Difference between revisions of "Remote Access"

From HiveTool
Jump to: navigation, search
(Added connect by IP)
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
==Introduction==
 +
Monitoring stations will by necessity be out in the weather, which requires that they be sealed from the elements. However, this makes them difficult to access if you want to make any changes to the software or just log in to check on things. Breaking open the sealed container runs the risk of compromising its integrity, and is a time-consuming pain besides. The following sections will cover ways to access your HiveTool remotely.
 +
 +
===Assumptions and Configuration===
 +
The following discussion assumes you're using a Raspberry Pi with the 0.8.4 release of HiveTool software. It also assumes minimal experience with Linux and is targeted primarily at Windows users.
 +
 +
==Remote Access on a Local Network==
 +
The HiveTool program typically assumes access to an internet connection to perform basic functions, like coordinate time with NIST servers and upload data to the HiveTool.net site. While some installations will be entirely wired by ethernet cables, the typical somewhat remote placement of apiaries means there will likely be a wireless connection involved. Wired or wireless, if you have access to the same router that the HiveTool is connecting to the Internet through, you can access it through that connection. This should allow the user to have a laptop or other portable computer, connect to the same network the HiveTool devices are using, and modify and configure them without otherwise interacting with them.
 +
 +
===PuTTY===
 +
If you're comfortable with a Command Line Interface (CLI), by far the easiest method it to use Secure SHell (SSH) connections. If using a Windows machine to connect to a Linux operating system like the Raspbian OS on a Raspberry Pi, the most common software is [https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html PuTTY]
 +
 +
After downloading and installing PuTTY, when you run it you should see a page similar to the following:
 +
 +
[[File:PuTTY.png]]
 +
 +
Notice that the '''SSH''' connection type is already selected and the Port defaults to 22. You should not have to change these settings. If the computer you are using is connected to the same network that the Pi is using (i.e. they're all on the same ''Local'' network), you can enter its hostname and click "Open" to start a secure shell session:
 +
 +
[[File:PuTTY_login.png]]
 +
 +
You can see that the terminal has the user name we used ('''pi'''), the hostname ('''XU-Gobnait-1''') and has taken us to the home directory for our command line prompt ('''~ $'''). Note that your hostname will be whatever is set for your Raspberry Pi and will almost certainly not match what is shown above. If you know the IP address the HiveTool is using you can also connect to it using that, though the hostname is usually simpler as it will find the device even if it's IP has changed (as most devices are assigned IPs dynamically and change periodically). If you don't know what hostname your HiveTool is using or you want to change it to something else, check the [[Change_Hostname|Changing Your Hostname]] page.
 +
 +
You will then be prompted to log in to your HiveTool. You should have been given a user name and password with your installation, or else have set it yourself; in most cases the default user of '''pi''' is used. Don't be alarmed if you don't see anything show up while typing your password; Linux doesn't display characters when entering passwords by default, but it is recording them.
 +
 +
You are now in a typical terminal session and can execute commands as normal. However you will most likely not be able to use the desktop interface unless you're willing to go through extra work configuring PuTTY to handle it. For cases requiring the GUI, VNC or XRDP will likely be easier.
 +
 +
[[File:SSH_login.png|500px]]
 +
<br clear=all>
 +
 +
 +
===XRDP===
 +
Default installations of HiveTool have '''XRDP''' or '''X R'''emote '''D'''esktop '''P'''rotocol already installed and running. This is a Linux version of the protocol that most Windows machines use to connect remotely to other Windows machines, and is typically already installed on most users' devices. To connect using RDP, start typing in the Windows search bar or look in the start menu for "Remote Desktop"
 +
 +
[[File:Windows_RDP.png|500px]]
 +
 +
As before, you can use the Hostname to search the local network for devices with a particular name. If you get an error box you can safely ignore it, or click the check box so you don't get the warning in the future:
 +
 +
[[File:RDP_login.png]]  [[File:RDP_warning.png]]
 +
 +
You will then be taken to a login screen where you can enter your credentials as usual:
 +
 +
[[File:RDP_pi_login.png|500px]]
 +
 +
From there you should see the familiar desktop of your Raspberry Pi. Note the addition of a new icon labeled ''thinclient_drives'' - your desktop session is actually being held in RAM on the Pi, which can constrain your use of other programs if you are memory-limited like with some of the older or smaller models such as the Raspberry Pi Zero.
 +
 +
===VNC===
 +
'''VNC''' or '''V'''irtual '''N'''etwork '''C'''omputing is a standard method of connecting with Linux machines and is also supported. While not installed by default on Windows machines, you can get a free VNC viewer [https://www.realvnc.com/en/connect/download/viewer/ here]. After downloading and installing, running the program will give you a starting screen similar to the following:
 +
 +
[[File:VNC_starting_screen.png|500px]]
 +
 +
We will now need to set up a server on the Pi so that we can connect to it from the viewer. This will require one-time direct access to the Raspberry Pi. Open a terminal either by logging into the command line or from the desktop GUI, or [[#PuTTY|use the method described above]]
 +
 +
You can start a session simply by typing '''vncserver''' in the command line and pressing enter:
 +
 +
[[File:VNC_start_server.png|500px]]
 +
 +
Note the server catchphrase "Sample choice costume. Legend oval cloud." and signature - these are security measures to be sure you're connecting to the correct computer in case someone was trying to spoof your connection. This is unlikely, but good to know. Also note the last line, which tells you what your connection will be, specifically '''XU-Gobnait-1:1'''
 +
 +
Going back to our Windows machine and VNC Viewer, we will enter this information to connect to our device and get an authentication screen:
 +
 +
[[File:VNC_start_viewer.png|500px]]  [[File:VNC_authentication.png]]
 +
 +
As before you should see the familiar HiveTool desktop, though resolution may be reduced depending on your settings and connection speed. Note that this time there is no "thinclient_drives" icon on the desktop.
 +
 +
To make it so that a VNC server is started on boot, go to your Pi's configuration page, click on the "Interfaces" tab, and select "Enable" for VNC. You will likely need to use a different connection name however, possibly ''':0''' or none at all.
 +
 +
====Connecting Via IP====
 +
If you know what the IP address the Pi has claimed on the network, you can connect via browser to the configuration page. Most local network addresses will be of the form 192.168.1.XXX, and can sometimes be identified by the router's list of connected devices. Alternatively, you can use [#PuTTY] to remote in and use '''ifconfig -a''' in the terminal to identify the IP address.
 +
 +
Type the IP address you found in the URL area of your browser and you should see the configuration page for the HiveTool. You won't be able to change anything that you couldn't modify exclusively through the page, but if all you're looking to change is the HiveTool parameters or configure sensors this can be an easy way to access them.
 +
 +
===Troubleshooting===
 +
====Cannot Find <nowiki>[hostname]</nowiki>====
 +
Make sure you are using the proper hostname to connect. If you purchased an SD card with the HiveTool software on it, you should have received a letter detailing what the hostname would be. If you installed it yourself, you should be aware of what it was. The the default hostname is '''raspberry''', and the default username and password for Raspbian is '''pi/raspberry''' though it usually requests that you change it immediately, as default passwords are insecure and susceptible to being changed by anyone that can access your hardware. You can also check your terminal session to see what the hostname is.
 +
 +
If you want to use something different for your hostname, check out the [[Change_Hostname|Changing Your Hostname]] page
 +
 +
This likely means that your device is not on the same network. Make sure both the Pi and your computer are connected to the network, and that the network it is connected to is the same as the one you are trying to access it from. If one of the connections is wired using ethernet cables and one is on WiFi, be sure that the cable is plugged into the same router that the other device is connecting to wirelessly.
 +
 +
Using '''ipconfig''' from a Windows command line and '''ifconfig''' from the Pi's terminal can give you some information about the network connection.
 +
 +
====Cannot Log In====
 +
If you can access an authentication screen but you cannot log in, double check what your user name and password are. If you bought a HiveTool disk you should have been provided a letter with login information; note that the login information for the HiveTool configuration page is different from that required to access the raspberry pi. If you can physically access the pi and it logs in automatically, consider trying to change the password to something you know and trying again.
 +
 +
==Remote Access from a Non-Local Network==
 +
 
