Home‎ > ‎HowTo‎ > ‎

Get SSH access via 3G

If you want to connect to a Bifferboard remotely via a 3G connection then you need to punch out as you can't open ports on a 3G dongle.

Please check out "tinc" http://www.tinc-vpn.org/ to set up a VPN to your board (and any other device anywhere on the internet)

Alternatively...

Here's the script that checks if the connection has failed (run every few mins): 

#!/bin/sh 
# Script to check if bifferboard has an internet connection and if not 
redial the mobile connection 
www.google.co.uk = xxx.xxx.xxx.xxx (use some site that will always be up!) 
sz_Ping_Site="xxx.xxx.xxx.xxx" 
sz_Mobile_Operator=vod3g 
i_Ping_Count=5 
i_Min_Packet_Loss_Percent=99 

echo "***3G connection checker***" 

sz_Packet_Loss=`/bin/ping -c$i_Ping_Count $sz_Ping_Site | grep -o '[0-9]\{1,3\}% packet loss' | grep -o '^[0-9]\{1,3\}'` 

echo "Packet loss:" 
echo $sz_Packet_Loss 

#Below can be read as "if the packetloss variable is empty (no match in ping result) or the packet loss is greater than the minimum 
allowed" 
if [ -z "$sz_Packet_Loss" ] || [ -n "$sz_Packet_Loss" -a "$sz_Packet_Loss" -gt $i_Min_Packet_Loss_Percent ]; then 
  if [ -z "$sz_Packet_Loss" ]; then 
      echo "Error in ping so reconnect" 
  else 
        echo "Unacceptable packet loss (greater than $i_Min_Packet_Loss_Percent) so reconnect" 
  fi 
  /usr/bin/killall pppd 
  /bin/sleep 15 
  #/bin/rm -f /etc/resolv.conf 
  #Clear the messages log 
  /etc/init.d/syslog-ng stop 
  /bin/cat /root/scripts/messages >> /root/scripts/messages.log 
  /bin/rm -f /var/log/messages 
  /etc/init.d/syslog-ng start 
  /usr/sbin/pppd call $sz_Mobile_Operator 
  /bin/sleep 15 
  #Check for failure 
  sz_Connection_Error=`grep -e "is locked by pid" -e "Connect script failed" -e "ERROR^M" /root/scripts/messages` 
  if [ -z "$sz_Connection_Error" ]; then 
        #No apparent failure 
        /sbin/route del -net default gw 192.168.1.254 
        /sbin/route add -net default gw 10.64.64.64 
  else 
        #Connection error so no option but to reboot and try again 
        /sbin/reboot 
  fi 
else 
  echo "Connection ok" 
fi 

Here's the script that then punches out: 
ssh -y -N -T -i /root/.ssh/id_rsa -R 1234:localhost:22 root@xxx.xxx.xxx.xxx/22 

where xxx.xxx.xxx.xxx is an IP address of a linux server with fixed IP address on the internet. The ssh command here is creating a link between the remote port 1234 to the local port 22 on the bifferboard. 


For this to work you'll need to transfer the public key of the board to the authorized_keys file on your remote server like this: 

dropbearkey -t rsa -f /root/.ssh/id_rsa 
dropbearkey -f /root/.ssh/id_rsa -y > /root/.ssh/id_rsa.pub 

Bit long winded- but after all that you can connect through your fixed server to the bifferboard and then tunnel onto any device on the customer network. Might also be useful if using a bifferboard as a solar-powered sensor or something like that. 

Comments