![]() ![]() ![]() I certainly didn’t get it right on my first try. Please let me know if you have any issues with ssh or key authentication. You could also VPN in if your router supports it directly or you already have a tunnel set up. To access it remotely you’ll probably need a domain for that, since the host-name needs to match the generated certificate. It should be similar to how TLS for the docker daemon is set up if you’ve ever done that. Gstreamer supports this, but the documentation on how to do this is opaque. To do that (more) securely for video, you’ll need to generate a tls certs using openssh and set up RTSP over TLS. ![]() You can simply forward RTSP without TLS but your risk anybody being able to access your camera feed if they intercept your credentials or guess your password. This way it wont change everytime you connect to the router and we will always know the exact address it is at. What you need to do is go into your routers settings and assign the computer you want to connect via ssh a static ip address. For graphics, like accessing the camera, you might consider forwarding a video stream separately the same way you forwarded the ssh port. This is all in the router, not the actual computer. Your best bet is some VNC over a VPN, but I think all encode video using software, rather than the Nano’s encoder hardware. If you need to see the desktop remotely, there isn’t really a good, performant, solution currently. If you get “Gtk-WARNING **: 14:01:14.787: cannot open display:” then X isn’t being forwarded or you forgot to add -X to your ssh command. On windows you can use VcXserv or Xming to connect. To turn it off temporarily you can do “systemctl isolate multi-user.target” and free a ton of ram. The good part about ssh -X is that you don’t even need the GUI (X) running on the nano itself. Remote Access to Desktop GUI (remotely see what the nano desktop is showing) - Again how can I do this securely?įrom a Linux host you should be able to simply add -X to the ssh command and then you’ll be able to run any GUI apps remotely (it should be allowed by default), however ssh -X probably won’t work well for any graphically demanding apps like those requiring 3d or video capabilities.Then you can do ssh instead of fussing with an external IP that won’t stand still. If your external IP is dynamic (likely), you may also wish to purchase a domain and set up a dynamic dns provider (noip or similar). If you want to make your nano even more secure you can install a tool like fail2ban which will ban any repeated failed login attempts. Then you should be able to access your nano by doing “ssh -p (port) ip addresss)” just as you would on your local network. These two steps will be different depending on your router/firewall and can range from very simple to very frustrating depending on the sadism of the developers. forward a port from some external port number to the nano’s static ip and tcp port 22.assign a static ip to your nano through your router (sometimes this is in the DHCP section) and.What those changes mean is that you can no longer log in with a password but must always log in using the key. Once you save that file, run “sudo systemctl restart sshd” to apply those changes. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |