Online Amateur Radio Community Wiki

User Tools

Site Tools

Trace:
pi:remote_access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
pi:remote_access [2025/04/14 21:26] m0mzfpi:remote_access [2025/04/14 22:08] (current) – [Remotely accessing your Pi - Roll your own!] m0mzf
Line 1: Line 1:
-======= Remote accessing your Pi =======+======= Remotely accessing your Pi - Roll your own!=======
  
-Unsurprisingly there are many solutions to this particular cat; is the client Windows or Linux, do you have an internet connection with a public-facing IP address, do you want to roll your own or use / purchase a commercial solution, what on the Pi do you want to access; all these questions and scenarios have different solutions. This guide is mostly geared towards packet operators running LinBPQ on a headless Pi, so let's get into it!+Unsurprisingly there are many solutions to this particular cat; is the client Windows or Linux, do you have an internet connection with a public-facing IP address, do you want to roll your own or use / purchase a third party solution, what on the Pi do you want to access; all these questions and scenarios have different solutions. This "guideis mostly geared towards packet operators with limited network / Linux / Pi experience running LinBPQ on a headless Pi, so let's get into it!
  
-=====Roll your own===== +=====IP addresses, ports, and the internet=====
-====IP addresses, ports, and the internet====+
  
 To set up remote access without using a third party provider, save of course whichever ISPs you have chosen, you will need what is known as a //globally routable IP//, or //Public IP// This is a unique address on the internet which your ISP provides to you, and from this address you connect out, or indeed people connect in. There are two address spaces, IPv4 (which look like 173.194.203.102) and IPv6 (which look like 2607:f8b0:400e:c05::8a); this guide is going to stick to IPv4 addresses for the sake of familiarity and ubiquity. To find out your public IP address (maybe, caveat below!) you can visit a website such as [[https://whatismyipaddress.com/]]. To set up remote access without using a third party provider, save of course whichever ISPs you have chosen, you will need what is known as a //globally routable IP//, or //Public IP// This is a unique address on the internet which your ISP provides to you, and from this address you connect out, or indeed people connect in. There are two address spaces, IPv4 (which look like 173.194.203.102) and IPv6 (which look like 2607:f8b0:400e:c05::8a); this guide is going to stick to IPv4 addresses for the sake of familiarity and ubiquity. To find out your public IP address (maybe, caveat below!) you can visit a website such as [[https://whatismyipaddress.com/]].
Line 38: Line 37:
  
 Probably the best service is [[https://www.duckdns.org/|DuckDNS]], here's how you [[https://pimylifeup.com/raspberry-pi-duck-dns/|set it up on a Pi]]  Probably the best service is [[https://www.duckdns.org/|DuckDNS]], here's how you [[https://pimylifeup.com/raspberry-pi-duck-dns/|set it up on a Pi]] 
 +
 +=====Remote access tools=====
 +
 +By far and away the most secure, flexible and modern way of doing this is using wireguard. Wireguard creates a tunnel between two points, perhaps your Pi and your favourite home PC, and from there you can just use the IP address of the Pi's end of the tunnel to access anything you'd normally do over the network, just as if it was plugged in at home. Wireguard can do much more, but that's outside the scope of these ramblings.
  
 ====SSH==== ====SSH====
 +< To do >
 Public / Private keys Public / Private keys
 SOCKS proxying; browser / telnet SOCKS proxying; browser / telnet
  
 ====Wireguard==== ====Wireguard====
-Setup +(Further expansion needed! Is this the easiest? It's not the "cleanest" but it does work... are full manual setup instructions a good idea?) 
-Usage examples+ 
 +Setting up Wireguard is a little complex, but most of the work has been taken out of it by the superb [[https://www.pivpn.io/|PiVPN Project]], [[here's how you set it up|https://pimylifeup.com/raspberry-pi-wireguard/]]. 
 + 
 +Assuming your Pi is on an internet connection with a globally routable IP and you've set up dynamic DNS and port forwarding, this will work. 
 + 
 +Take a look at the file you created in, for example, /home/pi/configs/myvpn.conf: 
 +<code> 
 +[Interface] 
 +ListenPort = 51820 
 +PrivateKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx= 
 +Address = 172.16.23.58/32 
 +  
 +[Peer] 
 +PublicKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx= 
 +AllowedIPs = 0.0.0.0/0 
 +Endpoint = x.x.x.x:58120 
 +PresharedKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx= 
 +</code> 
 + 
 +Make a note of the "Address" line under [Interface] - this will be the IP address you use to connect to your Pi. 
 + 
 +To set up the other end of the wireguard tunnel on Windows [[https://www.wireguard.com/install/|Install the client]] and import the file which PiVPN created in the previous step. 
 + 
 +To set up the other end of the wireguard tunnel on (most) Linux Distributions (which use NetworkManager) [[https://forum.manjaro.org/t/howto-configure-wireguard-via-the-networkmanager-gui-advanced-network-manager/138040|follow this guide]] to import the file which PiVPN created in the previous step. 
 + 
 +Now you can, for example telnet into your linbpq node: 
 +<code> telnet 172.16.23.58 8010 </code> 
 + 
 +or view the LinBPQ web server 
 +<code> http://172.16.23.58:8008 </code> 
 + 
 +or SSH into your Pi 
 +<code> ssh [email protected] </code>
  
-=====Commercial solutions=====+=======Remotely accessing your Pi - Third party solutions=======
 To do! To do!
-  * Tailscale +  * Tailscale - wireguard made super easy 
-  * Anydesk +  * Anydesk - remote desktop made easy 
-  * Rustdesk+  * Rustdesk - remote desktop made easy and open source
pi/remote_access.1744665968.txt.gz · Last modified: 2025/04/14 21:26 by m0mzf