+

CN115811432A - Terminal remote access method, device and medium based on TCP message agent - Google Patents

Terminal remote access method, device and medium based on TCP message agent Download PDF

Info

Publication number
CN115811432A
CN115811432A CN202211553525.9A CN202211553525A CN115811432A CN 115811432 A CN115811432 A CN 115811432A CN 202211553525 A CN202211553525 A CN 202211553525A CN 115811432 A CN115811432 A CN 115811432A
Authority
CN
China
Prior art keywords
server
sshd
terminal device
tcp
port
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211553525.9A
Other languages
Chinese (zh)
Other versions
CN115811432B (en
Inventor
陈镇兴
陈毅聪
陈少伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ringslink Xiamen Network Communication Technologies Co ltd
Original Assignee
Ringslink Xiamen Network Communication Technologies Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ringslink Xiamen Network Communication Technologies Co ltd filed Critical Ringslink Xiamen Network Communication Technologies Co ltd
Priority to CN202211553525.9A priority Critical patent/CN115811432B/en
Publication of CN115811432A publication Critical patent/CN115811432A/en
Application granted granted Critical
Publication of CN115811432B publication Critical patent/CN115811432B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides a terminal remote access method based on a TCP message agent, which comprises the following steps: configuring the remote access authority of the terminal equipment; establishing long connection and reporting equipment information; after receiving the equipment information, the cloud server initiates an access information acquisition request to a remote configuration server; after receiving the access information, the remote configuration server generates and sends the access information; the cloud server transmits the access information and the remote access instruction to the terminal equipment; after receiving the access information, the terminal equipment executes a command for starting a TCP proxy function according to the access information and establishes a TCP channel between the terminal equipment and the sshd server; the cloud server accesses the proxy port opened by the sshd server, and proxies the message to the web port of the terminal device through the TCP channel, so that the cloud server indirectly and remotely accesses the web port of the terminal device. The invention also provides the electronic equipment and a computer storage medium, which are convenient for maintenance personnel to remotely maintain the web of the terminal equipment.

Description

基于TCP消息代理的终端远程访问方法、设备及介质Terminal remote access method, device and medium based on TCP message agent

技术领域technical field

本发明涉及物联网技术领域,尤其是涉及基于TCP消息代理的终端远程访问方法、设备及介质。The invention relates to the technical field of the Internet of Things, in particular to a terminal remote access method, device and medium based on a TCP message agent.

背景技术Background technique

物联网的终端设备一般情况下都是部署在内网的,通过内网的网络直接访问终端设备WEB进行产品功能的配置,这种方式适合简单的配置。而当要做一些较为复杂的配置时,就需要专业的技术人员进行指导配置,这时候要么技术人员去到现场进行配置,这种方案比较耗费人力资源;要么技术人员进行远程配置,即先利用远程桌面到终端用户的电脑桌面,然后再连接到终端设备WEB进行配置,这个方案下就需要终端用户进行远程桌面环境搭建才能进行,较为复杂,同时也暴露了终端用户的电脑信息。The terminal devices of the Internet of Things are generally deployed on the intranet, and directly access the terminal device WEB through the intranet network to configure product functions. This method is suitable for simple configuration. When doing some more complex configurations, professional technicians are needed to guide the configuration. At this time, the technicians either go to the site to configure, which consumes more human resources; or the technicians perform remote configuration, that is, first use The remote desktop is connected to the terminal user's computer desktop, and then connected to the terminal device WEB for configuration. Under this solution, the terminal user needs to build a remote desktop environment to proceed, which is relatively complicated and also exposes the terminal user's computer information.

对于从外网远程访问内网终端设备WEB进行配置,当前常见的方案有两种方式:There are currently two common solutions for configuring the WEB of the internal network terminal device remotely accessed from the external network:

1、第一种是直接通过端口映射的方式:这种方式要进行稳定的外网访问就需要提供固定的外网ip,一般对于正常的用户是不具备这个条件的。1. The first method is directly through port mapping: in this way, a fixed external network IP is required for stable external network access, which is generally not available for normal users.

