access from external devices to the ports through the tunnel, you need to add switch "-a" to the dropbear startup file /lib/systemd/system/[email protected].