Changes for page Monitor & Remote Access Gateway
Last modified by Xiaoye on 2023/11/07 20:12
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -71,7 +71,7 @@ 71 71 (% class="box infomessage" %) 72 72 ((( 73 73 ~* 23 * * * /etc/init.d/auto_update start 74 -*/20 * * * * /usr/bin/monitor_gateway.sh 74 +*/20 * * * * /usr/bin/monitor_gateway.sh 75 75 ))) 76 76 77 77 * Reboot device. ... ... @@ -102,19 +102,237 @@ 102 102 For how to use remoteit, please see : [[Remoteit user instruction for Dragino Gateway>>url:https://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/&file=Dragino-Remoteit_User_Manual.pdf]]. 103 103 104 104 105 -== =Sub-subparagraph===105 +== RSSH Introduction == 106 106 107 - Loremipsumdolorsit amet, consecteturadipiscingelit,seddo eiusmodtemporincididuntut laboreetdolore magna aliqua. Ut enimad minimveniam, quis nostrudexercitationullamcolaborisnisi utaliquipex eacommodoconsequat. Duis auteirure dolor inreprehenderitin voluptatevelitesse cillum dolore eu fugiatnullapariatur. Excepteursint occaecatcupidatat nonproident,sunt in culpa qui officia deseruntmollitanim idest laborum.107 +Reverse SSH for remote access is available in the latest Dragino firmware for gateway. For security concern, the RSSH only available base on end user demand. 108 108 109 +Important Notice: 109 109 110 -= Paragraph 2 = 111 +(% class="box warningmessage" %) 112 +((( 113 +RSSH access will give full control of your device to remote support. Please remove sensitivity info before perform this 114 +This RSSH allow Dragino Support to remote access to the device, If user want to access himself, he need to set up the RSSH server himself. 115 +))) 111 111 112 - Lorem ipsum dolorsitamet, consecteturadipiscingelit,sed do eiusmod temporincididuntut laboreet dolore magna aliqua. Ut enim ad minimveniam, quis nostrud exercitation ullamco laborisnisi ut aliquipexeacommodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit essecillum dolore eu fugiat nulla pariatur. Excepteursint occaecat cupidatat non proident,sunt in culpa qui officia deserunt mollit anim id est laborum.117 +Below gateway support reverse SSH access: 113 113 114 -== Sub-paragraph == 119 +* Firmware Version > lgw~-~-build-v5.4.1618196981-20210412-1111 [[Firmware Download>>url:http://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/LPS8/Firmware/Release/]] 120 +* LG01N, OLG01N (Note: LG01-P LG01-S doesn't support) 121 +* LG02, OLG02 122 +* LG308, DLOS8 123 +* LPS8 124 +* LIG16 125 +* MS14 series if installed with the same firmware. 115 115 116 - Loremipsum dolor sit amet, consectetur adipiscingelit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.Ut enim ad minim veniam, quisnostrudexercitationullamco laboris nisi ut aliquip ex ea commodo consequat.Duis aute irure dolorin reprehenderit in voluptate velit essecillumdolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident,sunt in culpa qui officia deseruntmollit anim id est laborum.127 +=== End User Guide to use SSH access === 117 117 118 - ==Sub-paragraph==129 +Go to this the Reverse SSH page as below: 119 119 120 -Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. 131 +[[~[~[image:https://wiki.dragino.com/images/thumb/5/55/RSSH_Menu2.png/500px-RSSH_Menu2.png~|~|height="256" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:RSSH_Menu2.png]] 132 + 133 +Get the RSSH configure page 134 + 135 +[[~[~[image:https://wiki.dragino.com/images/thumb/7/78/RSSH_Menu3.png/500px-RSSH_Menu3.png~|~|height="313" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:RSSH_Menu3.png]] 136 + 137 +Connection OK. 138 + 139 +* **Login ID**: Input sshuser 140 +* **Host Address**: Input support.dragino.com 141 +* **Host Port** : Please email to support @ dragino.com to get a valid host port. 142 +* **Connect at Startup** : Choose to enable connect once the device is powered. 