Probably like most of you I have a Raspberry Pi 2 sitting around not doing a lot. A project that I wanted to use mine for is setting up reliable network access to my home network when I'm away. I'm a geek, so network access for me means SSH. The problem with a lot of solutions out there is that ISPs on home networks change IPs, routers have funky port configurations, and a host of other annoyances that make setting up access unreliable. That's where Pagekite comes in.
Pagekite is a service that is based in Iceland and allows tunneling various protocols, including SSH. It gives a DNS name at one end of that tunnel and allows connecting from anywhere. They run on Open Source software and their libraries are all Open Source. They charge a small fee, which I think is reasonable, but they also provide a free trial account that I used to set this up and test it. You'll need to signup for Pagekite to get the name and secret to fill in below.
The first thing I did was setup Ubuntu core on my Pi and get it booting and configured. Using the built in configure tool it grabs my SSH keys already, so I don't need to do any additional configuration of SSH. You should always use key based login when you can. Then I SSH'd in on the local network to install and setup a small Pagekite snap I made like this:
# Install the snap sudo snap install pagekite-ssh
# Configure the snap snap set pagekite-ssh kitename=<your name>.pagekite.me kitesecret=<a bunch of hex>
# Restart the service to pickup the new config sudo systemctl restart snap.pagekite-ssh.pagekite-ssh.service
# Look at the logs to make sure there are no errors journalctl --unit snap.pagekite-ssh.pagekite-ssh.service
I then I configured my SSH to connect through Pagekite by editing my
Host *.pagekite.me User <U1 name> IdentityFile ~/.ssh/id_launchpad CheckHostIP no ProxyCommand /bin/nc -X connect -x %h:443 %h %p
What is novel to me is that I now have a small low-power board that I can plug into any network, it will grab an IP address and setup a tunnel to a known address to access it. It will also update itself without me interacting with it at all. I'm considering putting one at my Dad's house as well to enable helping him with his network issues when the need arises. Make sure to only put these on networks that you have permission though!
posted Apr 17, 2017 | permanent link