Remote SSH Access to the Mirrors You Give Away

I do love the mirrors I have created. My creations are like my children and like most children they eventually leave the nest and go forth to enjoy lives of their own. Except for Brad. Who is never going to amount to anything if he doesn’t get a job and move out of the basement. All he does is sleep and play Fortnite instead of… but I digress.

This last mirror made me realize that I needed a way to connect to it after it was no longer in my physical control. My relatives aren’t very technical and it’s no fun for either of us to walk them through a troubleshooting session over the phone. It would be much easier if I could just remote into the mirror like I did when I was building it.

It gets complicated when you realize that anyone with a WiFi network in their house is going to have a consumer-grade firewall in place. The usual solution is to get on the router and forward a port to the Pi, but that requires you to know the internal IP address of the Pi, the external IP address of the router, and your friends have to trust you with password to their router (which may not be configured to allow remote administration). And that’s just the start.

My solution was to have the Pi reach out to a server that I control and establish a reverse SSH session. Because residential gateways allow any outbound connection by default, the Pi reaching out to the server is allowed without any extra configuration of the router. By connecting to a server outside of my home network, I didn’t have to worry about configuring my router to forward a port to my computer for the connection. And by choosing a cloud provider, I could spin the connection up & down as needed.

I had several requirements for this project. I work in an internet security company, so it’s entirely possible that I went a bit overboard on my paranoia. But my goals were:

• Secure remote access to the Pi via private/public key exchange
• Connect to the Pi regardless of what kind of firewall was in place
• No modification of target network firewalls
• No modification of my network firewall
• Portability of the mirror to different networks (Little Suzie takes the mirror with her to college and the enterprise-level gateways involved)
• Self-healing connection that requires no intervention from mirror owner
• Maximum use of open-source software, minimum use of black box code

I’ve broken the process up into a handful of steps. Links to each portion are here:
Generating Your Key Pairs
Signing Up for the Cloud
Configuring a Dynamic DNS to Your Server
Connecting the Pi to Your Server
Connecting to the Remote Pi

@devinhedge said in Clean installation... fails left and right:

Config info:

RasPi 3b+
8GB SD card
Running on Rasbian Stretch Lite
Attempting to run using sample config.js
No other installed modules at this point
Attempting to run as either server/client or server only

Well, I think I’ve detected your problem. From the GitHub page for the Magic Mirror project:

Note that you will need to install the latest full version of Raspbian, don’t use the Lite version.

So. My advice is to pull your SD card and flash the full desktop version of Raspbian Stretch. I don’t think you need the “recommended software” version, but you do need the desktop.

Edited to add: It seems others have similar problems with the latest version of Raspian. Apparently they changed something in the base images. Anyhow, follow this advice and you should be able to get back on track.

@in_a_days

That is weird! If you are able to launch the mirror software with
DISPLAY=:0 npm start
PM2 should definitely work :(

Don’t forget, you told him to re-flash his SD card. That would have wiped the PM2 installation.

@PhilsterM9 You’re almost there. Your original mistake was that you told PM2 to run the mm.sh script twice (and then 3 times). Let’s make sure that you have PM2 installed, now that you’ve reflashed your SD card.

Run this: pm2 status. If you get the table, great. Let us know how many entries are in it. If you get the No command 'pm2' found, did you mean: line, go back to the tutorial and follow the steps again, starting with sudo npm install -g pm2.

If you do have more than one line in the table when you check PM2 status, you’ll want to remove all of the extraneous ones. pm2 delete 1 and possibly pm2 delete 2 if there are three entries. Get it to where there is only one entry in the list when you run pm2 status. Then save the pm2 state: pm2 save.

Okay, once you have saved the pm2 configuration, pm2 will make sure that your mirror is running. You don’t need to tell it start ever again. Hopefully. You should be able to reboot your Pi and then run pm2 status and see that the mm process is running all by itself.

I like this. It’s tight and conveys a lot of information in little real estate.

I use one of these: NextGadget 3-Port USB Desk Charger. USB ports are powered strongly enough for the Pi, and it powers the monitor via the AC plug.

Only downside: the cord itself is only about 4 feet long. So if your mirror isn’t going right over an electrical outlet, you may have to wire in an extension cord yourself.

Done. Thanks.

@Shawnsully Double-check your commas and curly braces, specifically at the beginning of your module entry. You have:

},
     module: 'MMM-NFL',
     position: ‘bottom_left’,
...

You probably want:

},
{
     module: 'MMM-NFL',
     position: ‘bottom_left’,
    ...

@zdenek Did you delete all the stuff not used for a mirror? From the complete setup tutorial: sudo apt-get remove --purge idle3 java-common libreoffice* minecraft-pi scratch nuscratch penguinspuzzle python-minecraftpi python3-minecraftpi smartsim sonic-pi wolfram-engine

Congratulations upon reproducing!

@pepemujica I believe the MMM-MotionDetection module works with the Pi camera. Facial recognition and gesture control should also work with the Pi camera. You may need to flip a few switches.