143 +* **Network Keys**; Click the Generate keys to generate the keys and download / mail it to Dragino support so Dragino can prepare the remote access to 144 + 145 +After doing above, please download and mail the public keys to Dragino support and wait for our mail for the valid host port. Input the valid host port got from our support and click connect so we can remote access to your gateway. 146 + 147 + 148 +=== Set Up RSSH Server === 149 + 150 +Advance administrator can config a SSH server to provide support their end user themselves., Steps as below 151 + 152 +==== Step 1:Download the SSH service code ==== 153 + 154 +1).git clone [[https:~~/~~/github.com/dragino/rssh-server.git>>url:https://github.com/dragino/rssh-server.git]] rssh-server 155 + 156 +[[~[~[image:https://wiki.dragino.com/images/thumb/d/d0/Git_clone.png/500px-Git_clone.png~|~|height="89" width="555"~]~]>>url:https://wiki.dragino.com/index.php/File:Git_clone.png]] 157 + 158 +2).cd rssh-server; sudo make ~-~--> to Generate the execute file:rssh_serv 159 + 160 +[[~[~[image:https://wiki.dragino.com/images/thumb/e/e3/Generate_the_execute_file.png/500px-Generate_the_execute_file.png~|~|height="114" width="554"~]~]>>url:https://wiki.dragino.com/index.php/File:Generate_the_execute_file.png]] 161 + 162 + 163 +**Debug** : 164 + 165 +{{{ if you git fail. --> sudo: git: command not found. 166 + please install git. --> yum install git -y or apt-get install git -y. 167 +}}} 168 + 169 +{{{ if you make error 127,it lack of gcc. 170 + please install gcc. -->yum install gcc. 171 +}}} 172 + 173 +[[~[~[image:https://wiki.dragino.com/images/d/d7/Lack_of_gcc.png~|~|height="174" width="434"~]~]>>url:https://wiki.dragino.com/index.php/File:Lack_of_gcc.png]] 174 + 175 + 176 +{{{ if you make a fatal error : sqlite3.h,it lack of sqlite3. 177 + please insatell sqlite3. 178 +}}} 179 + 180 +[[~[~[image:https://wiki.dragino.com/images/thumb/9/93/Lack_of_sqlite3.png/500px-Lack_of_sqlite3.png~|~|height="137" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Lack_of_sqlite3.png]] 181 + 182 + 183 +**How to install Sqlit3** 184 + 185 +(% class="box infomessage" %) 186 +((( 187 + Step1:Download the SQLit3 installation package 188 + sudo wget 189 +Step2:tar the SQLit3 installation package 190 + sudo tar -zxvf sqlite-autoconf-3350300.tar.gz 191 +Step3:Generate the makefile 192 + cd sqlite-autoconf-3350300/;./configure 193 +Step4:Compile makefile 194 + sudo make 195 +Step5:Install makefile 196 + sudo make install 197 +Check: 198 + cd /usr/local/bin;ls -al ~-~-> Check to see if there is a file for sqlite3 199 + cd sqlite-autoconf-3350300/;./sqlite3 test.db ~-~-> Test whether the sqlite3 was installed successfully 200 +debug: 201 + If you get the imformation that is SQLite header and source version mismatch, when you execute./sqlite3 test.db. 202 + Please execute the command /sbin/ldconfig. 203 + After that execute the command ./sqlite3 test.db again. 204 +))) 205 + 206 +===== ===== 207 + 208 +==== Step 2 :Install and run the RSS service ==== 209 + 210 +1):install database for /var/rsshdb.sqlite3 and Server development port for 3721(The default is 3721) 211 + 212 +user must enter the root account and run the following commands 213 + 214 +(% class="box infomessage" %) 215 +((( 216 + $ ./create_sqlite3_db.sh 217 +$ ./rssh_serv -p 3721 2>&1 & 218 +$ ps -ef | grep rssh_serv check 3721 port 219 +))) 220 + 221 +[[~[~[image:https://wiki.dragino.com/images/thumb/c/cb/Intall_database_and_server_development_port.png/500px-Intall_database_and_server_development_port.png~|~|height="70" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Intall_database_and_server_development_port.png]] 222 + 223 + 224 +**Debug:** 225 + 226 +{{{ Check /var/rsshdb.sqlite3 --> ls /var/rsshdb.sqlite3 227 + Check ls /var/rsshdb.sqlite3 --> sudo chmod 777 rssh_serv 228 +}}} 229 + 230 +{{{ if fail to open dpvlry or to bind to it 231 + please kill rssh_serv,and run ./rssh_serv -p 3721 2>&1 & again 232 +}}} 233 + 234 +===== ===== 235 + 236 +===== ===== 237 + 238 +==== Step 3 :Create a minimal SSH user (reverse SSH proxy for the gateway) ==== 239 + 240 +(% class="box infomessage" %) 241 +((( 242 +1):sudo useradd