Remote Access

A project log for Wandboard experiments

Setting up the WBQUAD

christoph-tackChristoph Tack 05/22/2020 at 17:190 Comments

How to make a connection from the internet to your wandboard when it's behind a router/NAT?  I see four options:

  1. Reverse-SSH tunnel
  2. Tor as a hidden service
  3. P2P network:
    1. Tox TCP Tunnel
    2. n2n
  4. 3rd party network
  5. Router port forwarding
  6. DMZ

I'll only handle reverse SSH tunneling here, because it avoids fiddling with your router settings.

1. SSH Remote port forwarding / Reverse SSH tunneling

Using almost any port can be forwarded.  In the following example port 22 (SSH) will be forwarded with used as a jump server.  It's also explained here. might not be up all the time.  Check here.

This command instructs to forward incoming SSH-connections (on port 22) destined for the alias "wandboard" (the first wandboard in the command) to the localhost (which is the wandboard) (also on port 22). 

The alias "wandboard" in the command is free for you to choose. The following command must be run from your wandboard:

ubuntu@arm:~$ ssh -R wandboard:22:localhost:22                                                                                                                                                   
Forwarding SSH traffic from alias "wandboard"
Press g to start a GUI session and ctrl-c to quit.

Remark that this command will lock up your terminal if you don't add an &.

If you want to make this connection persistent, you might want to use autossh.

 On your local machine, which could be located anywhere on the internet, you execute the following command:

christoph@christoph-ThinkPad-L580:~$ ssh -J ubuntu@wandboard
Last login: Fri May 22 17:03:39 2020

This command makes an SSH-connection to, which in turn connects us through to ubuntu@wandboard.

Weaved, Dataplicity, ngrokpitunnel offer similar services.  But they require registration and the execution of some sort of script.

Teleconsole can be used to share terminal sessions between users and port forwarding.  Basically, it's just an SSH-proxy.

2. TOR as a hidden service

The disadvantage is that the client side must also use Tor to make a connection.  For more info see Tor project log. Tor is also quite slow.

3. Router port forwarding

For connection through cellular networks, this is not possible because you have no access to the router.

  1. You need access to the configuration of your router.  This will most likely only be possible on your own home network.
  2. Each forwarded port must be setup separately in the router.
  3. You might have to assign a static IP-address to the Wandboard.
  4. The additional problem is that you'll probably don't have a static IP-address, so you'll have to use some Dynamic-DNS service such as Duck-DNS.

4. 3rd party network

5. DMZ

This fully exposes your wandboard to the internet.  I don't see a reason in taking this risk.