Wiki source code of Monitor & Remote Access Gateway
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | {{box cssClass="floatinginfobox" title="**Contents**"}} | ||
| 2 | {{toc/}} | ||
| 3 | {{/box}} | ||
| 4 | |||
| 5 | = **1. Monitor Gateway** = | ||
| 6 | |||
| 7 | == **1.1 Introduction** == | ||
| 8 | |||
| 9 | This introduction shows how to use a script to monitor the gateway. The video link for this instruction is: [[https:~~/~~/youtu.be/8PieIwfSF_g>>url:https://youtu.be/8PieIwfSF_g]] | ||
| 10 | |||
| 11 | [[image:image-20220531144606-1.png]] | ||
| 12 | |||
| 13 | |||
| 14 | == **1.2 Steps** == | ||
| 15 | |||
| 16 | * Create account in ThingsSpeak and creat channel. | ||
| 17 | * Download script from dragino site and move it to properly directory | ||
| 18 | |||
| 19 | (% class="box infomessage" %) | ||
| 20 | ((( | ||
| 21 | root@dragino-1baf44:~~# wget [[http:~~/~~/www.dragino.com/downloads/downloads/LoRa_Gateway/LPS8/Firmware/customized_script/monitor_gateway.sh>>url:http://www.dragino.com/downloads/downloads/LoRa_Gateway/LPS8/Firmware/customized_script/monitor_gateway.sh]] | ||
| 22 | Downloading '[[http:~~/~~/www.dragino.com/downloads/downloads/LoRa_Gateway/LPS8/Firmware/customized_script/monitor_gateway.sh'>>url:http://www.dragino.com/downloads/downloads/LoRa_Gateway/LPS8/Firmware/customized_script/monitor_gateway.sh']] | ||
| 23 | Connecting to 162.241.22.11:80 | ||
| 24 | Writing to 'monitor_gateway.sh' | ||
| 25 | monitor_gateway.sh 100% |~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~**| 1860 0:00:00 ETA | ||
| 26 | Download completed (1860 bytes) | ||
| 27 | root@dragino-1baf44:~~# chmod +x monitor_gateway.sh;mv monitor_gateway.sh /usr/bin/ | ||
| 28 | root@dragino-1baf44:~~# | ||
| 29 | root@dragino-1baf44:~~# | ||
| 30 | ))) | ||
| 31 | |||
| 32 | * change the script monitor_gateway.sh with properly users setting: | ||
| 33 | |||
| 34 | (% class="box infomessage" %) | ||
| 35 | ((( | ||
| 36 | USER='xxxxx' # user name in your thinkspeak ~-~-> Profile | ||
| 37 | PASS='xxxxx' #MQTT_API_KEY in your thinkspeak ~-~-> Profile | ||
| 38 | CHAN_ID='xxxx' #Channel ID of the channel for this gateway | ||
| 39 | CHAN_KEY='xxxxx' #Channel Write API of the channel for this gateway | ||
| 40 | ))) | ||
| 41 | |||
| 42 | * run **/usr/bin/monitor_gateway.sh** to test if upload is good. | ||
| 43 | |||
| 44 | * Add monitor_gateway.sh to cron work **/etc/crontabs/root** to make this script runs perdiocally, below is an example to update every 20 minutes | ||
| 45 | |||
| 46 | (% class="box infomessage" %) | ||
| 47 | ((( | ||
| 48 | # For details see man 4 crontabs | ||
| 49 | # Example of job definition: | ||
| 50 | # .~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~- minute (0 - 59) | ||
| 51 | # | .~-~-~-~-~-~-~-~-~-~-~-~-- hour (0 - 23) | ||
| 52 | # | | .~-~-~-~-~-~-~-~-~-~- day of month (1 - 31) | ||
| 53 | # | | | .~-~-~-~-~-~-- month (1 - 12) OR jan,feb,mar,apr ... | ||
| 54 | # | | | | .~-~-~-~- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat | ||
| 55 | # | | | | | | ||
| 56 | # * * * * * user-name command to be executed | ||
| 57 | #*/10 * * * * checklog | ||
| 58 | ~* 23 * * * /etc/init.d/auto_update start | ||
| 59 | */20 * * * * /usr/bin/monitor_gateway.sh | ||
| 60 | ))) | ||
| 61 | |||
| 62 | * Reboot device. | ||
| 63 | |||
| 64 | == **1.3 Monitor Public IP** == | ||
| 65 | |||
| 66 | The monitor_gateway.sh has been updated to upload the public ip of the device as well. | ||