2、第二种是采用tcp消息代理的方式:这种方式大多需要厂家通过自研的方式实现。2. The second method is to use the tcp message proxy method: most of this method needs to be realized by the manufacturer through self-development.

①自研的整个方案开发周期长,实现成本高,并且不通用。自研的方案对于一些研发技术比较弱的公司,没有办法快速实现这种远程设备WEB的功能,没有办法把这种tcp代理的方式远程设备WEB方案落地到产品中,从而退化到直接通过固定外网映射端口实现,导致维护成本加大,用户体验不好的问题。①The entire self-developed solution has a long development cycle, high implementation costs, and is not universal. Self-developed solutions For some companies with relatively weak R&D technology, there is no way to quickly realize the function of this remote device WEB, and there is no way to implement this remote device WEB solution in the form of tcp proxy into the product, thus degrading to directly through a fixed external device. The implementation of network mapping ports leads to increased maintenance costs and poor user experience.

②这种自研方式大部分没有考虑到终端设备和云平台进行远程访问时候传输的安全问题,这样就导致在进行远程访问终端设备进行维护时候,存在数据被截取的风险。②Most of this self-developed method does not take into account the security issues of transmission when the terminal device and the cloud platform perform remote access, which leads to the risk of data interception when performing remote access to the terminal device for maintenance.

③大部分方案通过自研实现了tcp代理服务器,并且也对tcp代理客户端实现了账号鉴权,但是并没有很好考虑tcp代理服务器的安全问题,直接使用固定的账号密码进行验证,一旦从设备端泄露了账号密码那么就会导致tcp代理服务器处于风险中。③ Most of the solutions implement the tcp proxy server through self-development, and also implement account authentication for the tcp proxy client, but they do not consider the security of the tcp proxy server well, and directly use a fixed account password for verification. If the account password is leaked on the device side, the tcp proxy server will be at risk.

因此,需要一种终端远程WEB访问方法,不仅要实现tcp代理功能,为了安全也要实现tcp代理服务鉴权的功能。Therefore, a terminal remote WEB access method is needed, which not only needs to realize the tcp proxy function, but also needs to realize the function of tcp proxy service authentication for safety.

发明内容Contents of the invention

为解决上述问题,本发明提供基于TCP消息代理的终端远程访问方法,只需要终端用户在设备上进行授权,维护人员就可以直接进入终端设备WEB进行维护,采用TCP代理的方式,可以解决固定外网i p的痛点。In order to solve the above problems, the present invention provides a terminal remote access method based on TCP message proxy, which only requires the terminal user to authorize on the device, and the maintenance personnel can directly enter the terminal device WEB for maintenance. The pain points of network IP.

本发明是通过以下技术方案予以实现:本发明提供了基于TCP消息代理的终端远程访问方法,所述方法包括如下步骤:The present invention is realized through the following technical solutions: the present invention provides a terminal remote access method based on a TCP message agent, and the method includes the following steps:

步骤1、对终端设备的远程访问权限进行配置;Step 1. Configure the remote access authority of the terminal device;

步骤2、所述终端设备与云端服务器之间建立长连接,并将设备信息上报给云端服务器;Step 2, establishing a long connection between the terminal device and the cloud server, and reporting the device information to the cloud server;

步骤3、所述云端服务器收到设备信息后,向远程配置服务器发起访问信息获取请求;Step 3. After receiving the device information, the cloud server initiates an access information acquisition request to the remote configuration server;

步骤4、所述远程配置服务器收到该访问信息获取请求后,生成所需的访问信息并发送给云端服务器;Step 4. After the remote configuration server receives the access information acquisition request, it generates the required access information and sends it to the cloud server;

步骤5、所述云端服务器将访问信息和远程访问指令下发至终端设备;Step 5, the cloud server sends the access information and the remote access instruction to the terminal device;

步骤6、所述终端设备收到远程访问指令后,根据访问信息执行启动TCP代理功能命令,建立终端设备与sshd服务端之间的TCP通道和开放sshd服务端的代理端口;Step 6, after the terminal device receives the remote access instruction, execute the command to start the TCP proxy function according to the access information, set up the TCP channel between the terminal device and the sshd service end and open the proxy port of the sshd service end;

步骤7、所述云端服务器访问sshd服务端开放的代理端口,sshd服务端的代理端口通过TCP通道将消息代理至终端设备的web端口,实现云端服务器间接远程访问终端设备的web端口。Step 7, the cloud server accesses the open proxy port of the sshd server, and the proxy port of the sshd server proxies the message to the web port of the terminal device through the TCP channel, so that the cloud server remotely accesses the web port of the terminal device indirectly.

