Friday, February 06, 2015

Remote Access & Monitoring of a FreeStar Hotspot


Now that I've setup a couple D-Star compatible hotspots I've got some additional tips and tricks to share if anyones interested.

Both of the hotspots I was involved with are running the FreeStar* software http://www.va3uv.com/freestar.htm.

FreeStar runs on Debian linux, which can operate on various computer platforms. Personally I've been using BeagleBone Black's, but you also can use a Raspberry Pi, both are micro singleboard computers designed for hobbyists, projects, etc. Priced at around $50 each, these are affordable, and much much smaller then dedicating an old PC to the job.



Once your FreeStar hotspot is up and running you're probably already using two seperate tools to manage it.
  • The dashboard webpage generated by FreeStar from your browser.
  • An SSH client like PuTTY for a remote command line interface into the Debian OS
This article will provide some additonal enhancements and/or tools that you may find interesting.

Access from the outside.

If you've followed VA3UV Ramesh's excellant install guides for FreeStar you've already completed some/all of these mandatory first steps. If not, go back and do it, these are essential requirements.

- Change the default password in your Debian operating system. The 'root' account is the most powerful account in the Linux OS, securing it with a very very good password is a MUST. Be smart, use letters, numbers, special characters, capitals, lowercase, etc. The longer the password, the more secure.


- Setup your hotspot on a internal static IP address within your network.


- Change your SSH service to run on a non-standard port (the default is 22) for example use 222 or 220.

- Setup port forwarding rules in your router. All these rules should reference the static IP that you've assigned to your hotspot.
TCP 5088 for the web dashboard
TCP xxx for SSH (insert your unique non-default SSH port)
UDP 20001
UDP 30001
UDP 4000

With these steps completed you should now be able to reach your hotspot dashboard & SSH from the internet. To test it use a website like WhatIsMyIP.com to find out what your external (internet) IP address is. Use that IP instead of the internal one to try and view the dashboard page

Examples
  • LAN URL - http://192.168.1.10:5088
  • Internet URL - http://96.50.241.59:5088

Dynamic DNS 

(DDNS) is a service where your external (internet) IP address is resolved into a simpler to use domain name like ve7hsp.ham-radio-op.net.

Most D-Star hot spots will be setup in people homes / shacks. Your internet connection is provided by a local ISP and your external dynamic IP address will be automatically changed on some schedule. Becasue of these random changes to your outside IP address you may loose access to your hotspot from the outside if you don't have some way of knowing when these address changes occur.

DDNS services like DynDNS.com work by letting you pick out a custom domain name from a selection of options. You'll then run a small app on one of the desktop computers within your home to routinely check what your outside IP address is, and relay any changes back to the DDNS servers.

The DDNS update software doesn't have to run on your hotspot, any computer within the same home network that's turned on all the time (or almost all the time) will do. If you're comfortable with the Linux OS you can run a DDNS daemon on your hotspot, but I'll let you figure that out on your own. Personally I have a Windows system on 24/7 so I just run the updater in the background on that machine.  

DDNS services are available for free from companies like 

I mentioned DynDNS earlier specifically because one of their registered domains is...
ham-radio-op.net
Even though they are a paid service, I thought it was cool to able to register the domain
(mycallsign).ham-radio-op.net 
That's really easy to remember.

So in summary, with a DDNS service setup you'll never need to know what your current external IP address is, even if it changes. You'll also be able to use a custom domain name (like other internet websites) instead of knowing the IP address. With the new domain being a constant you can bookmark your dashboard in your favorite browser, and create a saved profile in PuTTY for SSH.

Remote Monitoring

So, if you've been following the steps so far...

  • Your SSH is secured with a non-standard port and strong password
  • Your internet router has all the open ports required to the outside (the internet)
  • You've setup a Dynamic DNS service so you don't need to know your external IP address, and you have a handy to remember domain name to use instead.
Now you can open a web browser from anywhere on the internet and see your hotspot dashboard. You can also share your dashboard page with fellow ham's, very handy when wondering if they are on D-Star and where ("oh hey, he's linked to Reflector 1 Charlie right now, I'll link there as well and see if I can reach him").

You can now install an SSH client on another PC/laptop and control the hotspot from the road, work, or while on vacation.

Personally I've been playing around with doing all of this from my smartphone as well.

On Android I installed the JuiceSSH app (free) and now I have an SSH client on the phone.

I added the JuiceSSH Performance Monitor plugin (free) and I can monitor the hotspot from anywhere.


73

Aaren - VA7AEJ





No comments: