Access your Raspberry Pi anytime, anywhere with frp

foreword

What is a "Raspberry Pi" on Zhihu and how do ordinary people play? The high-voted answer, during the Double Eleven time, decisively bought a Raspberry Pi 3. The goods arrived on Monday (11.13). I just want to implement a simple function - I want to access my Raspberry Pi from anywhere. Just Like a Pandora's box, the first step must be to get the key!

assemble

Assembling actually refers to putting the Raspberry Pi into the red and white shell. The basic idea is to go to the seller's store to read the assembly instructions. Among them, the installation of the small fan is a bit special, and needs to be connected to 4/6 feet. It is the outermost layer. The 2nd and 3rd from the right. If the connection is not right, the small fan will not turn. I specially took a picture as a reminder:

fan

debugging

As I said before, I bought a set with a small monitor. The main reason is that the IP of the intranet changes frequently, and it is not easy for me to determine the IP of the Raspberry Pi. The password needs to be entered manually.

Although I have listened to a lot, but I really saw that small box, coupled with such a low-priced monitor, they actually cooperated together and displayed the system desktop, which is still a little touched. NB ah~

desktop

PS: This small monitor can also be used as an external monitor for mac. First use the mac monitor, remember that the operation technique is: move the mouse out of the screen forcefully , and then the cursor will automatically appear on another screen.

Change the default ssh password

Raspberry Pi's ssh login password, the default username is: pi , the default password is: ** raspberry** to be changed at the first time.

passwd

Set up ssh automatic login

The Raspberry Pi does not have a directory .ssh by default , you need to create it first. After logging in to the Raspberry Pi with ssh, execute in the Pi:

mkdir ~/.ssh/

On any computer that wants to access the Raspberry Pi, execute it directly (instead of logging in to the Raspberry Pi and executing it):

# 设置自动登录.
cat ~/.ssh/id_rsa.pub | ssh pi@树莓派内网ip  "cat >>  ~/.ssh/authorized_keys"

The intranet IP of the Raspberry Pi should be changed to the intranet IP of the Raspberry Pi. Of course, the computer you use to access the Raspberry Pi must be in the same local area network as the Raspberry Pi.

Change root password

The Raspberry Pi does not have a root password by default, you can set it directly.

# 设置 root 密码
sudo passwd root

# 解锁 root 账户
sudo passwd --unlock root

# 切换到 root 账户
su root

Solve the problem of incomplete use of Raspberry Pi capacity

I have a 64G memory card, but the total size of the container is only 7.2G. The first reaction was that I encountered a black-hearted merchant, but I searched online and simply set it to restart. For details, see: http://cedar-renjun.github.io /2015/10/11/resize-raspberry-sd-volume/

The key steps are documented here for review:

Operation steps 1. Reboot the Raspberry Pi, enter the command line page 2. Log in to the Raspberry Pi, username pi , password raspberry

sudo su to switch to superuser
df -h shows the status and usage of the current partition
Type fdisk /dev/mmcblk0 to load the SD card
p print the current partition and you should see three partitions (mmcblk0, mmcblk0p1, mmcblk0p2), now write down the information of partition 2 (/dev/mmcblk0p2) I mainly recorded the start sector (122880) and the end sector (8447999) ) value 7. Press d to start deleting the partition
The system prompts to enter the delete partition number, enter 2
Press n to create a new partition, then enter p , 2
Next, enter the original recorded 2-sector start number (122880), remember to replace it with your own number
Press w to keep the configuration
Enter reboot to restart the Raspberry Pi
Enter sudo resize2fs /dev/mmcblk0p2 to update the system
Enter df -h to see if the remaining space has been fully used

Note: After step 10, the system prompts to enter the end sector, just keep the default and press Enter.

configure frp

Prepare public network ip and public network server

The public network ip and the public network server are similar to a bridge. Through it, we can access the Raspberry Pi we placed on the intranet. The server, I bought the minimum configuration cloud server. Of course, use the existing ip and Servers can too.

Optional: prepare a domain name

Top-level domain name or second-level domain name, as long as ip type DNS resolution can be done. This step is to simply resolve the domain name to the public network ip of the previous step. This will save trouble for future access, and you don’t need to remember the ip. Of course, It is also possible to access directly by ip.

Configure frp server--frps

The server side of frp, the general name is frps, and the configuration file is frps.ini. These two files should be placed on your public network server. Generally, you should go to the release page to find the latest version of frp's corresponding operating system Download the version. Here frp_0.13.0_linux_amd64.tar.gz is used as an example.

