Remote Access (Beta)
This article provides information about the Remote Access Feature of Torizon Cloud. It also guides you through the process of enabling and using the Remote Access feature.
Why Use Remote Access
Remote access to your device offers interesting advantages. It allows you to access, via SSH, the terminal of your Torizon OS target device, enabling you to test, launch, and manage your system without a physical connection, minimizing the cost with on-site visits. Furthermore, this feature can be important to:
- Troubleshoot: Remote access allows you to troubleshoot and debug your applications remotely.
- Maintenance: Remote access allows you to perform maintenance tasks on your device without having to physically access it.
How to Use Remote Access
- Use a host computer with a Linux terminal and an SSH Key generation tool.
- Get an account on https://app.torizon.io with access to the feature. Check the commercial plans for more information.
- Get a Toradex SoM with Torizon OS installed and running. This will be your target device.
- Provision the target device in Torizon Cloud. Follow the instructions under Provisioning a Device.
1. Enable Remote Access on Torizon Cloud
Remote Access is currently in beta. Before using it, make sure you have enabled Early Access Features in your Torizon Cloud account.
This is a beta feature, let us know what you think about the feature and what else do you need:Contact us!
2. Enable the Remote Access on the Target Device
2.1. Remote Access is pre-built in Torizon OS and TorizonCore 6.3 images and configured as a
systemd service. To enable and start the service, run:
# sudo systemctl enable remote-access
# sudo systemctl start remote-access
2.2. Make sure your target device is connected to a network with internet access. As the connections are always outbound from the module, no special configurations are needed in the network where the module is connected. Ensure that the port
22 of the module is not blocked nor in use. For more details on network requirements for Torizon Cloud, check the Device Management section.
3. Create an SSH Key on Your Host Computer
ssh-rsa public key on the host computer from where you are going to remote access the target device. You can use
ssh-keygen like the following example:
$ ssh-keygen -t rsa
Generating public/private `rsa` key pair.
Enter file in which to save the key (/home/torizon/.ssh/id_rsa):
Created directory '/home/torizon/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/torizon/.ssh/id_rsa
Your public key has been saved in /home/torizon/.ssh/id_rsa.pub
Check and note down the public key generated:
$ cat ~/.ssh/id_rsa.pub
4. Add the SSH Key to Torizon Cloud
4.1. Access your account on https://app.torizon.io and click on the
Remote Access Manager tab.
4.2. Paste the public key generated in Step 2 into Remote Access Management and click
Add Key after adding a friendly name. To verify that everything went well, check the saved
SSH Keys right below on the page.
5. Connecting to a Remote Device
5.1. On https://app.torizon.io, go to the
Devices page, click on your provisioned device, and then, on
Remote Shell to start the section.
5.2. Copy the command printed on the screen to the terminal on your host computer to remotely connect to the device. The command will be similar to the following example:
# ssh -p <port> firstname.lastname@example.org
Alternatively, if you have multiple keys set up on your host computer and/or your Torizon Cloud account, you can use the following command to specify which key to use:
# ssh -v -o "IdentitiesOnly=yes" -i <your_key_filename> -p <port> email@example.com
5.3. After you have finished your remote session, get back to the
Remote Access Manager on the Account page and close your session at the bottom of the page, on the Active Remote Sessions.
Port Forwarding with Remote Access
The syntax to create an SSH tunnel is close to the typical SSH command. The
-L flag indicates that traffic to the
<local_port> in your computer should be redirected through the tunnel to the
<remote_port> in the module. For information on the basic SSH command, see Connecting to a Remote Device.
$ ssh -L <local_port>:<localhost>:<remote_port> -p <port> firstname.lastname@example.org
The tunnel lasts while the SSH connection is active.
To use VNC in a remote session, run the following command, which creates a tunnel between the VNC port on your computer and the VNC port on the module:
$ ssh -L 5900:127.0.0.1:5900 -p <port> email@example.com
Then, you can access the device with VNC as if it were on your local network.
For information about using VNC or RDP on Torizon OS, see Use VNC and RDP.