On Saturday, 6 June 2020 13:40:26 BST Ralph Corderoy wrote: > Getting this all working whilst talking someone else through the > experimentation and typing sounds hard.
If I can get this working with my simulated WMT network here in my home, then the on-site volunteer should only have to set up port forwarding on the Office Router. Surely he'd have to do that anyway, whether we used VPN or SSH ultimately? The 'simulated WMT network' is a physical representation of the real network at WMT, so I have an RPi3 with the Webserver software on it (and ulimately the VPN if I can get it to co-exist with nodogsplash). On the eth0 side of the RPi3 I have several actual Pi-based devices that are simply spares of the ones installed at WMT, eg a Gate Valve and a Sensor and Control Assembly which connects to the measurement probes. In this setup eth0 is connected to the devices and eth1 is connected to my home Router. Before I ask the on-site volunteer to do anything, I'll get this lot working here and test it by getting the on-site volunteer and others to log in to the Pi network. I will then simply pass the (fully backed-up) SD Card to the on-site volunteer who will substitute it for the one currently in the on-site RPi3 and then configure the Office Router. Only the latter activity should need hand-holding. > I'd start by having autossh(1) on the r-r Pi maintain a SSH connection > from r-r Pi through the office router to an Internet SSH server, which > may be in your home. The Pi's user account would have a private key > with the matching public key installed on the server so no password is > required. The password option should also be forbidden on the server. > > The Pi's .ssh/config would use RemoteForward to forward connections made > to a port on the server back across the established SSH connection where > they'd pop out to the Pi's SSH server's port. Thus you'd have SSH > access to the Pi if you have access to the server and this allows > further experimentation, though there's always a risk what you do will > break everything. A second Pi acting as the SSH tunnel and future VPN > would avoid co-existing with nodogsplash. Is this instead of VPN or both together? Until I go in, I would have to rely on the on-site volunteer to install and integrate the second Pi. That's a bit more than the tasks that I have in mind for him at the moment. -- Terry Coles -- Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk New thread, don't hijack: mailto:dorset@mailman.lug.org.uk