| 67 | |||
| 68 | User can find the public ip in field7, the chart is not able to show the complete public ip, user can check that in the export. | ||
| 69 | |||
| 70 | [[image:image-20220531145559-2.png]] | ||
| 71 | |||
| 72 | Find Public IP | ||
| 73 | |||
| 74 | |||
| 75 | |||
| 76 | = **2. Remote Access** = | ||
| 77 | |||
| 78 | == **2.1 Remote Access via Remote.it.** == | ||
| 79 | |||
| 80 | Remote.it for remote access is available in the latest Dragino firmware for gateway. For security concern, the remote.it only available base on end user demand. | ||
| 81 | |||
| 82 | Important Notice: | ||
| 83 | |||
| 84 | * Remote.it access will give full control of your device to remote support. | ||
| 85 | * The Remote.it allow Dragino Support to remote access to the device, If user want to access himself, it need to sign up for an remote.it account. | ||
| 86 | |||
| 87 | For how to use remoteit, please see : [[Remoteit user instruction for Dragino Gateway>>url:https://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/&file=Dragino-Remoteit_User_Manual.pdf]]. | ||
| 88 | |||
| 89 | |||
| 90 | == **2.2 RSSH Introduction** == | ||
| 91 | |||
| 92 | Reverse SSH for remote access is available in the latest Dragino firmware for gateway. For security concern, the RSSH only available base on end user demand. | ||
| 93 | |||
| 94 | Important Notice: | ||
| 95 | |||
| 96 | (% class="box warningmessage" %) | ||
| 97 | ((( | ||
| 98 | RSSH access will give full control of your device to remote support. Please remove sensitivity info before perform this | ||
| 99 | This RSSH allow Dragino Support to remote access to the device, If user want to access himself, he need to set up the RSSH server himself. | ||
| 100 | ))) | ||
| 101 | |||
| 102 | Below gateway support reverse SSH access: | ||
| 103 | |||
| 104 | * Firmware Version > lgw~-~-build-v5.4.1618196981-20210412-1111 [[Firmware Download>>url:http://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/LPS8/Firmware/Release/]] | ||
| 105 | * LG01N, OLG01N (Note: LG01-P LG01-S doesn't support) | ||
| 106 | * LG02, OLG02 | ||
| 107 | * LG308, DLOS8 | ||
| 108 | * LPS8 | ||
| 109 | * LIG16 | ||
| 110 | * MS14 series if installed with the same firmware. | ||
| 111 | |||
| 112 | |||
| 113 | |||
| 114 | === **2.2.1 End User Guide to use SSH access** === | ||
| 115 | |||
| 116 | Go to this the Reverse SSH page as below: | ||
| 117 | |||
| 118 | [[image:image-20220531150151-3.png]] | ||
| 119 | |||
| 120 | Get the RSSH configure page | ||
| 121 | |||
| 122 | |||
| 123 | |||
| 124 | [[image:image-20220531150338-4.png]] | ||
| 125 | |||
| 126 | Connection OK. | ||
| 127 | |||
| 128 | |||
| 129 | * (% style="color:#037691" %)**Login ID**(%%): Input sshuser | ||
| 130 | * (% style="color:#037691" %)**Host Address**(%%): Input support.dragino.com | ||
| 131 | * (% style="color:#037691" %)**Host Port** (%%): Please email to support @ dragino.com to get a valid host port. | ||
| 132 | * (% style="color:#037691" %)**Connect at Startup**(%%) : Choose to enable connect once the device is powered. | ||
| 133 | * (% style="color:#037691" %)**Network Keys**(%%): Click the Generate keys to generate the keys and download / mail it to Dragino support so Dragino can prepare the remote access to | ||
| 134 | |||
| 135 | After doing above, please download and mail the public keys to Dragino support and wait for our mail for the valid host port. Input the valid host port got from our support and click connect so we can remote access to your gateway. | ||
