Changes for page Remote Access Gateway

Last modified by Kilight Cao on 2022/07/25 10:47

From version < 7.1 >

edited by Xiaoling
on 2022/05/27 10:58

To version < 19.4 >

edited by Xiaoling
on 2022/05/31 15:54

Change comment: There is no comment for this version

Raw
Rendered

Summary

Page properties (1 modified, 0 added, 0 removed)
Attachments (0 modified, 11 added, 0 removed)

Details

Page properties

Content

@@ -3,8 +3,9 @@
  {{toc/}}
--= 1. Use Remote.it service =
++= **1. Use Remote.it service** =
++
  Remote.it for remote access is available in the latest Dragino firmware for gateway. For security concern, the remote.it only available base on end user demand.
  (% style="color:red" %)**Important Notice:**
@@ -15,7 +15,7 @@
  For how to use remoteit, please see : [[Remoteit user instruction for Dragino Gateway>>url:https://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/&file=Dragino-Remoteit_User_Manual.pdf]].
--= 2. RSSH Introduction =
++= **2. RSSH Introduction** =
  Reverse SSH for remote access is available in the latest Dragino firmware for gateway. For security concern, the RSSH only available base on end user demand.
@@ -34,10 +34,11 @@
  * LIG16
  * MS14 series if installed with the same firmware.
--== 2.1 For Firmware Version lower than lgw~-~-build-v5.4.1616478814-20210323-1355 ==
--=== 2.1.1 End User Guide to use SSH access ===
++== **2.1 For Firmware Version lower than lgw~-~-build-v5.4.1616478814-20210323-1355** ==
++=== **2.1.1 End User Guide to use SSH access** ===
++
  Go to this the Reverse SSH page as below:
  [[image:image-20220527102348-1.png]]
@@ -60,7 +60,7 @@
  )))
--=== 2.1.2 How to Ser up a Reverse SSH access ===
++=== **2.1.2 How to Ser up a Reverse SSH access** ===
  Advance administrator can config a SSH server to provide support their end user themselves. Instruction is as below:
@@ -80,7 +80,7 @@
  )))
--==== 2.1.2.1 Note for set up RSSH server ====
++==== **2.1.2.1 Note for set up RSSH server** ====
  If gateway reboot or the connection is incidentely close by end node. The port in SSH server will still be occupy for a long time. Administrator can use below commands to release the port.
@@ -95,7 +95,7 @@
  )))
--== 2.2 For Firmware Version higher than lgw~-~-build-v5.4.1618196981-20210412-1111 ==
++== **2.2 For Firmware Version higher than lgw~-~-build-v5.4.1618196981-20210412-1111** ==
  Below gateway support reverse SSH access:
@@ -110,11 +110,11 @@
  )))
--=== 2.2.1 End User Guide to use SSH access ===
++=== **2.2.1 End User Guide to use SSH access** ===
--==== 2.2.1.1 Install the SSH service for server ====
++==== **2.2.1.1 Install the SSH service for server** ====
--===== 2.2.1.1.1 Step 1:Download the SSH service code =====
++===== **2.2.1.1.1 Step 1 : Download the SSH service code** =====
 ).git clone [[https:~~/~~/github.com/dragino/rssh-server.git>>url:https://github.com/dragino/rssh-server.git]] rssh-server
@@ -144,7 +144,7 @@
  please install gcc.    ~-~->(% style="color:#4f81bd" %)**yum install gcc.**
  )))
--[[image:https://wiki.dragino.com/images/d/d7/Lack_of_gcc.png||height="174" width="434"]]
++[[image:image-20220527105856-3.png]]
  lack of gcc
@@ -154,10 +154,11 @@
  please insatell (% style="color:#4f81bd" %)**sqlite3**.
  )))
--[[image:https://wiki.dragino.com/images/thumb/9/93/Lack_of_sqlite3.png/500px-Lack_of_sqlite3.png||height="137" width="500"]]
++[[image:image-20220527105918-4.png]]
  lack of sqlite3
++
  How to install Sqlit3
  (% class="box" %)
@@ -182,9 +182,9 @@
  )))
--===== 2.2.1.1.2 Step 2 :Install and run the RSS service =====
++===== **2.2.1.1.2 Step 2 : Install and run the RSS service** =====
--1):intall database for /var/rsshdb.sqlite3 and Server development port for 3721(The default is 3721)
++1): intall database for /var/rsshdb.sqlite3 and Server development port for 3721(The default is 3721)
  user must enter the root account and run the following commands
@@ -195,7 +195,7 @@
