Changes for page Remote Access Gateway

Last modified by Kilight Cao on 2022/07/25 10:47

From version < 19.4 >

edited by Xiaoling
on 2022/05/31 15:54

To version < 6.1 >

edited by Xiaoling
on 2022/05/27 10:55

Change comment: Uploaded new attachment "image-20220527105511-2.png", version {1}

Raw
Rendered

Summary

Page properties (1 modified, 0 added, 0 removed)
Attachments (0 modified, 0 added, 12 removed)

Details

Page properties

Content

@@ -3,9 +3,8 @@
  {{toc/}}
++= 1. Use Remote.it service =
--= **1. Use Remote.it service** =
--
  Remote.it for remote access is available in the latest Dragino firmware for gateway. For security concern, the remote.it only available base on end user demand.
  (% style="color:red" %)**Important Notice:**
@@ -16,7 +16,7 @@
  For how to use remoteit, please see : [[Remoteit user instruction for Dragino Gateway>>url:https://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/&file=Dragino-Remoteit_User_Manual.pdf]].
--= **2. RSSH Introduction** =
++= 2. RSSH Introduction =
  Reverse SSH for remote access is available in the latest Dragino firmware for gateway. For security concern, the RSSH only available base on end user demand.
@@ -35,11 +35,10 @@
  * LIG16
  * MS14 series if installed with the same firmware.
++== 2.1 For Firmware Version lower than lgw~-~-build-v5.4.1616478814-20210323-1355 ==
--== **2.1 For Firmware Version lower than lgw~-~-build-v5.4.1616478814-20210323-1355** ==
++=== 2.1.1 End User Guide to use SSH access ===
--=== **2.1.1 End User Guide to use SSH access** ===
--
  Go to this the Reverse SSH page as below:
  [[image:image-20220527102348-1.png]]
@@ -62,7 +62,7 @@
  )))
--=== **2.1.2 How to Ser up a Reverse SSH access** ===
++=== 2.1.2 How to Ser up a Reverse SSH access ===
  Advance administrator can config a SSH server to provide support their end user themselves. Instruction is as below:
@@ -82,7 +82,7 @@
  )))
--==== **2.1.2.1 Note for set up RSSH server** ====
++==== 2.1.2.1 Note for set up RSSH server ====
  If gateway reboot or the connection is incidentely close by end node. The port in SSH server will still be occupy for a long time. Administrator can use below commands to release the port.
@@ -97,7 +97,7 @@
  )))
--== **2.2 For Firmware Version higher than lgw~-~-build-v5.4.1618196981-20210412-1111** ==
++== 2.2 For Firmware Version higher than lgw~-~-build-v5.4.1618196981-20210412-1111 ==
  Below gateway support reverse SSH access:
@@ -112,15 +112,15 @@
  )))
--=== **2.2.1 End User Guide to use SSH access** ===
++=== 2.2.1 End User Guide to use SSH access ===
--==== **2.2.1.1 Install the SSH service for server** ====
++==== 2.2.1.1 Install the SSH service for server ====
--===== **2.2.1.1.1 Step 1 : Download the SSH service code** =====
++===== 2.2.1.1.1 Step 1:Download the SSH service code =====
 ).git clone [[https:~~/~~/github.com/dragino/rssh-server.git>>url:https://github.com/dragino/rssh-server.git]] rssh-server
--[[image:image-20220527105447-1.png]]
++[[image:https://wiki.dragino.com/images/thumb/d/d0/Git_clone.png/500px-Git_clone.png||height="80" width="500"]]
  git clone rssh-server
@@ -127,40 +127,38 @@
 ).cd rssh-server; sudo make ~-~--> to Generate the execute file：rssh_serv
--[[image:image-20220527105511-2.png]]
++[[image:https://wiki.dragino.com/images/thumb/e/e3/Generate_the_execute_file.png/500px-Generate_the_execute_file.png||height="103" width="500"]]
  Generate the execute file
--
  **Debug** :
  (% class="box" %)
  (((
--if you git fail.       ~-~->    (% style="color:#4f81bd" %)**sudo: git: command not found.**(%%)
--please install git.  ~-~->    (% style="color:#4f81bd" %)**yum install git -y  or  apt-get install git -y.**
++if you git fail.       ~-~->    (% class="mark" %)**sudo: git: command not found.**(%%)
++please install git.  ~-~->    (% class="mark" %)**yum install git -y  or  apt-get install git -y. **
  )))
  (% class="box" %)
  (((
--if you make error 127,it** (% style="color:#4f81bd" %)lack of gcc.(%%)**
--please install gcc.    ~-~->(% style="color:#4f81bd" %)**yum install gcc.**
++if you make error 127,it** (% class="mark" %)lack of gcc.(%%)**
++please install gcc.    ~-~->(% class="mark" %)**yum install gcc.**
  )))
--[[image:image-20220527105856-3.png]]
++[[image:https://wiki.dragino.com/images/d/d7/Lack_of_gcc.png||height="174" width="434"]]
  lack of gcc
  (% class="box" %)
  (((
--if you make a fatal error : sqlite3.h,it (% style="color:#4f81bd" %)**lack of sqlite3.**(%%)
