IGate: Difference between revisions

From OCARC
Jump to navigation Jump to search
 
(7 intermediate revisions by the same user not shown)
Line 42: Line 42:
= SSH Tunnel for Remote Administration =
= SSH Tunnel for Remote Administration =
If your iGate is going to be living behind a firewall and not have a fixed IP address, creating an SSH tunnel back to a central machine is a great way to make an always-on connection to connect to your Pi in the field.  This configuration will set up a tunnel whenever the Pi is booted, and it will restart the tunnel if it ever quits for any reason.
If your iGate is going to be living behind a firewall and not have a fixed IP address, creating an SSH tunnel back to a central machine is a great way to make an always-on connection to connect to your Pi in the field.  This configuration will set up a tunnel whenever the Pi is booted, and it will restart the tunnel if it ever quits for any reason.
Set up ssh client to drop the connection after 120 seconds if no response from server.  Add the following line to /etc/ssh/ssh_config:
<pre>
ServerAliveInterval 120
</pre>
Generate a key pair allowing connection to the server without requiring a password.
<pre>
<pre>
$ mkdir ~/.ssh
$ mkdir ~/.ssh
Line 85: Line 91:
[gateway]$ ssh -l pi -p 2222 localhost
[gateway]$ ssh -l pi -p 2222 localhost
</pre>
</pre>
= Installing APRX =
= Installing APRX =
<pre>
<pre>
Line 115: Line 122:


<interface>
<interface>
   serial-device /dev/modem 115200 8n1 KISS
   serial-device /dev/USB0 4800 8n1 KISS
   tx-ok true
   tx-ok true
</interface>
</interface>
Line 139: Line 146:
   </source>
   </source>
</digipeater>
</digipeater>
</pre>
Create the file /etc/logrotate.d/aprx:
<pre>
/var/log/aprx/aprx.log
/var/log/aprx/aprx-rf.log
{
rotate 7
daily
missingok
notifempty
delaycompress
compress
}
</pre>
Add the following line to /etc/rc.local:
<pre>
/sbin/aprx -L
</pre>
</pre>


== Configuring TNC ==
= Configuring TNC =
<pre>
<pre>
$ sudo apt-get install minicom
$ sudo apt-get install minicom
$ sudo ln -s /dev/ttyACM0 /dev/modem
$ minicom -s
$ minicom
<pick 'serial port setup'>
<change serial device to '/dev/ttyUSB0'>
<set BPS to '4800 8N1'>
<set Hardware flow control to 'no'>
<Select 'exit'>
<hit enter a few times to get cmd prompt>
<hit enter a few times to get cmd prompt>
cmd:usbkiss on
cmd:amode kiss
<ctrl-A>ZQ<enter>
<ctrl-A>ZQ<enter>
</pre>
</pre>

Latest revision as of 05:58, 5 June 2014

The following instructions are for creating an SD card using OSX. The process is similar with other operating systems. I'm assuming that you have some familiarity with Linux and the Raspberry Pi.

Base Operating System

Download http://downloads.raspberrypi.org/raspbian_latest and unzip

Obtain an SD card of at least 4Gb in size

Determine the device name of your SD card reader on your mac by running the following command before and after inserting the SD card. Look for the newly added disk drive. It is important that you get the correct disk name. If you pick the wrong name, you could wipe out the hard drive in your Mac.

$ diskutil list

In this example, the drive name is /dev/disk4

Copy the Raspbian image you downloaded to the SD card. Note that I've added an 'r' to the front of 'disk' in the 'dd' command line. This is the unbuffered device and will result in a quicker copy.

$ diskutil unmountDisk /dev/disk4
$ sudo dd if=2014-01-07-wheezy-raspbian.img of=/dev/rdisk4

This will take some time to finish. Once done, unmount the volume, then remove the SD card.

$ diskutil unmountDisk /dev/disk4

Plug the SD card in to the Raspberry Pi and boot with a screen and keyboard

Select the following options:

  • 1. Expand filesystem
  • 2. Change User Password
  • 3. Enable Boot to Desktop/Scratch - select "Console Text console"
  • 4. Internationalization Options
    • I2 - Change Timezone - Pick an appropriate location. For example, America/Vancouver

Finish and reboot. During this reboot, the filesystem will be expanded to fill the entire SD card. This may take a few minutes.

Log in as 'pi' using the password you selected earlier.