# 下载.下载地址可以在github发布页右键点击某个下载项 --> 复制链接地址.
wget https://github.com/fatedier/frp/releases/download/v0.13.0/frp_0.13.0_linux_amd64.tar.gz

# 解压.
tar -zxvf frp_0.13.0_linux_amd64.tar.gz

# cd 到 frp 目录.
cd frp_0.13.0_linux_amd64

# 编辑.debian上,打开vim的命令是 vi,不是 vim.
vi frps.ini

In frps.ini enter:

[common]
bind_port = 7000
vhost_http_port =80
dashboard_port = dashboard_port_number
dashboard_user = dashboard_user_name
dashboard_pwd = dashboard_pwd_value
privilege_token = privilege_token_value

Then, turn on frps:

./frps -c ./frps.ini

Once the server is configured, you should be able to open the frp console page in your browser:

dashboard

Notice:

Dashboard_port_number is changed to a specific port number, such as 8000, so that you can access the frps web console page through http://yourip:8000 .
dashboard_user_name and dashboard_pwd_value, to be changed to a custom username and password to be entered when accessing the frps console page.
The privilege_token_value is changed to a custom value. As long as the client and the server privilege_token match, the client can connect to the frp server.

Configure frp client -- Raspberry Pi

The client of frp, the general name is frpc, and the configuration file is frpc.ini. These two files should be placed on your intranet server - Raspberry Pi. Generally, you should go to the release page to find the corresponding frp The latest downloaded version of the operating system. Here frp_0.13.0_linux_arm.tar.gz is used as an example.

# 下载.下载地址可以在github发布页右键点击某个下载项 --> 复制链接地址.
wget https://github.com/fatedier/frp/releases/download/v0.13.0/frp_0.13.0_linux_arm.tar.gz

# 解压.
tar -zxvf frp_0.13.0_linux_arm.tar.gz

# cd 到 frp 目录.
cd frp_0.13.0_linux_arm.tar.gz

# 编辑. debian上,打开vim的命令是 vi,不是 vim.
vi frpc.ini

In frpc.ini enter:

[common]
server_addr = your_server_ip
server_port = 7000
privilege_token = privilege_token_value
login_fail_exit = false

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22

remote_port = remote_port_number

Then, open frpc to:

./frpc -c ./frpc.ini

After configuring the server, you should be able to access your Raspberry Pi using ssh from any computer that can connect to the Internet:

# 端口和ip要记得替换为自己的.
ssh -oPort=remote_port_number pi@your_server_ip

Notice:

your_server_ip should be replaced with the public network ip bound to the public network server.
The frps server and client do not have to be the same operating system, but the frp version is best to correspond to
Raspberry Pi 3 debian system requires the arm version of the program installation package.
privilege_token should correspond to frps.ini on the server side
login_fail_exit is very important, otherwise the frpc function cannot be automatically started when the system is restarted later.
remote_port_number, used to specify which port of the remote server to ssh to access the Raspberry Pi.

Autostart frp with Systemd

Systemd can ensure that frp-related services can be automatically started when the Raspberry Pi restarts unexpectedly. In this way, we don't have to worry about all kinds of accidents all day long.

Install Systemd

Most Linux systems have Systemd built in. If not, you can install it manually.

To install systemd please run:

apt-get update
apt-get install systemd
apt-get install systemd-sysv

After installing systemd, in order to use the system as systemd, it is best to specify the following parameters on the kernel command line in the grub configuration file:

vi /etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash init=/lib/systemd/systemd"

In order to boot the system with the newly installed systemd, reboot the system:

# reboot

Using Systemd to manage frps on the server side

# 需要先 cd 到 frp 解压目录.

# 复制文件
cp frps /usr/local/bin/frps
mkdir /etc/frp
cp frps.ini /etc/frp/frps.ini

# 编写 frp service 文件，以 centos7 为例,适用于 debian
vim /usr/lib/systemd/system/frps.service
# 内容如下
[Unit]
Description=frps
After=network.target

[Service]
TimeoutStartSec=30
ExecStart=/usr/local/bin/frps -c /etc/frp/frps.ini
ExecStop=/bin/kill $MAINPID

[Install]
WantedBy=multi-user.target

# 启动 frp 并设置开机启动
systemctl enable frps
systemctl start frps
systemctl status frps

# 部分服务器上,可能需要加 .service 后缀来操作,即:
systemctl enable frps.service
systemctl start frps.service
systemctl status frps.service

Using Systemd to manage frpc on the Raspberry Pi client

# 需要先 cd frp 解压目录.

# 复制文件
cp frpc /usr/local/bin/frpc
mkdir /etc/frp
cp frpc.ini /etc/frp/frpc.ini

# 编写 frp service 文件，以 centos7 为例,适用于 debian
vim /usr/lib/systemd/system/frpc.service
# 内容如下
[Unit]
Description=frpc
After=network.target

[Service]
TimeoutStartSec=30
ExecStart=/usr/local/bin/frpc -c /etc/frp/frpc.ini
ExecStop=/bin/kill $MAINPID

[Install]
WantedBy=multi-user.target

# 启动 frp 并设置开机启动
systemctl enable frpc
systemctl start frpc
systemctl status frpc

# 部分服务器上,可以需要加 .service 后缀来操作,即:
systemctl enable frpc.service
systemctl start frpc.service
systemctl status frpc.service

Notice:

When frps or frpc fails to start, you can try to stop the service first, such as:

systemctl stop frpc