Robots are commonly deployed behind NAT devices. These devices restrict the methods that can be used to access the robot. Notably, you cannot dial directly into the robot since it does not have a static, global address and port. The primary goal of this feature is to provide a mechanism that allows you to connect via SSH directly to your robot running the Formant agent.
The Formant agent can be installed with port_forwarding enabled which allows:
- Secure file transfer using sftp
- Secure copy using scp
- Connect visual tools like RViz from your desktop directly to the remote robot
- Forward any port from your robot to your local machine
- Create on the fly VPN using SSH-VPN
It is assumed that an SSH server is already running on the robot. SSH server software (openssh-server) is installed by default in most Linux distributions.
First make sure you have setup
Add the following to the top of your ~/.ssh/config file
Host *.formant ProxyCommand fctl port-forward $(echo %h | sed "s/\.formant$//") -r 127.0.0.1 -p %p
Host *.formant ProxyCommand docker run -i -a stderr -a stdin -a stdout --rm -v <permanent_storage>:/root/.formant formant/fctl port-forward $(echo %h | sed "s/\.formant$//") -r 127.0.0.1 -p %p
<permanent_storage> with a mount path on your local host system, and fill in your admin credentials.
This attaches STDIN, STDOUT, and STDERR to the container which is necessary for SSH ProxyCommand, as well as removing the cointainer with --rm when exiting.
<device_name> with the device name used in Formant and
<user> is the user on the system. All standard ssh security mechanisms apply here.
There are two places where SSH can be enabled and disabled. Make sure that both configurations enable SSH to successfully establish a connection.
By default, SSH is enabled on new devices in Formant in both of the following locations.
Enabling SSH on Linux robots:
echo formant-agent formant-agent/port_forwarding boolean "true" | sudo debconf-set-selections
Disabling SSH on Linux robots:
echo formant-agent formant-agent/port_forwarding boolean "false" | sudo debconf-set-selections
Updated 10 months ago