XXXXX (custom user name) 243 +2):sudo passwd xxxxxx 244 +3):cp /bin/bash /bin/rbash 245 +4):sudo nano /etc/passwd ~-~-> Change /bin/bash to /bin/rbash 246 +5):sudo nano /home/xxxxx/.bashrc **empty it,and input export PATH=$HOME/bin** 247 +6):sudo nano /home/xxxxx/.bash_profile **empty it,and input export PATH=$HOME/bin** 248 +))) 249 + 250 +**Now user "XXXXX" is the user with limited permissions of the current system** 251 + 252 +=== How does user get the gateway to connect to a user's private server === 253 + 254 +===== Step1: Come bace the gateway web UI for get the gateway Public key ===== 255 + 256 +1)in the system ~-~-> Remote Mgmt/span> 257 + 258 +[[~[~[image:https://wiki.dragino.com/images/thumb/8/8f/Remote_Mgmt.png/500px-Remote_Mgmt.png~|~|height="367" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Remote_Mgmt.png]] 259 + 260 +Remote Mgmt 261 + 262 +===== Step2: Authorization server ===== 263 + 264 +copy the Gateway Publickey into user's private server "/home/XXXXX/.ssh/authorized_keys" file. 265 + 266 +[[~[~[image:https://wiki.dragino.com/images/thumb/4/49/Publickey.png/500px-Publickey.png~|~|height="81" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Publickey.png]] 267 + 268 +Publickey 269 + 270 +===== Step3: connecte private server ===== 271 + 272 +in the gateway web UI 273 + 274 +[[~[~[image:https://wiki.dragino.com/images/thumb/0/04/Gateway_web_UI.png/500px-Gateway_web_UI.png~|~|height="389" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Gateway_web_UI.png]] 275 + 276 +gateway web UI 277 + 278 +{{{Connection Type : If user's least privileged user with private server uses a password, select Public Key 279 +Note:if user's least privileged user no uses a password,choose from both is fine 280 +Login ID : Input user name "eg : "XXXXX" 281 +Host Address : Input user's private server address 282 +Connect at Startupt: : Choose to enable connect once device is powered. 283 +Click Save and then Connect 284 +}}} 285 + 286 +===== Step 4 :Cheak is fine ===== 287 + 288 +Rssh Host connection Ok 289 + 290 +[[~[~[image:https://wiki.dragino.com/images/thumb/6/6f/Rssh_Host_connection_Ok.png/500px-Rssh_Host_connection_Ok.png~|~|height="225" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Rssh_Host_connection_Ok.png]] 291 + 292 +Rssh Host connection Ok 293 + 294 +user can use common ps | grep ssh to check it in the gateway. 295 + 296 +[[~[~[image:https://wiki.dragino.com/images/thumb/a/ad/Check_the_gateway.png/500px-Check_the_gateway.png~|~|height="47" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Check_the_gateway.png]] 297 + 298 +Check the gateway 299 + 300 +~= 301 + 302 +==== Step4:Create an authorization key file~= ==== 303 + 304 +1):sudo mkdir /home/xxxxx/.ssh; sudo touch /home/xxxxx/.ssh/authorizedkey 305 + 306 +**Debug:** 307 + 308 +{{{ check: sudo ls /home/xxxxx/.ssh/authorizedkey 309 +}}} 310 + 311 +=== How to Ser up a Reverse SSH access === 312 + 313 +==== Step1: Log into the server system ==== 314 + 315 +[[~[~[image:https://wiki.dragino.com/images/thumb/2/26/Loging_server.png/500px-Loging_server.png~|~|height="69" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Loging_server.png]] 316 + 317 +Loging server 318 + 319 +==== Step2:access the gateway ==== 320 + 321 +$ cd rssh-server/ 322 + 323 + 324 +Check the gateway linking to the server $ ./connect-gw.sh -l 325 + 326 +[[~[~[image:https://wiki.dragino.com/images/thumb/e/ee/Check_gateway_link_server.png/500px-Check_gateway_link_server.png~|~|height="157" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Check_gateway_link_server.png]] 327 + 328 +Check the gateway linking to the server 329 + 330 + 331 +access the gateway $ ./connect-gw.sh <GWID> 332 + 333 +[[~[~[image:https://wiki.dragino.com/images/thumb/b/b7/Reverse_ssh_access_the_gateway1.png/500px-Reverse_ssh_access_the_gateway1.png~|~|height="230" width="500"~]~]>>url:https://wiki.dragino.com/index.php/File:Reverse_ssh_access_the_gateway1.png]] 334 + 335 +reverse ssh access the gateway 336 + 337 + 338 +