--please insatell (% style="color:#4f81bd" %)**sqlite3**.
++if you make a fatal error : sqlite3.h,it (% class="mark" %)**lack of sqlite3.**(%%)
++please insatell **sqlite3**.
  )))
--[[image:image-20220527105918-4.png]]
++[[image:https://wiki.dragino.com/images/thumb/9/93/Lack_of_sqlite3.png/500px-Lack_of_sqlite3.png||height="137" width="500"]]
  lack of sqlite3
--
  How to install Sqlit3
  (% class="box" %)
@@ -185,9 +185,9 @@
  )))
--===== **2.2.1.1.2 Step 2 : Install and run the RSS service** =====
++===== 2.2.1.1.2 Step 2 :Install and run the RSS service =====
--1): intall database for /var/rsshdb.sqlite3 and Server development port for 3721(The default is 3721)
++1):intall database for /var/rsshdb.sqlite3 and Server development port for 3721(The default is 3721)
  user must enter the root account and run the following commands
@@ -198,7 +198,7 @@
    $ ps -ef | grep rssh_serv check 3721 port
  )))
--[[image:image-20220527110436-6.png]]
++[[image:https://wiki.dragino.com/images/thumb/c/cb/Intall_database_and_server_development_port.png/500px-Intall_database_and_server_development_port.png||height="70" width="500"]]
  intall database and server development port
@@ -206,78 +206,78 @@
  (% class="box" %)
  (((
--Check /var/rsshdb.sqlite3 ~-~->(% style="color:#4f81bd" %)** ls /var/rsshdb.sqlite3**(%%)
--Check ls /var/rsshdb.sqlite3 ~-~-> (% style="color:#4f81bd" %)**sudo chmod 777 rssh_serv**
++Check /var/rsshdb.sqlite3 ~-~->(% class="mark" %)** ls /var/rsshdb.sqlite3**(%%)
++Check ls /var/rsshdb.sqlite3 ~-~-> (% class="mark" %)**sudo chmod 777 rssh_serv**
  )))
  (% class="box" %)
  (((
  if** fail to open dpvlry or to bind to it**
--please kill rssh_serv,and run (% style="color:#4f81bd" %)** ./rssh_serv -p  3721 2>&1 &** (%%) again
++please kill rssh_serv,and run (% class="mark" %)** ./rssh_serv -p  3721 2>&1 &** (%%) again
  )))
--===== **2.2.1.1.3 Step 3 :Create a minimal SSH user (reverse SSH proxy for the gateway)** =====
++===== 2.2.1.1.3 Step 3 :Create a minimal SSH user (reverse SSH proxy for the gateway) =====
--**1): (% style="color:#4f81bd" %)sudo useradd XXXXX(%%)** (custom user name)
++1):(% class="mark" %)**sudo useradd XXXXX**(%%) (custom user name)
--**2):** (% style="color:#4f81bd" %)**sudo passwd xxxxxx**
++2):(% class="mark" %)**sudo passwd xxxxxx**
--**3):** (% style="color:#4f81bd" %)**cp /bin/bash /bin/rbash**
++3):(% class="mark" %)**cp /bin/bash /bin/rbash**
--**4):** (% style="color:#4f81bd" %)**sudo nano /etc/passwd**(%%) ~-~-> Change /bin/bash to /bin/rbash
++4):(% class="mark" %)**sudo nano /etc/passwd**(%%) ~-~-> Change /bin/bash to /bin/rbash
--**5):** (% style="color:#4f81bd" %)**sudo nano /home/xxxxx/.bashrc**(%%) **empty it,and input export PATH=$HOME/bin**
++5):(% class="mark" %)**sudo nano /home/xxxxx/.bashrc**(%%) **empty it,and input export PATH=$HOME/bin**
--**6):** (% style="color:#4f81bd" %)**sudo nano /home/xxxxx/.bash_profile**(%%) **empty it,and input export PATH=$HOME/bin**
++6):(% class="mark" %)**sudo nano /home/xxxxx/.bash_profile**(%%) **empty it,and input export PATH=$HOME/bin**
  **Now user "XXXXX" is the user with limited permissions of the current system**
--=== **2.2.2 How does user get the gateway to connect to a user's private server** ===
++=== 2.2.2 How does user get the gateway to connect to a user's private server ===
--===== **2.2.2.1 Step1: Come bace the gateway web UI for get the gateway Public key** =====
++===== 2.2.2.1 Step1: Come bace the gateway web UI for get the gateway Public key =====
--1) in the system ~-~-> (% style="color:#4f81bd" %)**Remote Mgmt/span>**
++1)in the system ~-~-> (% class="mark" %)**Remote Mgmt/span>**
--[[image:image-20220527110531-7.png]]
++[[image:https://wiki.dragino.com/images/thumb/8/8f/Remote_Mgmt.png/500px-Remote_Mgmt.png||height="367" width="500"]]
  Remote Mgmt
--===== **2.2.2.2 Step2: Authorization server** =====
++===== 2.2.2.2 Step2: Authorization server =====
  copy the Gateway Publickey into user's private server "/home/XXXXX/.ssh/authorized_keys" file.
--[[image:image-20220527110625-8.png]]
++[[image:https://wiki.dragino.com/images/thumb/4/49/Publickey.png/500px-Publickey.png||height="81" width="500"]]
  Publickey
--===== **2.2.2.3 Step3: connecte private server** =====
++===== 2.2.2.3 Step3: connecte private server =====
  in the gateway web UI
--[[image:image-20220527110700-9.png]]
