-
Notifications
You must be signed in to change notification settings - Fork 124
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable networking + SSHd over USB composite #73
base: master
Are you sure you want to change the base?
Conversation
Turning on sshd will probably make our lives debugging this thing easier too, since most everyone know how to ssh. We can also transfer files back and forth and thus can easily bind-mount stuff. This will allow faster development iteration. |
6f986cb
to
86fac14
Compare
Using http server has several advantage:
|
stephenrwarren commented in here: https://www.reddit.com/r/JetsonNano/comments/dwno63/usb_driver_for_mac_os_catalina/
So, neither RNDIS nor ECM work along with UVC.
|
You might also want to check out dropbear, which is a smaller SSH server than OpenSSH. Also I don't think you need to set up IP addresses, Bonjour should be enough. |
The reason I chose openssh is because we will need scp to copy files to and from the camera. Dropbear doesn't have a sftp server so we ended up having openssh anyway. Unless someone has an idea how to do scp with dropbear. I will figure out what to do with rndis and webcam. |
As far as i know you don't need a full sftp server for scp. Only a scp client. |
here another description https://www.emcraft.com/som/secure-copy |
That's really wild. I really didn't know that! |
I really really don't want any static IP inside the Raspberry. This is a promise that things will break (think about VPNs, company networks and so on). Have a look at Bonjour which might help to create a link-local raspberry.local device. |
86fac14
to
df3023b
Compare
I have incorporated everyone's suggestions and we have a much cleaner PR now.
|
I have confused. CONFIGURE_USB_SERIAL=false
CONFIGURE_USB_WEBCAM=true
CONFIGURE_USB_NETWORK=false If |
@tuyenld I have abandoned the idea of using the usb-gadget.txt. Instead we have the three separate sentinels that you can use to turn on and off the usb features. If there is nothing in boot then the only thing that will show up is the uvc webcam. |
Why don't you remove |
I have a problem using avahi on Debian. ldtuyen@pc:~$ avahi-discover
Browsing domain 'local' on -1.-1 ...
Browsing domain 'lan' on -1.-1 ...
Browsing for services of type '_sftp-ssh._tcp' in domain 'local' on 3.1 ...
Browsing for services of type '_ssh._tcp' in domain 'local' on 3.1 ...
Found service 'piwebcam' of type '_sftp-ssh._tcp' in domain 'local' on 3.1.
Found service 'piwebcam' of type '_ssh._tcp' in domain 'local' on 3.1.
ldtuyen@pc:~$ ssh root@piwebcam
ssh: Could not resolve hostname piwebcam: Name or service not known
ldtuyen@pc:~$
ldtuyen@pc:~$ ssh root@piwebcam.local
ssh: Could not resolve hostname piwebcam.local: Name or service not known
ldtuyen@pc:~$
ldtuyen@pc:~$
ldtuyen@pc:~$ ssh root@piwebcam.local
ssh: Could not resolve hostname piwebcam.local: Name or service not known
ldtuyen@pc:~$
ldtuyen@pc:~$
ldtuyen@pc:~$
ldtuyen@pc:~$ ping piwebcam
ping: piwebcam: Name or service not known
ldtuyen@pc:~$ ping piwebcam.local
ping: piwebcam.local: Name or service not known
ldtuyen@pc:~$ Did I miss something? |
Must have been an oopsie. Sorry, late night code... For the ip, you have to configure the ipv4 of the connection from the pi to be link-local, it looks like Linux doesn't fall back to link-local addresses when dhcp fails. Then avahi-browse will tell you that you have a piwebcam on ipv4. Then the hostname to use is piwebcam.local. Edit: Found the oopsie and fixed the dangling config. I didn't rebase correctly. |
3b1c3f4
to
6c5950c
Compare
@htruong, Here is the result on my Debian PC.To make network-gadget work on Debian, I have to configure a network interface to Link-Local: Every time, I reboot Pi with network-gadget enabled, I got this warning: ldtuyen@pc:~$ scp .dmrc root@piwebcam.local:/tmp/dmrc
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The ECDSA host key for piwebcam.local has changed,
and the key for the corresponding IP address 169.254.13.107
has a different value. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
Offending key for IP in /home/ldtuyen/.ssh/known_hosts:22
remove with:
ssh-keygen -f "/home/ldtuyen/.ssh/known_hosts" -R "169.254.13.107"
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:nRYggjRkMoau4amAdMOdeElA6SHFZVF9xbzZPpGCbXA.