进一步的,所述步骤2具体为:Further, the step 2 is specifically:

所述终端设备通过TCP长连接服务器与云端服务器之间建立长连接,并将设备信息通过TCP长连接服务器上报给云端服务器。The terminal device establishes a persistent connection with the cloud server through the TCP persistent connection server, and reports the device information to the cloud server through the TCP persistent connection server.

进一步的,所述步骤4具体包括:Further, the step 4 specifically includes:

步骤41、所述远程配置服务器收到该访问信息获取请求后,随机生成建立TCP消息代理所需的账号、密码和代理端口信息,并记录到数据库中;Step 41, after the remote configuration server receives the access information acquisition request, it randomly generates the account number, password and proxy port information required to establish a TCP message proxy, and records them in the database;

步骤42、所述远程配置服务器根据代理端口信息和远程配置服务器启动时配置好的sshd地址生成ur l信息;Step 42, described remote configuration server generates url information according to agent port information and configured sshd address when remote configuration server starts;

步骤43、所述远程配置服务器将账号、密码、代理端口信息、sshd地址和ur l信息返回至云端服务器。Step 43, the remote configuration server returns the account number, password, agent port information, sshd address and url information to the cloud server.

进一步的,所述步骤5具体包括:Further, the step 5 specifically includes:

步骤51、所述云端服务器收到后,将账号、密码、代理端口信息和sshd地址转发给TCP长连接服务器;Step 51, after the cloud server receives it, forward the account number, password, proxy port information and sshd address to the TCP persistent connection server;

步骤52、所述TCP长连接服务器接收后,将账号、密码、代理端口信息、sshd地址和远程访问指令下发给终端设备。Step 52: After receiving the TCP persistent connection server, send the account number, password, agent port information, sshd address and remote access command to the terminal device.

进一步的,所述步骤6具体包括:Further, the step 6 specifically includes:

步骤61、所述终端设备收到远程访问指令后,发起启动TCP代理功能命令;Step 61. After receiving the remote access instruction, the terminal device initiates a command to start the TCP proxy function;

步骤62、所述sshd服务端根据sshd地址找到对应的sshd服务端;Step 62, the sshd server finds the corresponding sshd server according to the sshd address;

步骤63、所述sshd服务端通过对比数据库中记录的账号和密码与终端设备发来的账号和密码,来校验终端设备发来的账号和密码是否合法,若校验通过,则说明终端设备发来的账号和密码是合法的,完成终端设备的ssh客户端与sshd服务端的sshd端口之间TCP通道的建立,进入步骤64;若校验不通过,则说明终端设备发来的账号和密码是不合法的;Step 63. The sshd server verifies whether the account number and password sent by the terminal device are legal by comparing the account number and password recorded in the database with the account number and password sent by the terminal device. If the verification passes, it means that the terminal device The account and password sent are legal, complete the establishment of the TCP channel between the ssh client of the terminal device and the sshd port of the sshd server, and proceed to step 64; if the verification fails, it means that the account and password sent by the terminal device is illegal;

步骤64、所述sshd服务端根据代理端口信息开启对应代理端口的消息代理功能;Step 64, the sshd server opens the message proxy function of the corresponding proxy port according to the proxy port information;

步骤65、将数据库中对应的账号、密码和标识为已使用,后续不允许再通过该账号、密码和代理端口信息进行校验。Step 65: Mark the corresponding account number, password and proxy port information in the database as used, and then do not allow verification through the account number, password and proxy port information.

