Adding remote ssh access to your Raspberry Pi without port forwarding

So, if you’re like me, you probably don’t want to run around all over the place carrying your Pi with you. Sure it’s nice and small, but it’s also a bit bulky to put in your front pocket, and heaven help you if you sit down on it, while it’s in your back one. Of course you can put it in a brief  case or backpack, but I like to travel super light.

Anyway, so I like to keep my Pi tucked away in my office and out of sight, but I also like to have access to it from wherever I might be. And this is where Weaved’s services come in handy. I used to be a big fan of port forwarding, till I started getting attacked by those scanning for an open SSH port, regardless of whether I was using a different port assignment or not. So I stopped doing that a while ago. My alternative to port forwarding turned to LogMeIn’s Hamachi for quite some time. But there were aspects that I just didn’t like. I didn’t like that thy said the free account could support up to 10 devices, but then I could never really have more than 5 in a free group. And then I really hated running everything through their proxy. Eventually, they wore me down by making things unstable and/or making it more difficult to find working installers for Mac and Linux.

Weaved’s service is free and for just $25 per year you can get a lot of additional capabilities, plus the removal of various popup messages. But the nice thing about it is that it allows me to do something Hamachi doesn’t– grant secure access to a specific service vs. granting access to an entire network. In this respect, Weaved is different than your ordinary VPN service. It provides a greater degree of granularity and establishes secure sessions to your various services you wish to share or expose. If you like, you can read what Techcrunch had to say about Weaved.

So that’s pretty nice.

Once a service has been configured, you can easily get a time-sensitive session from Weaved's portal.

Once a service has been configured, you can easily get a time-sensitive session from Weaved’s portal.

Screen Shot 2014-11-26 at 7.29.13 AM

Once you have the session URL and port number, you’re ready to connect. And URL and port hashes will timeout after a few minutes of non-use, which greatly cuts down on security threats.

Another thing I really like about their service is that it allows me to connect to my devices either via their cloud as a proxy or via a direct peer to peer connection, which is especially nice if you’re pumping data, video, audio, or anything sizable. I like that they can establish a secure, remote connection and then get out of the way. And unlike Hamachi, they maintain their code in github, so that whatever isn’t readily supported by their installers can be crafted together by yours truly, which means I have as much flexibility as I want to customize new applications.

Wanna know something else pretty cool? They have secure notification services built-in and fully customizable, along with an app for iOS. So if I want to tie a particular event on your Pi to an alert that you receive on your iPhone, they give you all the code for that as well. Here, I simply used their sample Yo notification, to send a quickie notification to my iPhone.

Notification is made quite easy via Weaved and all source code is provided.

Notification is made quite easy via Weaved and all source code is provided.

The latency is quite short from when I initiated the Yo command to the time the popup hit my iPhone.

The latency is quite short from when I initiated the Yo command to the time the popup hit my iPhone.

I’ve pretty much got Weaved installed onto all of my devices and services. And they have a very active and growing community, that is mostly geared towards Raspberry Pi developers, though that’s not all inclusive. The company has been around for several years and has over 500,000 customers, including a boat load of surveillance customers and lots and lots of embedded devices.

If you want remote connectivity, you could use some of the web-only solutions out there. But if you’re like me, you’re remotely accessing ssh, nfs, remote desktop, etc. Well, this is the tool to help you. And they currently support various Arm platforms, x86 for Linux, Mac OS X, as well as Windows. And then they seem to support just about every embedded camera, router, and what not that is capable of bootstrapping a custom firmware.  And if you really wanna go nuts and start receiving messages on your TV or other appliances, they even showed integration with Alljoyn 14.06 at the recent AllSeen Alliance Summit.

And if you really want to get smart about your IoT development and/or data center management and control, you should start checking out the source code and building your own more intelligent applications and infrastructure.

Enjoy!

Leave a Reply

Your email address will not be published. Required fields are marked *