How to remote access the web dashboard #
Enable the web dashboard for your setup #
Install a ssh server on your PC with the storagenode #
Get started with OpenSSHsudo apt update && sudo apt install ssh -y
Install a ssh client on your device #
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
sudo apt update && sudo apt install ssh -y
Check connection #
Here we will use a user as user on the remote ssh server, and server as hostname or IP of the remote ssh server.
ssh user@server
Password:user@server:~$
ssh user@server
Password:user@server:~$
ssh user@server
Password:user@server:~$
Launch the Termius application
Navigate to the Keychain via hamburger menu
Keychain #
Tap on plus sign and select New Identity.
New Identity
Specify a name of the Identity in the field Name, provide a username for your PC with storagenode in the Username fieled, specify a password in the Password field, confirm creation.
Navigate to the Hosts in the hamburger menu.
Hosts #
Create a new host with the plus sign.
New host
Specify alias for the host, i.e. MyHomePC. Provide the local or public hostname or IP address in the Hostname or IP Address field. Tap on Username icon and select the Identity, created earlier. In our example - user. Confirm creation of the host.
Tap on your host, the MyHomePC in our example, it should request a confirmation to add the fingerprint of the host to the list of known host on your smartphone.
Confirm the connection with a tap on Connect button, the Terminal to your host should appear.
Port forwarding #
ssh -L 14002:localhost:14002 user@server
ssh -L 14002:localhost:14002 user@server
ssh -L 14002:localhost:14002 user@server
Navigate to the Port forwarding screen in the hamburger menu.
Port forwarding #
Tap on plus sign to create a new port forwarding rule.
Tap on Select host and select the host created earlier, in our case MyHomePC.
Select it and fill other parameters for the port forwarding rule:
- Port forward from with 14002 (dashboard port)
- Host to with 127.0.0.1
- Port to with 14002
- Address with 127.0.0.1
Confirm creation.
Check that it’s working - tap on your port forwarding rule, it should connect immediately.
You should see that connection is established and the button Close is appear.
Now, open a web dashboard in your mobile browser: http://localhost:14002
Congratulation!
Navigate to http://localhost:14002 in your browser, you should see a web dashboard of your storagenode.
The connection can be established to your ssh server at that stage from the LAN, however, to publish your ssh server to the internet we need to secure it first. We should enable a key-only way to log in to your server. To be able to do so we need to generate and export your ssh public key to your ssh server before disabling the password login.
Generate ssh keys #
ssh-keygen
ssh-keygen
ssh-keygen
Navigate to the Keychain in the hamburger menu, select created Identity by tap on Identity icon then tap on pencil icon to edit an Identity, tap on Key icon, you will see a screen Select key.
Select key
Select existing key or tap on plus sign, select the option Generate key to generate a new key.
Generate Key
Specify a name for the key in the field Name, provide a passphrase (optional) in the field Passphrase and confirm.
Select the key to return to the edit of the Identity screen, confirm modification.
Export public key from the ssh client to the ssh server #
If the ssh server is a Windows machine, then you can use this guide: Deploying the public key. Otherwise, use the Powershell:
cat ~/.ssh/id_rsa.pub | ssh user@server "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys"
ssh-copy-id -i ~/.ssh/id_rsa.pub user@server
ssh-copy-id -i ~/.ssh/id_rsa.pub user@server
Select Keychain from the hamburger menu
Select the key by tap on key icon, tap on three vertical dots and select Export to host.
Tap on Select host and select the needed host, MyHomePC in our example
Confirm the export to the selected host.
Disable the password login on your ssh server with storagenode #
We need to specify options PubkeyAuthentication yes and PasswordAuthentication no in the config file for the ssh daemon. So, return back to your server with storagenode.
You can use a ssh terminal to make these modifications, but be careful - if you have not added your key to the .ssh/authorized_keys file on your ssh server on previous steps, you will lose an access via ssh to your server.Open the config file %programdata%\ssh\sshd_config with Notepad++ and set options PubkeyAuthentication yes and PasswordAuthentication no, save changes and restart the sshd service either from the Services applet or from the elevated Powershell:
Restart-Service sshd
Open the config file /etc/ssh/sshd_config with a text editor, for example nano, and set the PubkeyAuthentication yes and PasswordAuthentication no options, save the config file and restart the ssh daemon
sudo service ssh restart
Edit the configuration file /private/etc/ssh/sshd_config with a plain text editor, for example - with nano, set the PubkeyAuthentication yes and PasswordAuthentication no options, save the config file and restart the ssh daemon
sudo launchctl stop com.openssh.sshd
sudo launchctl start com.openssh.sshd
Now check your connection: try to connect from your ssh client again, it should now use the ssh key for authentication instead of a password.
To add more security you can install applications such as fail2ban to your Linux or macOS server.
Now, you can make a port forwarding rule on your router for the 22 TCP port (default ssh port) to your ssh server. For more security we recommend to forward an unusual port to the 22 port of the PC with ssh.