| 136 | |||
| 137 | |||
| 138 | === **2.2.2 Set Up RSSH Server** === | ||
| 139 | |||
| 140 | Advance administrator can config a SSH server to provide support their end user themselves., Steps as below | ||
| 141 | |||
| 142 | |||
| 143 | ==== **2.2.2.1 Step 1:Download the SSH service code** ==== | ||
| 144 | |||
| 145 | 1).git clone [[https:~~/~~/github.com/dragino/rssh-server.git>>url:https://github.com/dragino/rssh-server.git]] rssh-server | ||
| 146 | |||
| 147 | [[image:image-20220531150750-5.png]] | ||
| 148 | |||
| 149 | 2).cd rssh-server; sudo make ~-~--> to Generate the execute file:rssh_serv | ||
| 150 | |||
| 151 | [[image:image-20220531150811-6.png]] | ||
| 152 | |||
| 153 | |||
| 154 | **Debug** : | ||
| 155 | |||
| 156 | ((( | ||
| 157 | (% class="box" %) | ||
| 158 | ((( | ||
| 159 | if you git fail. ~-~-> (% style="color:#037691" %)**sudo: git: command not found**(%%). | ||
| 160 | please install git. ~-~-> (% style="color:#037691" %)**yum install git -y or apt-get install git -y**(%%). | ||
| 161 | if you make error 127,it** (% style="color:#037691" %)lack of gcc(%%)**. | ||
| 162 | please install gcc. ~-~-> (% style="color:#037691" %)**yum install gcc**(%%). | ||
| 163 | ))) | ||
| 164 | ))) | ||
| 165 | |||
| 166 | [[image:image-20220531151516-7.png]] | ||
| 167 | |||
| 168 | |||
| 169 | ((( | ||
| 170 | (% class="box" %) | ||
| 171 | ((( | ||
| 172 | if you make a fatal error : sqlite3.h,it (% style="color:#037691" %)**lack of sqlite3**(%%). | ||
| 173 | please insatell sqlite3. | ||
| 174 | ))) | ||
| 175 | ))) | ||
| 176 | |||
| 177 | [[image:image-20220531151628-8.png]] | ||
| 178 | |||
| 179 | |||
| 180 | **How to install Sqlit3** | ||
| 181 | |||
| 182 | (% class="box infomessage" %) | ||
| 183 | ((( | ||
| 184 | Step1:Download the SQLit3 installation package | ||
| 185 | sudo wget **[[https:~~/~~/www.sqlite.org/2021/sqlite-autoconf-3350400.tar.gz>>url:https://www.sqlite.org/2021/sqlite-autoconf-3350400.tar.gz]]** | ||
| 186 | |||
| 187 | Step2:tar the SQLit3 installation package | ||
| 188 | sudo tar -zxvf sqlite-autoconf-3350300.tar.gz | ||
| 189 | Step3:Generate the makefile | ||
| 190 | cd sqlite-autoconf-3350300/;./configure | ||
| 191 | Step4:Compile makefile | ||
| 192 | sudo make | ||
| 193 | Step5:Install makefile | ||
| 194 | sudo make install | ||
| 195 | Check: | ||
| 196 | cd /usr/local/bin;ls -al ~-~-> Check to see if there is a file for sqlite3 | ||
| 197 | cd sqlite-autoconf-3350300/;./sqlite3 test.db ~-~-> Test whether the sqlite3 was installed successfully | ||
| 198 | debug: | ||
| 199 | If you get the imformation that is SQLite header and source version mismatch, when you execute./sqlite3 test.db. | ||
| 200 | Please execute the command /sbin/ldconfig. | ||
| 201 | After that execute the command ./sqlite3 test.db again. | ||
| 202 | ))) | ||
| 203 | |||
| 204 | ===== ===== | ||
| 205 | |||
| 206 | ==== **2.2.2.2 Step 2 :Install and run the RSS service** ==== | ||
| 207 | |||
| 208 | 1):install database for /var/rsshdb.sqlite3 and Server development port for 3721(The default is 3721) | ||
| 209 | |||
| 210 | user must enter the root account and run the following commands | ||
| 211 | |||
| 212 | (% class="box infomessage" %) | ||
| 213 | ((( | ||
| 214 | $ ./create_sqlite3_db.sh | ||
| 215 | $ ./rssh_serv -p 3721 2>&1 & | ||
| 216 | $ ps -ef | grep rssh_serv check 3721 port | ||
| 217 | ))) | ||
| 218 | |||