Please contact your system administrator.
Add correct host key in /home/ldtuyen/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ldtuyen/.ssh/known_hosts:23
remove with:
ssh-keygen -f "/home/ldtuyen/.ssh/known_hosts" -R "piwebcam.local"
ECDSA host key for piwebcam.local has changed and you have requested strict checking.
Host key verification failed.
lost connection I have to remove the old ssh key ssh-keygen -f "/home/ldtuyen/.ssh/known_hosts" -R "169.254.13.107"
ssh-keygen -f "/home/ldtuyen/.ssh/known_hosts" -R "piwebcam.local" Test cases and result:
It is all good on Linux. |
I tested on Window 7Window 7 failed to load RDINS driver.
That is why I fake |
6c5950c
to
5bd3bcf
Compare
If you configure the usb-gadget correctly, you can get the USB composite device show up on Windows fine without having to fake the PID and VID, and you don't have to disable webcam either. I have just pushed a WIP here -- the device shows up in Linux, mac, and Windows as a composite device. The only problem left is that somehow I broke |
Discussion over here: https://gist.github.com/Gadgetoid/c52ee2e04f1cd1c0854c3e77360011e2 And the script over here: https://github.com/RoganDawes/P4wnP1/blob/master/boot/init_usb.sh Gave a lot of insights into how we can achieve composite USB on Windows. |
It is apparent to me that for some reason, whatever the first device that gets configured ( Specifically -- If you initialize network -> webcam, then webcam doesn't work - regardless of OS. If you initialize webcam -> network, then network doesn't work on Windows only, but it works on Linux. Trying to figure out why. |
5bd3bcf
to
e64c328
Compare
- Enable networking features when a sentinel is placed in /boot. - Enable avahi to provide a link-local IP address. - Enable dropbear as the SSH and SFTP daemon.
e64c328
to
1a22f9c
Compare
Please hold on to testing and reviewing this PR. I think I got somewhere with the EEM driver, but there are something that I don't yet understand about this. |
@htruong
As you can see, window recognize USB composite device, but fail to find driver for RNDIS. |
how old is windows 7? |
Please keep in mind that I am looking for a solution without user intervention. |
Out of curiosity, why is networking + ssh the chosen route for updates and the like? It seems weird to have a webcam with networking enabled. There might be other purpose-built solutions already available. For instance, the USB DFU protocol could be (ab)used for this purpose. Or possibly expose the rPi as a mass storage device where the user can simply copy a new image into place like normal (at that point, the rPi could |
Networking allows us to talk arbitrarily to the camera. Think of you having to configure or read something about the camera that is beyond conventional controls, it would have been very hard to do so or you'll have to open up a serial console which is confusing and error prone. For developers, networking will allow you to copy files from and to the camera, this speeds up the development cycle. You can use dfu mode or mass storage to allow firmware update but making the camera appear as mass storage will just as annoying as making it a network device. And at the same time it serves only one purpose that is to allow you to do upgrades. |
Possibly a crazy idea, but how about using SSH over the serial port? The major snag is knowing when to drop the connection, since there is no TCP handshake to indicate a new connection has started, or when it ends. This can however be simulated by using the serial port flow control lines, which don't exist, technically, but the interfaces for passing them over USB do! So, a tiny program on the Pi opens the serial port, and monitors the DTR flag. When it toggles on, open a new TCP connection to sshd on localhost:22. When it toggles off, close the connection. While it is on, copy bytes from the serial port to the TCP connection, and vice versa. On the host, one could probably use socat as is, via an ssh I suspect that should even work on Windows, although perhaps a little more work to get set up. |
Enable link-local networking and SSHd
When the sentinel enable-usb-network is placed on /boot, then enable
networking features. This enables a dropbear instance and the avahi
daemon to advertise the ssh daemon.
Original: