Remote Access

From HiveTool
Revision as of 16:55, 19 February 2020 by Justin (talk | contribs) (VNC)
Jump to: navigation, search

Introduction

Monitoring stations will by necessity be out in the weather, which requires that they be sealed from the elements. However, this makes them difficult to access if you want to make any changes to the software or just log in to check on things. Breaking open the sealed container runs the risk of compromising its integrity, and is a time-consuming pain besides. The following sections will cover ways to access your HiveTool remotely.

Assumptions and Configuration

The following discussion assumes you're using a Raspberry Pi with the 0.8.4 release of HiveTool software. It also assumes minimal experience with Linux and is targeted primarily at Windows users.

Remote Access on a Local Network

The HiveTool program typically assumes access to an internet connection to perform basic functions, like coordinate time with NIST servers and upload data to the HiveTool.net site. While some installations will be entirely wired by ethernet cables, the typical somewhat remote placement of apiaries means there will likely be a wireless connection involved. Wired or wireless, if you have access to the same router that the HiveTool is connecting to the Internet through, you can access it through that connection. This should allow the user to have a laptop or other portable computer, connect to the same network the HiveTool devices are using, and modify and configure them without otherwise interacting with them.

PuTTY

If you're comfortable with a Command Line Interface (CLI), by far the easiest method it to use Secure SHell (SSH) connections. If using a Windows machine to connect to a Linux operating system like the Raspbian OS on a Raspberry Pi, the most common software is PuTTY

After downloading and installing PuTTY, when you run it you should see a page similar to the following:

PuTTY.png

Notice that the SSH connection type is already selected and the Port defaults to 22. You should not have to change these settings. If the computer you are using is connected to the same network that the Pi is using (i.e. they're all on the same Local network), you can enter its hostname and click "Open" to start a secure shell session:

PuTTY login.png

You can see that the terminal has the user name we used (pi), the hostname (XU-Gobnait-1) and has taken us to the home directory for our command line prompt (~ $). Note that your hostname will be whatever is set for your Raspberry Pi and will almost certainly not match what is shown above. If you know the IP address the HiveTool is using you can also connect to it using that, though the hostname is usually simpler as it will find the device even if it's IP has changed (as most devices are assigned IPs dynamically and change periodically). If you don't know what hostname your HiveTool is using or you want to change it to something else, check the Changing Your Hostname page.

You will then be prompted to log in to your HiveTool. You should have been given a user name and password with your installation, or else have set it yourself; in most cases the default user of pi is used. Don't be alarmed if you don't see anything show up while typing your password; Linux doesn't display characters when entering passwords by default, but it is recording them.

You are now in a typical terminal session and can execute commands as normal. However you will most likely not be able to use the desktop interface unless you're willing to go through extra work configuring PuTTY to handle it. For cases requiring the GUI, VNC or XRDP will likely be easier.

SSH login.png


XRDP

Default installations of HiveTool have XRDP or X Remote Desktop Protocol already installed and running. This is a Linux version of the protocol that most Windows machines use to connect remotely to other Windows machines, and is typically already installed on most users' devices. To connect using RDP, start typing in the Windows search bar or look in the start menu for "Remote Desktop"

Windows RDP.png

As before, you can use the Hostname to search the local network for devices with a particular name. If you get an error box you can safely ignore it, or click the check box so you don't get the warning in the future:

RDP login.png RDP warning.png

You will then be taken to a login screen where you can enter your credentials as usual:

RDP pi login.png

From there you should see the familiar desktop of your Raspberry Pi. Note the addition of a new icon labeled thinclient_drives - your desktop session is actually being held in RAM on the Pi, which can constrain your use of other programs if you are memory-limited like with some of the older or smaller models such as the Raspberry Pi Zero.

VNC

VNC or Virtual Network Computing is a standard method of connecting with Linux machines and is also supported. While not installed by default on Windows machines, you can get a free VNC viewer here. After downloading and installing, running the program will give you a starting screen similar to the following:

VNC starting screen.png

We will now need to set up a server on the Pi so that we can connect to it from the viewer. This will require one-time direct access to the Raspberry Pi. Open a terminal either by logging into the command line or from the desktop GUI, or use the method described above

You can start a session simply by typing vncserver in the command line and pressing enter:

VNC start server.png

Note the server catchphrase "Sample choice costume. Legend oval cloud." and signature - these are security measures to be sure you're connecting to the correct computer in case someone was trying to spoof your connection. This is unlikely, but good to know. Also note the last line, which tells you what your connection will be, specifically XU-Gobnait-1:1

Going back to our Windows machine and VNC Viewer, we will enter this information to connect to our device and get an authentication screen:

VNC start viewer.png VNC authentication.png

As before you should see the familiar HiveTool desktop, though resolution may be reduced depending on your settings and connection speed. Note that this time there is no "thinclient_drives" icon on the desktop.

To make it so that a VNC server is started on boot, go to your Pi's configuration page, click on the "Interfaces" tab, and select "Enable" for VNC. You will likely need to use a different connection name however, possibly :0 or none at all.

Troubleshooting

Cannot Find [hostname]

Make sure you are using the proper hostname to connect. If you purchased an SD card with the HiveTool software on it, you should have received a letter detailing what the hostname would be. If you installed it yourself, you should be aware of what it was. The the default hostname is raspberry, and the default username and password for Raspbian is pi/raspberry though it usually requests that you change it immediately, as default passwords are insecure and susceptible to being changed by anyone that can access your hardware. You can also check your terminal session to see what the hostname is.

If you want to use something different for your hostname, check out the Changing Your Hostname page

This likely means that your device is not on the same network. Make sure both the Pi and your computer are connected to the network, and that the network it is connected to is the same as the one you are trying to access it from. If one of the connections is wired using ethernet cables and one is on WiFi, be sure that the cable is plugged into the same router that the other device is connecting to wirelessly.

Using ipconfig from a Windows command line and ifconfig from the Pi's terminal can give you some information about the network connection.

Cannot Log In

If you can access an authentication screen but you cannot log in, double check what your user name and password are. If you bought a HiveTool disk you should have been provided a letter with login information; note that the login information for the HiveTool configuration page is different from that required to access the raspberry pi. If you can physically access the pi and it logs in automatically, consider trying to change the password to something you know and trying again.

Remote Access from a Non-Local Network

This will allow remote access to the hive computer without opening any ports on the router using reverse IP tunneling.

NOTE THAT THIS WILL ONLY WORK IF YOU HAVE ACCESS TO THE HIVETOOL DATABASE!

Create an automatic login from pi@hive_computer to user@target_host

http://www.linuxproblem.org/art_9.html

On hive_computer, as pi, generate the key: sudo ssh-keygen -t rsa

# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
d9:2e:40:2d:59:b1:6e:f2:08:7e:6a:3e:96:2e:bf:04 root@NAPAPi5
The key's randomart image is:
+---[RSA 2048]----+
|        o.       |
|       + .       |
|      + o        |
|     . o o       |
|  E . o S .      |
|   o . * .       |
|    o.o o .      |
|  ..=o   .       |
|   B*o           |
+-----------------+

append it to target_host's authorized_keys

cat .ssh/id_rsa.pub | ssh -pTARGET_PORT pi@TARGET_IP 'cat >> .ssh/authorized_keys'

where

TARGET_PORT is target_host's ssh port, if use, like 8022
TARGET_IP is target_hosts ip, like 192.168.254.12

Make hive_command.pl executable:

sudo chmod a+x hive_command.pl