Use the 'ifconfig' command to find out the IP address of the Pi. As a convenience, you can now SSH in to the Pi from your computer. This saves having to use the screen and keyboard connected to the Pi.

Update the Linux packages to make sure you've got the latest patches.

$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo reboot

SSH Tunnel for Remote Administration

If your iGate is going to be living behind a firewall and not have a fixed IP address, creating an SSH tunnel back to a central machine is a great way to make an always-on connection to connect to your Pi in the field. This configuration will set up a tunnel whenever the Pi is booted, and it will restart the tunnel if it ever quits for any reason.

Set up ssh client to drop the connection after 120 seconds if no response from server. Add the following line to /etc/ssh/ssh_config:

ServerAliveInterval 120

Generate a key pair allowing connection to the server without requiring a password.

$ mkdir ~/.ssh
$ cd ~/.ssh
$ ssh-keygen -t rsa

Copy this key to your gateway machine. The gateway machine needs at least a static domain name (perhaps using a service such as DynDNS) or a static IP address. The tunnels will be created back to this machine.

$ scp id_rsa.pub <user>@<gateway_address>:.ssh/<machine_name>.pub

On the gateway machine, you need to create a 'authorized_keys' file. It is likely that you have multiple '.pub' files (one for each iGate in the field). Use the following command on the gateway machine to join all these files together:

[gateway]$ cd ~/.ssh
[gateway]$ cat *.pub > authorized_keys

Create a file on the Pi called ~/create_ssh_tunnel.sh and put the following in it. Replace the '2222' with a unique port number for each remote Pi you have in the field.

#!/bin/bash
createTunnel() {
  /usr/bin/ssh -N -R 2222:localhost:22 <user>@<gateway_address>
  if [[ $? -eq 0 ]]; then
    echo Tunnel to jumpbox created successfully
  else
    echo An error occurred creating a tunnel to jumpbox. RC was $?
  fi
}
/bin/pidof ssh
if [[ $? -ne 0 ]]; then
  echo Creating new tunnel connection
  createTunnel
fi
$ chmod 700 ~/create_ssh_tunnel.sh
$ crontab -e

Add the following line to the crontab file. This will launch the tunnel, and re-create it if the tunnel fails.

*/1 * * * * ~/create_ssh_tunnel.sh > tunnel.log 2>&1

From the gateau machine, use the following command to connect to the remote Pi. Replace '2222' with the port number you chose for the Pi.

[gateway]$ ssh -l pi -p 2222 localhost

Installing APRX

$ mkdir ~/aprx-source
$ cd ~/aprx-source
$ wget http://ham.zmailer.org/oh2mqk/aprx/aprx-2.08.svn587.tar.gz
$ tar xvzf aprx-2.08.svn587.tar.gz
$ cd aprx-2.08.svn587
$ ./configure
$ make clean
$ make
$ sudo make install
$ sudo mkdir /var/log/aprx

Edit /etc/aprx.conf and set/change the following parameters:

mycall VE7HWY-15
myloc lat 4952.75N lon 11927.62W

<aprsis>
   passcode 17846
   server noam.aprs2.net
</aprsis>

<logging>
   pidfile /var/run/aprx.pid
   rflog /var/log/aprx/aprx-rf.log
   aprxlog /var/log/aprx/aprx.log
</logging>

<interface>
   serial-device /dev/USB0 4800 8n1 KISS
   tx-ok true
</interface>

<beacon>
   beaconmode both
   beacon symbol "I#" $myloc comment "Tx-iGate + digi"
</beacon>

<digipeater>
   transmitter $mycall
   <source>
      source $mycall
      relay-type digipeated
      viscous-delay 0
      ratelimit 60 120
   </source>
   <source>
      source APRSIS
      relay-type third-party
      viscous-delay 5
      ratelimit 60 120
   </source>
</digipeater>

Create the file /etc/logrotate.d/aprx:

/var/log/aprx/aprx.log
/var/log/aprx/aprx-rf.log
{
	rotate 7
	daily
	missingok
	notifempty
	delaycompress
	compress
}

Add the following line to /etc/rc.local:

/sbin/aprx -L

Configuring TNC

$ sudo apt-get install minicom
$ minicom -s
<pick 'serial port setup'>
<change serial device to '/dev/ttyUSB0'>
<set BPS to '4800 8N1'>
<set Hardware flow control to 'no'>
<Select 'exit'>
<hit enter a few times to get cmd prompt>
cmd:amode kiss
<ctrl-A>ZQ<enter>