进一步的,所述步骤7具体包括:Further, the step 7 specifically includes:

步骤71、所述云端服务器通过ur l信息访问sshd服务端的代理端口;Step 71, the cloud server accesses the proxy port of the sshd service end through the url information;

步骤72、所述云端服务器向sshd服务端的代理端口发送维护消息;Step 72, the cloud server sends a maintenance message to the proxy port of the sshd server;

步骤73、所述sshd服务端的代理端口接收到维护消息后,传输给sshd服务端的sshd端口,并由所述sshd服务端的sshd端口发送给已经建立好的TCP通道,再通过所述TCP通道发送至对应终端设备的ssh客户端,再由终端设备的ssh客户端传输至终端设备的web端口,实现云端服务器间接访问和维护终端设备的web端口。Step 73, after the agent port of the sshd server receives the maintenance message, it transmits to the sshd port of the sshd server, and sends it to the established TCP channel by the sshd port of the sshd server, and then sends it to Corresponding to the ssh client of the terminal device, the ssh client of the terminal device is then transmitted to the web port of the terminal device, so that the cloud server can indirectly access and maintain the web port of the terminal device.

进一步的,所述远程配置服务器定期对数据库中标识为已使用过的账号、密码和代理端口信息进行清理。Further, the remote configuration server regularly clears the information of the account number, password and proxy port identified as used in the database.

进一步的,所述设备信息包括MAC地址。Further, the device information includes a MAC address.

本发明还提供了一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现如上述的基于TCP消息代理的终端远程访问方法。The present invention also provides an electronic device, including a memory, a processor, and a computer program stored on the memory and operable on the processor. When the processor executes the program, the terminal based on the TCP message agent as described above is realized Remote access method.

本发明还提供了一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现如上述的基于TCP消息代理的终端远程访问方法。The present invention also provides a computer-readable storage medium, on which a computer program is stored, and when the program is executed by a processor, the above-mentioned terminal remote access method based on a TCP message agent is realized.

本发明的有益效果是:The beneficial effects of the present invention are:

①本发明是基于tcp代理的方式来实现云端服务器远程访问终端设备的web端口,无需到现场去维护,方便运维人员远程维护,维护成本低,用户体验好。① The present invention is based on the tcp proxy method to realize the remote access of the cloud server to the web port of the terminal device, without going to the site for maintenance, which is convenient for the operation and maintenance personnel to maintain remotely, with low maintenance cost and good user experience.

②终端设备和云端服务器之间采用TCP长连接服务器建立长连接,数据传输过程也需要通过TCP长连接服务器进行,部署的TCP长连接服务器可以实现云端服务器对远程访问终端设备的web端口的控制,保证远程访问时候传输的安全问题,避免数据被截取的风险。②The TCP persistent connection server is used to establish a persistent connection between the terminal device and the cloud server. The data transmission process also needs to be carried out through the TCP persistent connection server. The deployed TCP persistent connection server can realize the control of the cloud server on the web port of the remote access terminal device. Ensure the security of transmission during remote access and avoid the risk of data being intercepted.

③在建立TCP消息代理时,使用随机生成的账号密码进行验证,验证成功后,直接将对应的账号和密码标识为已使用,保证TCP消息代理的安全问题,避免TCP消息代理服务处于风险中。③When establishing a TCP message proxy, use a randomly generated account password for verification. After the verification is successful, directly mark the corresponding account and password as used to ensure the security of the TCP message proxy and avoid the risk of the TCP message proxy service.

附图说明Description of drawings

为了更清楚地说明本发明实施方式的技术方案,下面将对实施方式中所需要使用的附图作简单地介绍,应当理解,以下附图仅示出了本发明的某些实施例,因此不应被看作是对范围的限定,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他相关的附图。In order to illustrate the technical solutions of the embodiments of the present invention more clearly, the accompanying drawings used in the embodiments will be briefly introduced below. It should be understood that the following drawings only show some embodiments of the present invention, and therefore do not It should be regarded as a limitation on the scope, and those skilled in the art can also obtain other related drawings based on these drawings without creative work.

图1是本发明实施例提供的基于TCP消息代理的终端远程访问方法流程图。FIG. 1 is a flow chart of a method for remotely accessing a terminal based on a TCP message agent provided by an embodiment of the present invention.

图2是本发明实施例提供的终端设备与shhd服务端之间TCP通道建立的示意图。Fig. 2 is a schematic diagram of establishing a TCP channel between a terminal device and a shhd server according to an embodiment of the present invention.