    $ ps -ef | grep rssh_serv check 3721 port
  )))
--[[image:https://wiki.dragino.com/images/thumb/c/cb/Intall_database_and_server_development_port.png/500px-Intall_database_and_server_development_port.png||height="70" width="500"]]
++[[image:image-20220527110436-6.png]]
  intall database and server development port
@@ -203,78 +203,78 @@
  (% class="box" %)
  (((
--Check /var/rsshdb.sqlite3 ~-~->(% class="mark" %)** ls /var/rsshdb.sqlite3**(%%)
--Check ls /var/rsshdb.sqlite3 ~-~-> (% class="mark" %)**sudo chmod 777 rssh_serv**
++Check /var/rsshdb.sqlite3 ~-~->(% style="color:#4f81bd" %)** ls /var/rsshdb.sqlite3**(%%)
++Check ls /var/rsshdb.sqlite3 ~-~-> (% style="color:#4f81bd" %)**sudo chmod 777 rssh_serv**
  )))
  (% class="box" %)
  (((
  if** fail to open dpvlry or to bind to it**
--please kill rssh_serv,and run (% class="mark" %)** ./rssh_serv -p  3721 2>&1 &** (%%) again
++please kill rssh_serv,and run (% style="color:#4f81bd" %)** ./rssh_serv -p  3721 2>&1 &** (%%) again
  )))
--===== 2.2.1.1.3 Step 3 :Create a minimal SSH user (reverse SSH proxy for the gateway) =====
++===== **2.2.1.1.3 Step 3 :Create a minimal SSH user (reverse SSH proxy for the gateway)** =====
--1):(% class="mark" %)**sudo useradd XXXXX**(%%) (custom user name)
++**1): (% style="color:#4f81bd" %)sudo useradd XXXXX(%%)** (custom user name)
--2):(% class="mark" %)**sudo passwd xxxxxx**
++**2):** (% style="color:#4f81bd" %)**sudo passwd xxxxxx**
--3):(% class="mark" %)**cp /bin/bash /bin/rbash**
++**3):** (% style="color:#4f81bd" %)**cp /bin/bash /bin/rbash**
--4):(% class="mark" %)**sudo nano /etc/passwd**(%%) ~-~-> Change /bin/bash to /bin/rbash
++**4):** (% style="color:#4f81bd" %)**sudo nano /etc/passwd**(%%) ~-~-> Change /bin/bash to /bin/rbash
--5):(% class="mark" %)**sudo nano /home/xxxxx/.bashrc**(%%) **empty it,and input export PATH=$HOME/bin**
++**5):** (% style="color:#4f81bd" %)**sudo nano /home/xxxxx/.bashrc**(%%) **empty it,and input export PATH=$HOME/bin**
--6):(% class="mark" %)**sudo nano /home/xxxxx/.bash_profile**(%%) **empty it,and input export PATH=$HOME/bin**
++**6):** (% style="color:#4f81bd" %)**sudo nano /home/xxxxx/.bash_profile**(%%) **empty it,and input export PATH=$HOME/bin**
  **Now user "XXXXX" is the user with limited permissions of the current system**
--=== 2.2.2 How does user get the gateway to connect to a user's private server ===
++=== **2.2.2 How does user get the gateway to connect to a user's private server** ===
--===== 2.2.2.1 Step1: Come bace the gateway web UI for get the gateway Public key =====
++===== **2.2.2.1 Step1: Come bace the gateway web UI for get the gateway Public key** =====
--1)in the system ~-~-> (% class="mark" %)**Remote Mgmt/span>**
++1) in the system ~-~-> (% style="color:#4f81bd" %)**Remote Mgmt/span>**
--[[image:https://wiki.dragino.com/images/thumb/8/8f/Remote_Mgmt.png/500px-Remote_Mgmt.png||height="367" width="500"]]
++[[image:image-20220527110531-7.png]]
  Remote Mgmt
--===== 2.2.2.2 Step2: Authorization server =====
++===== **2.2.2.2 Step2: Authorization server** =====
  copy the Gateway Publickey into user's private server "/home/XXXXX/.ssh/authorized_keys" file.
--[[image:https://wiki.dragino.com/images/thumb/4/49/Publickey.png/500px-Publickey.png||height="81" width="500"]]
++[[image:image-20220527110625-8.png]]
  Publickey
--===== 2.2.2.3 Step3: connecte private server =====
++===== **2.2.2.3 Step3: connecte private server** =====
  in the gateway web UI
--[[image:https://wiki.dragino.com/images/thumb/0/04/Gateway_web_UI.png/500px-Gateway_web_UI.png||height="389" width="500"]]
++[[image:image-20220527110700-9.png]]
  gateway web UI
  (% class="box" %)
  (((
--(% class="mark" %)**Connection Type **(%%)     : If user's least privileged user with private server uses a password, select (% class="mark" %)**Public Key**(%%)
++(% style="color:#4f81bd" %)**Connection Type **(%%)     : If user's least privileged user with private server uses a password, select (% style="color:#4f81bd" %)**Public Key**(%%)
