Menu
What's new
By:
Filters Better Search

Raspberry Pi as Jumpbox

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

sfx2000

sfx2000

Part of the Furniture
Been playing around with the recent Raspbian release from last month - Jessie with Pixel...

If you have a Pi2/3 - it's worth checking out - the UI updates are nice, but the real value is the modern browser (Chromium) and RealVNC server...

A common question for many is how to remotely admin their router (esp. on the AsusWRT subforums), and the common approach is either to enable SSH, or enable the WebGUI - both of which are extremely risky...

Raspbian has a full-on OpenSSH implementation, and can be directed to whatever port one wants, and one can lock it down pretty tight...

The alt approach would be to just port forward port 5900 and use RealVNC - the RealVNC viewer software is free to use, and the PIXEL includes a free server license...

The caveat here is that RealVNC will use the "pi" user account credentials as a default to login to VNC, so one should absolutely change the password from the default to something more robust...

As you can see below - the broswer works just fine here - Pi2 is a bit slow, Pi3 is much better - I wouldn't recommend doing this with Pi1 or PiZero - but one can always try.

If folks are interested, I'll go a bit more into details on how to make this work, but Pi as a jumpbox makes a lot of sense rather than exposing the Router directly...

Screen Shot 2016-10-22 at 2.19.35 PM.png
 
Just as a quick heads up and security concern with Raspbian - since it ships with OpenSSH Server active (and pre-configured), it is important to regenerate the ssh keys -- do this before even considering exposing the Pi to the public internet...

Code: 
rm /etc/ssh/ssh_host_* && dpkg-reconfigure openssh-server

And like I mentioned above, definitely change the "pi" user account password - there's other things that can be done to improve security...

(and the advice above about regenerating the ssh host keys are also applicable to VM appliance images that one can get for VMWare, Parallels, and VirtualBox)
 
Last edited:
Based on another discussion in the Asus sub-forums - wonder if anyone has used the USB port on the router to power a Pi - putting a USB power bank in the middle would minimize power spikes to the router, and provide good/clean power to the Pi...

And then just plug the Pi into an available LAN port on the router itself... see below

Screen Shot 2016-10-28 at 8.19.08 AM.png
 
the upside with above is that if the router is reset, one doesn't lose power to the Pi - which can be useful in cases like router SW dev/config - example being having USB to Serial from the Pi to the router's UART...
 
sfx2000 said:
Someone has built a VMWare management image for PiA/B...

If one is running ESXi inside the LAN, this can be a useful tool...

http://xtravirt.com/product-information/vpi
Click to expand...

I can't get a download for it, but per the web page seems like it may not have been updated for a while (since ESXi 5.1?). I have to admit I don't do a lot of CLI management of my home server (mainly just spinning up or tearing down test VM's), so I just use SSH port forwarding for ESXi management either with vSphere client or the new WebUI in 6.0. The vSphere client works if the local port forwards are bound to any loopback address EXCEPT 127.0.0.1.
 
mtganzer said:
I can't get a download for it, but per the web page seems like it may not have been updated for a while (since ESXi 5.1?). I have to admit I don't do a lot of CLI management of my home server (mainly just spinning up or tearing down test VM's), so I just use SSH port forwarding for ESXi management either with vSphere client or the new WebUI in 6.0. The vSphere client works if the local port forwards are bound to any loopback address EXCEPT 127.0.0.1.
Click to expand...

The web store is non-obvious, but select a quantity of "1", and it should take you to checkout from there...

http://www.fakenamegenerator.com - might come in handy ;)
 
sfx2000 said:
Based on another discussion in the Asus sub-forums - wonder if anyone has used the USB port on the router to power a Pi - putting a USB power bank in the middle would minimize power spikes to the router, and provide good/clean power to the Pi...
Click to expand...

Trying to use host machine to power the Pi is not recommended - seems that the microUSB port and how the Pi handshakes (it doesn't), some hosts will drop to nominal power which in the USB spec is 100 miliAmps, which is not enough to reliably power a Pi, even a PiZero.. so wall power is the right way there...
 
sfx2000 said:
The web store is non-obvious, but select a quantity of "1", and it should take you to checkout from there...

http://www.fakenamegenerator.com - might come in handy ;)
Click to expand...

Managed to get it, and the image is definitely not been updated since 2013. I didn't have time to put it on a Pi, but looking at the release notes, it doesn't look like anything you could not already download for free as tarballs from VMware.
 
mtganzer said:
Managed to get it, and the image is definitely not been updated since 2013. I didn't have time to put it on a Pi, but looking at the release notes, it doesn't look like anything you could not already download for free as tarballs from VMware.
Click to expand...

They haven't updated their image in a long time... but as you suggest, there are other ways ;)

I not very inclined to help out VMWare at the moment, as I'm getting really tired of the client/desktop costing there...

Even with their promo periods for upgrades - it gets tiresome, and I've been moving away from that ecosystem in any event...

Screen Shot 2016-12-20 at 6.00.45 PM.png
 
You must log in or register to reply here.

Similar threads

I
Need Help Accessing Raspberry Pi Webserver by Name on WiFi Devices
Replies
5
Views
590
isabasu
I
S
Offload OpenVPN to Raspberry Pi 5 versus using my AXE16000 for site-site?
Replies
2
Views
500
sunactive
S
B
How to setup IPV6 static route for Docker IPVLAN
Replies
0
Views
372
BigScream
B
B
Raspberry PI won't connect to either my guest or main SSID
2
Replies
22
Views
2K
billrouter
B
TheLyppardMan
Pi-hole for noobs?
Replies
12
Views
1K
glens
G

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 969 (members: 27, guests: 942)
Top