Bering-uClibc 7.x - User Guide - Advanced Topics - Setting Up rtty to access the console from a web browser
|Setting Up rtty to access the console from a web browser|
|Prev||Bering-uClibc 7.x - User Guide||Next|
This chapter introduces the rtty tool to get console access to a LEAF router from a web browser.
A possible scenario could be that you are sitting in an office, a hotel room or whatever without the possibility to establish a ssh connection to your LEAF router but at least can connect to the web with http to your own web server.
rttytool is a combination of the
rtty client running on a LEAF router and a
rttys"server" running on your web server.
The server notes are only a short example, how it works from localhost, hopefully you'll get the picture what's needed to add it to your web server. The client running on your LEAF router will be explained in more detail.
Setting up a rttys server
Setting up the
mysql/mariadb on your server.
To set up the server side download
rtty from https://github.com/zhaojh329/rttys/releases and untar the tarball.
Next prepare your database:
On database instance, login to database console as root:
mysql -u root -p
Create database user which will be used by
rttys, authenticated by password. This example uses 'rttys' as password. Please use a secure password for your instance.
CREATE USER 'rttys' IDENTIFIED BY 'rttys';
Create database with UTF-8 charset and collation. Make sure to use utf8mb4 charset instead of utf8 as the former supports all Unicode characters (including emojis) beyond Basic Multilingual Plane. Also, collation chosen depending on your expected content. When in doubt, use either unicode_ci or general_ci.
CREATE DATABASE rttys CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';
Grant all privileges on the database to database user created above.
GRANT ALL PRIVILEGES ON rttys.* TO 'rttys'; FLUSH PRIVILEGES;
Quit from database console by exit.
Change into the new directory and run:
Note the token given for next step and the client setup on the LEAF router.
To start the server side running
./rttys run -t [yourtoken]
You should be now able to connect to
rttys server from you browser:
Setting up the rtty client on a LEAF router
Installing and configuring
leaf.cfg and reboot your LEAF router.
Configure rtty in /etc/default/rtty
rttys server address, add the token and the hostname:
# IP address of the rttys Server SERVER="192.168.1.1"
# Token on your remote rttys server TOKEN="yourtoken"
# Set your hostname HOSTNAME="firewall"
Configure root access via rtty
To allow root login from rttys into the LEAF router it is necessary to add pts ports (pseudo terminal ports) to
... pts/0 pts/1 pts/2 pts/3
To connect rtty from the LEAF router to your rttys server you need to open the port 5912 from your firewall to the zone where the webserver is located running rtty. This could be the local zone (as in the example below), the DMZ or on the net depending on your needs.
/etc/shorewall/rules and add
# enable rtty (assuming the rttys server is in local zone) ACCEPT fw loc tcp 5912
From your browser pointing to http://localhost:5913/ refresh the list of rtty clients and access the devcies's shell. Login and enjoy.