| 219 | [[image:image-20220531151958-10.png]] | ||
| 220 | |||
| 221 | |||
| 222 | **Debug:** | ||
| 223 | |||
| 224 | {{{ Check /var/rsshdb.sqlite3 --> ls /var/rsshdb.sqlite3 | ||
| 225 | Check ls /var/rsshdb.sqlite3 --> sudo chmod 777 rssh_serv | ||
| 226 | }}} | ||
| 227 | |||
| 228 | {{{ if fail to open dpvlry or to bind to it | ||
| 229 | please kill rssh_serv,and run ./rssh_serv -p 3721 2>&1 & again | ||
| 230 | }}} | ||
| 231 | |||
| 232 | ===== ===== | ||
| 233 | |||
| 234 | ===== ===== | ||
| 235 | |||
| 236 | ==== **2.2.2.3 Step 3 :Create a minimal SSH user (reverse SSH proxy for the gateway)** ==== | ||
| 237 | |||
| 238 | (% class="box infomessage" %) | ||
| 239 | ((( | ||
| 240 | 1):sudo useradd XXXXX (custom user name) | ||
| 241 | 2):sudo passwd xxxxxx | ||
| 242 | 3):cp /bin/bash /bin/rbash | ||
| 243 | 4):sudo nano /etc/passwd ~-~-> Change /bin/bash to /bin/rbash | ||
| 244 | 5):sudo nano /home/xxxxx/.bashrc **empty it,and input export PATH=$HOME/bin** | ||
| 245 | 6):sudo nano /home/xxxxx/.bash_profile **empty it,and input export PATH=$HOME/bin** | ||
| 246 | ))) | ||
| 247 | |||
| 248 | **Now user "XXXXX" is the user with limited permissions of the current system** | ||
| 249 | |||
| 250 | |||
| 251 | |||
| 252 | ==== **2.2.2.4 Step4:Create an authorization key file** ==== | ||
| 253 | |||
| 254 | 1):sudo mkdir /home/xxxxx/.ssh; sudo touch /home/xxxxx/.ssh/authorizedkey | ||
| 255 | |||
| 256 | **Debug:** | ||
| 257 | |||
| 258 | {{{ check: sudo ls /home/xxxxx/.ssh/authorizedkey}}} | ||
| 259 | |||
| 260 | |||
| 261 | |||
| 262 | === **2.3 How does user get the gateway to connect to a user's private server** === | ||
| 263 | |||
| 264 | |||
| 265 | ==== **2.3.1 Step1: Come back the gateway web UI to get the gateway Public key** ==== | ||
| 266 | |||
| 267 | 1)in the system ~-~-> (% style="color:#037691" %)**Remote Mgmt/span** | ||
| 268 | |||
| 269 | [[image:image-20220531152419-11.png]] | ||
| 270 | |||
| 271 | |||
| 272 | ==== **2.3.2 Step2: Authorization server** ==== | ||
| 273 | |||
| 274 | Input the Gateway Publickey into user's private server "/home/XXXXX/.ssh/authorized_keys" file. | ||
| 275 | |||
| 276 | [[image:image-20220531152549-12.png]] | ||
| 277 | |||
| 278 | |||
| 279 | ===== **2.3.3 Step3: Connect private server** ===== | ||
| 280 | |||
| 281 | This is same as connect Dragino Support Server but just change the server address to customize server address. | ||
| 282 | |||
| 283 | [[image:image-20220531152633-13.png]] | ||
| 284 | |||
| 285 | |||
| 286 | |||
| 287 | ===== **2.3.4 Step 4 :Check Connection** ===== | ||
| 288 | |||
| 289 | Rssh Host connection Ok | ||
| 290 | |||
| 291 | [[image:image-20220531152815-14.png]] | ||
| 292 | |||
| 293 | |||
| 294 | User can use common ps | grep ssh to check it in the gateway. | ||
| 295 | |||
| 296 | [[image:image-20220531152840-15.png]] | ||
| 297 | |||
| 298 | |||
| 299 | ==== **2.3.5 Step5:Access the gateway from customized server** ==== | ||
| 300 | |||
| 301 | Check what gateways link to server. | ||
| 302 | |||
| 303 | (% class="box infomessage" %) | ||
| 304 | ((( | ||
| 305 | $ ./connect-gw.sh -l | ||
| 306 | ))) | ||
| 307 | |||
| 308 | [[image:image-20220531153016-16.png]] | ||
| 309 | |||
| 310 | |||
| 311 | |||
| 312 | Access the gateway | ||
| 313 | |||
| 314 | (% class="box infomessage" %) | ||
| 315 | ((( | ||
| 316 | $ ./connect-gw.sh <GWID> | ||
| 317 | ))) | ||
| 318 | |||
| 319 | [[image:image-20220531153219-17.png]] |