DEV Community

Cover image for Secure remote SSH access to your IoT devices & Raspberry Pi fleet using SocketXP.

Posted on • Updated on

Secure remote SSH access to your IoT devices & Raspberry Pi fleet using SocketXP.

In this article, we'll discuss how to use SocketXP IoT Remote SSH Access solution to SSH into your IoT or Raspberry Pi fleet.

What is SocketXP

SocketXP is a cloud based secure SSL/TLS reverse tunnelling servicethat provides remote SSH access to your IoT devices.

SocketXP solution does not require any changes to your firewall or gateway router configuration. SocketXP creates a secure SSL/TLS reverse tunnel through your firewall and NAT and over the internet to your IoT devices for remote SSH access.

SocketXP is a cloud based massively scalable IoT Gateway solution that can provide connectivity to more than 10,000 IoT devices for a single user account.

SocketXP solution is trusted by thousands of end users including small and medium size enterprises, business owners, developers and Raspberry Pi geeks and DIY kind of folks.

How SocketXP IoT Remote SSH solution works

Install a simple, secure and lightweight SocketXP IoT agent on your IoT device (or Rasperry Pi). The SocketXP agent will securely connect (using a SSL/TLS tunnel) to the SocketXP IoT Cloud Gateway using an authentication token. You could then SSH into your device from the comfort of your browser by visiting our SocketXP IoT Cloud Gateway Portal.

SocketXP IoT Remote SSH & Raspberry Pi Remote SSH

Step 1: Download and Install

Download and install the SocketXP IoT agent on your IoT device or Raspberry Pi device from and get your authentication token.
Auth Token from SocketXP Portal

Use the following command to login to the SocketXP IoT Cloud Gateway using the auth token.

$ socketxp login [your-auth-token-here]

Step 3: Create SocketXP SSL Tunnel Endpoint for Remote SSH

Use the following command to create a secure and private SSL tunnel endpoint at the SocketXP IoT Cloud Gateway.

$ socketxp connect tcp://localhost:22

TCP tunnel [test-user-gmail-com-34445] created.
Access the tunnel using SocketXP agent in IoT Slave Mode

SocketXP doesn't create any public TCP tunnel endpoints that can be connected to by any SSH client on the internet.

SocketXP private tunnel endpoints are not exposed to the internet and can be accessed only using the SocketXP agent (using the auth token of the user) or through the XTERM terminal in the SocketXP Portal page using a web browser.

Follow the steps below to access your IoT or RPi device from the comfort of your browser. We have used XTERM to connect to your IoT devices from our portal page via a browser from any device - laptop/desktop/tablet/phone - Android/IOS anything works.

Alt Text

Alt Text

Alt Text

SocketXP Single-Touch Installation Option:

The 3 step instruction explained above to setup SocketXP on your IoT device is a tedious process, if you got thousands of RPi to install, configure and manage.

With this mind, SocketXP IoT Solution also provides a single-touch installation for installing and configuring SocketXP IoT Agent on large number IoT or RPi devices.

Copy paste the below single command into the terminal of your IoT devices and it will install/configure/setup and bring up the devices online in our SocketXP portal.

Alt Text

Configuring SocketXP agent to run in slave mode

First download and install the regular SocketXP agent software on your accessing device (such as a laptop running Windows or Mac OS). Next, configure the agent to run in slave mode using the command option --iot-slave as shown in the example below. Also, specify the ID of the IoT device you want to connect to, using the --iot-device-id option.

$ socketxp connect tcp://localhost:3000 --iot-slave --iot-device-id "DEV0000000123"

Listening for TCP connections at:
Local URL -> tcp://localhost:3000
Accessing the IoT device from your laptop

Now you can access your IoT device’s SSH server using the above SocketXP local endpoint, instead of a public endpoint, as shown below.

$ ssh -i ~/.ssh/john-private.key john@localhost -p 3000
We recommend using SocketXP Private TCP Tunnels for all your remote IoT device access needs. Public TCP tunnels can be used for hobby usecase, quick testing or one-off accesses.

SocketXP Scaling and Performance

SocketXP IoT Gateway easily supports more than 10K device per customer account. SocketXP IoT Gateway also has the built-in capability to grow on demand, as it is a cloud based SaaS service.

SocketXP IoT Remote SSH Solution Scales upto 10K devices per user


The solution discussed in this article is a secure method to remote SSH into your home or office computer because the data is encrypted using SSL.

SSH uses the same cryptography technology used by banks and governments to exchange highly confidential data over the internet.

The data transferred gets encrypted end-to-end between the SSH client and the SSH server.

SocketXP has no way to decrypt or eavesdrop your encrypted data without knowing your SSH private keys. SocketXP merely acts as an online reverse proxy server for your encrypted data traffic transmitted through the SSH connection.

This article was originally published at: SocketXP IoT Remote SSH Access Raspberry Pi Remote Control

Top comments (1)