++[[image:https://wiki.dragino.com/images/thumb/0/04/Gateway_web_UI.png/500px-Gateway_web_UI.png||height="389" width="500"]]
  gateway web UI
  (% class="box" %)
  (((
--(% style="color:#4f81bd" %)**Connection Type **(%%)     : If user's least privileged user with private server uses a password, select (% style="color:#4f81bd" %)**Public Key**(%%)
++(% class="mark" %)**Connection Type **(%%)     : If user's least privileged user with private server uses a password, select (% class="mark" %)**Public Key**(%%)
  **Note:if user's least privileged user no uses a password,choose from both is fine**
--(% style="color:#4f81bd" %)**Login ID**(%%)             : Input user name "eg : "XXXXX"
--(% style="color:#4f81bd" %)**Host Address**(%%)         : Input user's private server address
--(% style="color:#4f81bd" %)**Connect at Startupt**(%%): Choose to enable connect once device is powered.
++(% class="mark" %)**Login ID**(%%)             : Input user name "eg : "XXXXX"
++(% class="mark" %)**Host Address**(%%)         : Input user's private server address
++(% class="mark" %)**Connect at Startupt**(%%): Choose to enable connect once device is powered.
  Click Save and then Connect
  )))
--===== **2.2.2.4 Step 4 :Cheak is fine** =====
++===== 2.2.2.4 Step 4 :Cheak is fine =====
  Rssh Host connection Ok
--[[image:image-20220527111009-10.png]]
++[[image:https://wiki.dragino.com/images/thumb/6/6f/Rssh_Host_connection_Ok.png/500px-Rssh_Host_connection_Ok.png||height="225" width="500"]]
  Rssh Host connection Ok
@@ -284,12 +284,12 @@
  user can use common ps | grep ssh to check it in the gateway.
--[[image:image-20220527111041-11.png]]
++[[image:https://wiki.dragino.com/images/thumb/a/ad/Check_the_gateway.png/500px-Check_the_gateway.png]]
  Check the gateway
--===== **2.2.2.5 Step5:Create an authorization key file** =====
++===== 2.2.2.5 Step5:Create an authorization key file =====
 ):sudo mkdir /home/xxxxx/.ssh; sudo touch /home/xxxxx/.ssh/authorizedkey
@@ -300,26 +300,22 @@
   check: sudo ls /home/xxxxx/.ssh/authorizedkey
  )))
++=== 2.2.3 How to Ser up a Reverse SSH access ===
--=== **2.2.3 How to Ser up a Reverse SSH access** ===
++==== 2.2.3.1 Step1: Log into the server system ====
--==== **2.2.3.1 Step1: Log into the server system** ====
++[[image:https://wiki.dragino.com/images/thumb/2/26/Loging_server.png/500px-Loging_server.png||height="69" width="500"]]
--[[image:image-20220527111145-12.png]]
--
  Loging server
--==== **2.2.3.2 Step2:access the gateway** ====
++==== 2.2.3.2 Step2:access the gateway ====
--(% class="box" %)
--(((
  $ cd rssh-server/
--)))
  Check the gateway linking to the server $ ./connect-gw.sh -l
--[[image:image-20220527111219-13.png]]
++[[image:https://wiki.dragino.com/images/thumb/e/ee/Check_gateway_link_server.png/500px-Check_gateway_link_server.png||height="157" width="500"]]
  Check the gateway linking to the server
@@ -326,6 +326,6 @@
  access the gateway $ ./connect-gw.sh <GWID>
--[[image:image-20220527111300-14.png]]
++[[image:https://wiki.dragino.com/images/thumb/b/b7/Reverse_ssh_access_the_gateway1.png/500px-Reverse_ssh_access_the_gateway1.png||height="230" width="500"]]
  reverse ssh access the gateway

image-20220527105856-3.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-9.9 KB

Content

image-20220527105918-4.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-11.3 KB

Content

image-20220527110011-5.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-11.2 KB

Content

image-20220527110436-6.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-10.5 KB

Content

image-20220527110531-7.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-79.9 KB

Content

image-20220527110625-8.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-30.7 KB

Content

image-20220527110700-9.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-66.6 KB

Content

image-20220527111009-10.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-22.5 KB

Content

image-20220527111041-11.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-13.4 KB

Content

image-20220527111145-12.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-6.3 KB

Content

image-20220527111219-13.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-9.1 KB

Content

image-20220527111300-14.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.Xiaoling

Size

...	...	@@ -1,1 +1,0 @@
1		-28.6 KB

Content

Changes for page Remote Access Gateway

Summary

Details

Applications

Navigation