We forward USB – key to the cloud (Linux client - Linux server)
The customer needed to connect the USB – key for the banking system to the Linux – server in the cloud , where he deploys his developed product. You cannot directly connect the USB – key to a virtual machine - it works in a failover cluster and can be migrated to any of the host servers without downtime.
Let's take a look at how to implement USB key dubbing over the network to a Linux virtual machine in the Azure Pack Infrastructure cloud from InfoboxCloud .
Once you cannot connect a key to a virtual machine, you need to connect it to something real. There are hardware solutions, for example AnyWhere USB , but the customer chose a more universal solution: a dedicated server in the Infobox data center (which is cheaper for one key - the hardware requirements for a dedicated server are minimal for such a task - you can use the cheapest server with Raid).
For forwarding, the USB Redirector software was used (the Linux version is free). Ubuntu 16.04 LTS was installed on a dedicated server and in a virtual machine in the cloud and all updates were applied.
')
To install USB Redirector, you will need kernel sources, install them:
Now you need to disable OS kernel updates, as they can break the USB Redirector (the forwarding service after the kernel update will not start before reinstallation), if necessary - they can be installed manually by reinstalling the USB Redirector.
Download USB Redirector:
Unpack:
Go to the folder with it:
Allow the installer to run:
Install the server:
If everything went well, you will see a message about it.
Add the service of forwarding to autoload, if this has not happened before:
By connecting the USB – key to the dedicated server, we will check which USB devices are available:
There are 2 options to share the device over the network.
Option 1:
In this case, we bind to a specific device id and port, if we insert the usb key into another port of the server, the usb port number will change and will not work.
Option 2:
In this case, we bind only to the device id. Now the USB device is shared over the network.
Of course, making it available to all Internet users is not correct, so we will add restrictions in the firewall:
Where instead of *. *. *. * You need to write the address of the server from which the connection is allowed.
Download USB Redirector:
Unpack:
Go to the folder with it:
Allow the installer to run:
Install the server:
If everything went well, you will see a message about it.
Add the service of forwarding to autoload, if this has not happened before:
Now add our server:
Where instead of **. **. **. ** you need to specify the ip – address of the server.
Now you can see the list of available devices:
We see that on server 1 device 1 is available.
We connect:
Enable automatic connection to the device:
Checking:
The USB – key was successfully forwarded to a virtual machine in the cloud .
If you want to try our clouds, leave a request for testing on the main page of infoboxcloud.ru . If you can not leave comments on Habré, write to us in the InfoboxCloud Community .
Successful work!
Let's take a look at how to implement USB key dubbing over the network to a Linux virtual machine in the Azure Pack Infrastructure cloud from InfoboxCloud .
Once you cannot connect a key to a virtual machine, you need to connect it to something real. There are hardware solutions, for example AnyWhere USB , but the customer chose a more universal solution: a dedicated server in the Infobox data center (which is cheaper for one key - the hardware requirements for a dedicated server are minimal for such a task - you can use the cheapest server with Raid).
For forwarding, the USB Redirector software was used (the Linux version is free). Ubuntu 16.04 LTS was installed on a dedicated server and in a virtual machine in the cloud and all updates were applied.
')
apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade To install USB Redirector, you will need kernel sources, install them:
apt-get install linux-source Now you need to disable OS kernel updates, as they can break the USB Redirector (the forwarding service after the kernel update will not start before reinstallation), if necessary - they can be installed manually by reinstalling the USB Redirector.
sudo apt-mark hold linux-image-generic linux-headers-generic Installing and configuring USB Redirector on a server with a USB key connected
Download USB Redirector:
wget http://www.incentivespro.com/usb-redirector-linux-x86_64.tar.gz Unpack:
tar -xvzf usb-redirector-linux-x86_64.tar.gz Go to the folder with it:
cd usb-redirector-linux-x86_64/ Allow the installer to run:
chmod +x installer.sh Install the server:
./installer.sh install-server If everything went well, you will see a message about it.
Add the service of forwarding to autoload, if this has not happened before:
systemctl enable rc.usbsrvd By connecting the USB – key to the dedicated server, we will check which USB devices are available:
There are 2 options to share the device over the network.
Option 1:
usbsrv -share -vid 2022 -pid 0202 -usbport 2-1 In this case, we bind to a specific device id and port, if we insert the usb key into another port of the server, the usb port number will change and will not work.
Option 2:
usbsrv -share 1 In this case, we bind only to the device id. Now the USB device is shared over the network.
Of course, making it available to all Internet users is not correct, so we will add restrictions in the firewall:
ufw allow 22 ufw allow from *.*.*.* to any port 32032 ufw enable Where instead of *. *. *. * You need to write the address of the server from which the connection is allowed.
Installing the USB Redirector Client in the Cloud
Download USB Redirector:
wget http://www.incentivespro.com/usb-redirector-linux-x86_64.tar.gz Unpack:
tar -xvzf usb-redirector-linux-x86_64.tar.gz Go to the folder with it:
cd usb-redirector-linux-x86_64/ Allow the installer to run:
chmod +x installer.sh Install the server:
./installer.sh install-client If everything went well, you will see a message about it.
Add the service of forwarding to autoload, if this has not happened before:
systemctl enable rc.usbsrvd Now add our server:
usbclnt -addserver **.**.**.**:32032 Where instead of **. **. **. ** you need to specify the ip – address of the server.
Now you can see the list of available devices:
usbclnt -list We see that on server 1 device 1 is available.
We connect:
usbclnt -connect 1-1 Enable automatic connection to the device:
usbclnt -autoconnecton 1-1 Checking:
usbclnt -list The USB – key was successfully forwarded to a virtual machine in the cloud .
If you want to try our clouds, leave a request for testing on the main page of infoboxcloud.ru . If you can not leave comments on Habré, write to us in the InfoboxCloud Community .
Successful work!
Source: https://habr.com/ru/post/315076/
All Articles