This will allow remote access to the hive computer without opening any ports on the router using reverse IP tunneling.
 
This will allow remote access to the hive computer without opening any ports on the router using reverse IP tunneling.
  
 
'''''NOTE THAT THIS WILL ONLY WORK IF YOU HAVE ACCESS TO THE HIVETOOL DATABASE!'''''
 
'''''NOTE THAT THIS WILL ONLY WORK IF YOU HAVE ACCESS TO THE HIVETOOL DATABASE!'''''
  
On the hive computer, as pi, generate the key:
+
Create an automatic login from pi@hive_computer to user@target_host
 +
 
 +
http://www.linuxproblem.org/art_9.html
 +
 
 +
On hive_computer, as pi, generate the key:
 
sudo ssh-keygen -t rsa
 
sudo ssh-keygen -t rsa
  
Line 28: Line 118:
 
  +-----------------+
 
  +-----------------+
  
append it to the target host's authorized_keys
+
append it to target_host's authorized_keys
 
  cat .ssh/id_rsa.pub | ssh -pTARGET_PORT pi@TARGET_IP 'cat >> .ssh/authorized_keys'
 
  cat .ssh/id_rsa.pub | ssh -pTARGET_PORT pi@TARGET_IP 'cat >> .ssh/authorized_keys'
 
where
 
where
  TARGET_PORT is the target hosts port, if use, like 8022
+
  TARGET_PORT is target_host's ssh port, if use, like 8022
  TARGET_IP is the target hosts ip, like 192.168.254.12
+
  TARGET_IP is target_hosts ip, like 192.168.254.12
  
 
Make hive_command.pl executable:
 
Make hive_command.pl executable:
 
  sudo chmod a+x hive_command.pl
 
  sudo chmod a+x hive_command.pl

Latest revision as of 17:04, 19 February 2020

Introduction

Monitoring stations will by necessity be out in the weather, which requires that they be sealed from the elements. However, this makes them difficult to access if you want to make any changes to the software or just log in to check on things. Breaking open the sealed container runs the risk of compromising its integrity, and is a time-consuming pain besides. The following sections will cover ways to access your HiveTool remotely.

Assumptions and Configuration

The following discussion assumes you're using a Raspberry Pi with the 0.8.4 release of HiveTool software. It also assumes minimal experience with Linux and is targeted primarily at Windows users.

Remote Access on a Local Network

The HiveTool program typically assumes access to an internet connection to perform basic functions, like coordinate time with NIST servers and upload data to the HiveTool.net site. While some installations will be entirely wired by ethernet cables, the typical somewhat remote placement of apiaries means there will likely be a wireless connection involved. Wired or wireless, if you have access to the same router that the HiveTool is connecting to the Internet through, you can access it through that connection. This should allow the user to have a laptop or other portable computer, connect to the same network the HiveTool devices are using, and modify and configure them without otherwise interacting with them.

PuTTY

If you're comfortable with a Command Line Interface (CLI), by far the easiest method it to use Secure SHell (SSH) connections. If using a Windows machine to connect to a Linux operating system like the Raspbian OS on a Raspberry Pi, the most common software is PuTTY

After downloading and installing PuTTY, when you run it you should see a page similar to the following:

PuTTY.png

Notice that the SSH connection type is already selected and the Port defaults to 22. You should not have to change these settings. If the computer you are using is connected to the same network that the Pi is using (i.e. they're all on the same Local network), you can enter its hostname and click "Open" to start a secure shell session:

PuTTY login.png

You can see that the terminal has the user name we used (pi), the hostname (XU-Gobnait-1) and has taken us to the home directory for our command line prompt (~ $). Note that your hostname will be whatever is set for your Raspberry Pi and will almost certainly not match what is shown above. If you know the IP address the HiveTool is using you can also connect to it using that, though the hostname is usually simpler as it will find the device even if it's IP has changed (as most devices are assigned IPs dynamically and change periodically). If you don't know what hostname your HiveTool is using or you want to change it to something else, check the Changing Your Hostname page.

You will then be prompted to log in to your HiveTool. You should have been given a user name and password with your installation, or else have set it yourself; in most cases the default user of pi is used. Don't be alarmed if you don't see anything show up while typing your password; Linux doesn't display characters when entering passwords by default, but it is recording them.

You are now in a typical terminal session and can execute commands as normal. However you will most likely not be able to use the desktop interface unless you're willing to go through extra work configuring PuTTY to handle it. For cases requiring the GUI, VNC or XRDP will likely be easier.

SSH login.png


XRDP

Default installations of HiveTool have XRDP or X Remote Desktop Protocol already installed and running. This is a Linux version of the protocol that most Windows machines use to connect remotely to other Windows machines, and is typically already installed on most users' devices. To connect using RDP, start typing in the Windows search bar or look in the start menu for "Remote Desktop"

Windows RDP.png

As before, you can use the Hostname to search the local network for devices with a particular name. If you get an error box you can safely ignore it, or click the check box so you don't get the warning in the future:

RDP login.png RDP warning.png

You will then be taken to a login screen where you can enter your credentials as usual:

RDP pi login.png

From there you should see the familiar desktop of your Raspberry Pi. Note the addition of a new icon labeled thinclient_drives - your desktop session is actually being held in RAM on the Pi, which can constrain your use of other programs if you are memory-limited like with some of the older or smaller models such as the Raspberry Pi Zero.

VNC

VNC or Virtual Network Computing is a standard method of connecting with Linux machines and is also supported. While not installed by default on Windows machines, you can get a free VNC viewer here. After downloading and installing, running the program will give you a starting screen similar to the following:

VNC starting screen.png

We will now need to set up a server on the Pi so that we can connect to it from the viewer. This will require one-time direct access to the Raspberry Pi. Open a terminal either by logging into the command line or from the desktop GUI, or use the method described above

You can start a session simply by typing vncserver in the command line and pressing enter:

VNC start server.png

Note the server catchphrase "Sample choice costume. Legend oval cloud." and signature - these are security measures to be sure you're connecting to the correct computer in case someone was trying to spoof your connection. This is unlikely, but good to know. Also note the last line, which tells you what your connection will be, specifically XU-Gobnait-1:1

Going back to our Windows machine and VNC Viewer, we will enter this information to connect to our device and get an authentication screen:

VNC start viewer.png VNC authentication.png

As before you should see the familiar HiveTool desktop, though resolution may be reduced depending on your settings and connection speed. Note that this time there is no "thinclient_drives" icon on the desktop.

To make it so that a VNC server is started on boot, go to your Pi's configuration page, click on the "Interfaces" tab, and select "Enable" for VNC. You will likely need to use a different connection name however, possibly :0 or none at all.

Connecting Via IP

If you know what the IP address the Pi has claimed on the network, you can connect via browser to the configuration page. Most local network addresses will be of the form 192.168.1.XXX, and can sometimes be identified by the router's list of connected devices. Alternatively, you can use [#PuTTY] to remote in and use ifconfig -a in the terminal to identify the IP address.

Type the IP address you found in the URL area of your browser and you should see the configuration page for the HiveTool. You won't be able to change anything that you couldn't modify exclusively through the page, but if all you're looking to change is the HiveTool parameters or configure sensors this can be an easy way to access them.

Troubleshooting

Cannot Find [hostname]

Make sure you are using the proper hostname to connect. If you purchased an SD card with the HiveTool software on it, you should have received a letter detailing what the hostname would be. If you installed it yourself, you should be aware of what it was. The the default hostname is raspberry, and the default username and password for Raspbian is pi/raspberry though it usually requests that you change it immediately, as default passwords are insecure and susceptible to being changed by anyone that can access your hardware. You can also check your terminal session to see what the hostname is.

If you want to use something different for your hostname, check out the Changing Your Hostname page

This likely means that your device is not on the same network. Make sure both the Pi and your computer are connected to the network, and that the network it is connected to is the same as the one you are trying to access it from. If one of the connections is wired using ethernet cables and one is on WiFi, be sure that the cable is plugged into the same router that the other device is connecting to wirelessly.

Using ipconfig from a Windows command line and ifconfig from the Pi's terminal can give you some information about the network connection.

Cannot Log In

If you can access an authentication screen but you cannot log in, double check what your user name and password are. If you bought a HiveTool disk you should have been provided a letter with login information; note that the login information for the HiveTool configuration page is different from that required to access the raspberry pi. If you can physically access the pi and it logs in automatically, consider trying to change the password to something you know and trying again.

Remote Access from a Non-Local Network

This will allow remote access to the hive computer without opening any ports on the router using reverse IP tunneling.

NOTE THAT THIS WILL ONLY WORK IF YOU HAVE ACCESS TO THE HIVETOOL DATABASE!

Create an automatic login from pi@hive_computer to user@target_host

http://www.linuxproblem.org/art_9.html

On hive_computer, as pi, generate the key: sudo ssh-keygen -t rsa

# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
d9:2e:40:2d:59:b1:6e:f2:08:7e:6a:3e:96:2e:bf:04 root@NAPAPi5
The key's randomart image is:
+---[RSA 2048]----+
|        o.       |
|       + .       |
|      + o        |
|     . o o       |
|  E . o S .      |
|   o . * .       |
|    o.o o .      |
|  ..=o   .       |
|   B*o           |
+-----------------+

append it to target_host's authorized_keys

cat .ssh/id_rsa.pub | ssh -pTARGET_PORT pi@TARGET_IP 'cat >> .ssh/authorized_keys'

where

TARGET_PORT is target_host's ssh port, if use, like 8022
TARGET_IP is target_hosts ip, like 192.168.254.12

Make hive_command.pl executable:

sudo chmod a+x hive_command.pl