Objectives:
- To prepare your edge device for hosting custom applications
- To perform configurations on Linux operating system through SSH terminal
- Enable installation of additonal packages to the reader with Linux package manager
- To enable security on the reader
Technical Level: Intermediate/Advanced
Prerequisits:
- CS463 basic operations
- CS463 access mode and event engine
- Basic knowledge of Linux terminal and commands
Note: We strongly recommended to review the the following information before proceeding to the steps as all users have full access to the device by default. Make sure you know what you are doing.
Recipe:
- SSH Access with Root Account and Password
- Change Root Account Password
- Add User Account
- Add Package Repository to the Reader
- Create Self-Signed Certificate and enable TLS v1.2 Access to the Reader
SSH Access with Root Account and Password
You can perform SSH access to the reader with your root account and default password:
Username: root
Password: cs463
You can SSH with the reader IP adress or the hostname of the reader. Hostname can either be captured ont he stastus page of the web interface, or it follows the convention of cs463- plus the last eight digits of the Ethernet MAC address (written on the device label) along with .local to represent a local device. In this case, the hostname of the reader is cs463-7b8400f6
> ssh root@cs463-7b8400f6.local
root@cs463-7b8400f6.local's password:
Last login: Tue Mar 10 06:23:18 2020 from 192.168.1.14
CSL Reader, Linux 4.14.78, Java 1.8.0_221, 2020 February 13
U Boot 2020 January 21
Kernel 2019 July 29
DTB 2020 January 20
Rootfs 2020 February 13
root@cs463-7b8400f6:~#
Change Root Account Password
Once you have access to the terminal, you can change the default password of the root account:
root@cs463-7b8400f6:~# passwd
New password:
Retype new password:
passwd: password updated successfully
root@cs463-7b8400f6:~#
Note: It is recommended to create another user account for general account
Add User Account
To create a user account for general access (cslrfid in this case):
root@cs463-7b8400f6:~# adduser cslrfid
New password:
Retype new password:
passwd: password updated successfully
root@cs463-7b8400f6:~#
Then add the user to the wheel group, which gives it sudo privileges.
root@cs463-7b8400f6:~# gpasswd -a cslrfid wheel
Adding user cslrfid to group wheel
root@cs463-7b8400f6:~#
If adding the user to the group does not work immediately, you may have to edit the /etc/sudoers file with nano /etc/sudoers to uncomment the line with the group name:
...
%wheel ALL=(ALL) ALL
...
You will need to logout as root and log back in with the new account for changes to take effect.
Add Package Repository to the Reader
CSL is hosting a package repository server for installing RPM packages for having extended features on the reader. All of these packages are open source under MIT licensing.
In order to download packages, you need to make referece to the repository by adding the file /etc/yum.repos.d/csl-remote-repo.repo using the command:
cs463-7b8400f6:~$ sudo nano /etc/yum.repos.d/csl-remote-repo.repo
In the editor, paste the following information and save the file.
[cslrepo]
name=CSL Intelligent Reader Repository
baseurl=http://repos01.convergence.com.hk/repo
enabled=1
gpgcheck=0
Update the repository by using the command dnf -v repolist all:
cs463-7b8400f6:~$ dnf -v repolist all
DNF version: 2.7.5
cachedir: /var/tmp/dnf-cslrfid-us40vp7q
repo: using cache for: oe-remote-repo
not found deltainfo for: OE Remote Repo:
not found updateinfo for: OE Remote Repo:
oe-remote-repo: using metadata from Thu Feb 13 01:31:58 2020.
CSL Intelligent Reader Repository 202 kB/s | 81 kB 00:00
not found deltainfo for: CSL Intelligent Reader Repository
not found updateinfo for: CSL Intelligent Reader Repository
cslrepo: using metadata from Sat Feb 1 00:02:38 2020.
Last metadata expiration check: 0:00:00 ago on Tue Mar 10 07:18:05 2020.
Repo-id : cslrepo
Repo-name : CSL Intelligent Reader Repository
Repo-status : enabled
Repo-revision: 1580515358
Repo-updated : Sat Feb 1 00:02:38 2020
Repo-pkgs : 8
Repo-size : 210 M
Repo-baseurl : http://repos01.convergence.com.hk/repo
Repo-expire : 172800 second(s) (last: Tue Mar 10 07:18:05 2020)
Repo-filename: /etc/yum.repos.d/csl-remote-repo.repo
Repo-id : oe-remote-repo
Repo-name : OE Remote Repo:
Repo-status : enabled
Repo-revision: 1581557518
Repo-updated : Thu Feb 13 01:31:58 2020
Repo-pkgs : 13157
Repo-size : 3.5 G
Repo-baseurl : http://democloud.convergence.com.hk:5678
Repo-expire : 172800 second(s) (last: Tue Mar 10 07:12:28 2020)
Repo-filename: /etc/yum.repos.d/oe-remote-repo.repo
Total packages: 13165
cs463-7b8400f6:~$
You can then list all the packages on the newly-added repository with dnf repository-packages cslrepo list.
cs463-7b8400f6:~$ dnf repository-packages cslrepo list
Last metadata expiration check: 0:04:24 ago on Tue Mar 10 07:18:05 2020.
Available Packages
cmake.imx6dlsabresd 3.16.2-1 cslrepo
curl.imx6dlsabresd 7.67.0-1 cslrepo
ffmpeg.imx6dlsabresd 4.2.1-1 cslrepo
git.imx6dlsabresd 2.25.0rc0-1 cslrepo
mono.imx6dlsabresd 6.0.0.327-1 cslrepo
mosquitto.imx6dlsabresd 1.6.8-1 cslrepo
node.imx6dlsabresd 12.14.0-1 cslrepo
sqlite.imx6dlsabresd 3.30.0-1 cslrepo
cs463-7b8400f6:~$
After that, you can use DNF package manager for adding/removing packages on the reader.
Create Self-Signed Certificate and enable TLS v1.2 Access to the Reader
[To be added]