  **Note:if user's least privileged user no uses a password,choose from both is fine**
--(% class="mark" %)**Login ID**(%%)             : Input user name "eg : "XXXXX"
--(% class="mark" %)**Host Address**(%%)         : Input user's private server address
--(% class="mark" %)**Connect at Startupt**(%%): Choose to enable connect once device is powered.
++(% style="color:#4f81bd" %)**Login ID**(%%)             : Input user name "eg : "XXXXX"
++(% style="color:#4f81bd" %)**Host Address**(%%)         : Input user's private server address
++(% style="color:#4f81bd" %)**Connect at Startupt**(%%): Choose to enable connect once device is powered.
  Click Save and then Connect
  )))
--===== 2.2.2.4 Step 4 :Cheak is fine =====
++===== **2.2.2.4 Step 4 :Cheak is fine** =====
  Rssh Host connection Ok
--[[image:https://wiki.dragino.com/images/thumb/6/6f/Rssh_Host_connection_Ok.png/500px-Rssh_Host_connection_Ok.png||height="225" width="500"]]
++[[image:image-20220527111009-10.png]]
  Rssh Host connection Ok
@@ -281,12 +281,12 @@
  user can use common ps | grep ssh to check it in the gateway.
--[[image:https://wiki.dragino.com/images/thumb/a/ad/Check_the_gateway.png/500px-Check_the_gateway.png]]
++[[image:image-20220527111041-11.png]]
  Check the gateway
--===== 2.2.2.5 Step5:Create an authorization key file =====
++===== **2.2.2.5 Step5:Create an authorization key file** =====
 ):sudo mkdir /home/xxxxx/.ssh; sudo touch /home/xxxxx/.ssh/authorizedkey
@@ -297,22 +297,26 @@
   check: sudo ls /home/xxxxx/.ssh/authorizedkey
  )))
--=== 2.2.3 How to Ser up a Reverse SSH access ===
--==== 2.2.3.1 Step1: Log into the server system ====
++=== **2.2.3 How to Ser up a Reverse SSH access** ===
--[[image:https://wiki.dragino.com/images/thumb/2/26/Loging_server.png/500px-Loging_server.png||height="69" width="500"]]
++==== **2.2.3.1 Step1: Log into the server system** ====
++[[image:image-20220527111145-12.png]]
++
  Loging server
--==== 2.2.3.2 Step2:access the gateway ====
++==== **2.2.3.2 Step2:access the gateway** ====
++(% class="box" %)
++(((
  $ cd rssh-server/
++)))
  Check the gateway linking to the server $ ./connect-gw.sh -l
--[[image:https://wiki.dragino.com/images/thumb/e/ee/Check_gateway_link_server.png/500px-Check_gateway_link_server.png||height="157" width="500"]]
++[[image:image-20220527111219-13.png]]
  Check the gateway linking to the server
@@ -319,6 +319,6 @@
  access the gateway $ ./connect-gw.sh <GWID>
--[[image:https://wiki.dragino.com/images/thumb/b/b7/Reverse_ssh_access_the_gateway1.png/500px-Reverse_ssh_access_the_gateway1.png||height="230" width="500"]]
++[[image:image-20220527111300-14.png]]
  reverse ssh access the gateway

image-20220527105918-4.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+11.3 KB

Content

image-20220527110011-5.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+11.2 KB

Content

image-20220527110436-6.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+10.5 KB

Content

image-20220527110531-7.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+79.9 KB

Content

image-20220527110625-8.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+30.7 KB

Content

image-20220527110700-9.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+66.6 KB

Content

image-20220527111009-10.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+22.5 KB

Content

image-20220527111041-11.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+13.4 KB

Content

image-20220527111145-12.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+6.3 KB

Content

image-20220527111219-13.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+9.1 KB

Content

image-20220527111300-14.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+XWiki.Xiaoling

Size

...	...	@@ -1,0 +1,1 @@
	1	+28.6 KB

Content

Changes for page Remote Access Gateway

Summary

Details

Applications

Navigation