图3是本发明实施例提供的一种电子设备的示意图。Fig. 3 is a schematic diagram of an electronic device provided by an embodiment of the present invention.

图4是本发明实施例提供的一种计算机可读存储介质的示意图。Fig. 4 is a schematic diagram of a computer-readable storage medium provided by an embodiment of the present invention.

具体实施方式Detailed ways

为使本发明实施方式的目的、技术方案和优点更加清楚,下面将结合本发明实施方式中的附图,对本发明实施方式中的技术方案进行清楚、完整地描述,显然,所描述的实施方式是本发明一部分实施方式,而不是全部的实施方式。基于本发明中的实施方式,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施方式,都属于本发明保护的范围。因此,以下对在附图中提供的本发明的实施方式的详细描述并非旨在限制要求保护的本发明的范围,而是仅仅表示本发明的选定实施方式。基于本发明中的实施方式,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施方式,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments It is some embodiments of the present invention, but not all of them. Based on the implementation manners in the present invention, all other implementation manners obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention. Accordingly, the following detailed description of the embodiments of the invention provided in the accompanying drawings is not intended to limit the scope of the claimed invention, but merely represents selected embodiments of the invention. Based on the implementation manners in the present invention, all other implementation manners obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

如图1所示,本发明实施例提供了基于TCP消息代理的终端远程访问方法,所述方法包括如下步骤:As shown in Figure 1, the embodiment of the present invention provides a terminal remote access method based on a TCP message agent, and the method includes the following steps:

步骤1、对终端设备的远程访问权限进行配置;Step 1. Configure the remote access authority of the terminal device;

在本实施例中,终端用户登陆终端设备的网页,配置终端设备的远程访问权限,允许运维人员可以远程访问终端设备的web端口。In this embodiment, the terminal user logs in the web page of the terminal device, configures the remote access authority of the terminal device, and allows the operation and maintenance personnel to remotely access the web port of the terminal device.

步骤2、所述终端设备与云端服务器之间建立长连接,并将设备信息上报给云端服务器;Step 2, establishing a long connection between the terminal device and the cloud server, and reporting the device information to the cloud server;

在本实施例中,该步骤2具体为:In this embodiment, the step 2 is specifically:

所述终端设备通过TCP长连接服务器与云端服务器之间建立长连接,并将设备信息通过TCP长连接服务器上报给云端服务器。所述设备信息包括MAC地址,MAC地址直译为媒体存取控制位址,也称为局域网地址(LAN Address),是网络中终端设备的一个唯一的网络标识。终端设备和云端服务器之间采用TCP长连接服务器建立长连接,数据传输过程也需要通过TCP长连接服务器进行,部署的TCP长连接服务器可以实现云端服务器对远程访问终端设备的web端口的控制,保证远程访问时候传输的安全问题,避免数据被截取的风险。The terminal device establishes a persistent connection with the cloud server through the TCP persistent connection server, and reports the device information to the cloud server through the TCP persistent connection server. The device information includes a MAC address, which is literally translated as a media access control address, also called a LAN address (LAN Address), which is a unique network identifier of a terminal device in a network. The TCP persistent connection server is used to establish a persistent connection between the terminal device and the cloud server, and the data transmission process also needs to be carried out through the TCP persistent connection server. The deployed TCP persistent connection server can realize the control of the cloud server on the web port of the remote access terminal device, ensuring Transmission security issues during remote access to avoid the risk of data being intercepted.

步骤3、所述云端服务器收到设备信息后,根据设备信息找到对应的设备,运维人员在云端服务器的网页上根据设备信息向云端服务器发起远程配置请求,所述云端服务器收到后,向远程配置服务器发起访问信息获取请求;在本实施例中,运维人员登陆云端服务器的网页,根据MAC地址找到对应的终端设备,并且发起访问信息获取请求。Step 3. After the cloud server receives the device information, it finds the corresponding device according to the device information. The operation and maintenance personnel initiates a remote configuration request to the cloud server according to the device information on the webpage of the cloud server. The remote configuration server initiates an access information acquisition request; in this embodiment, the operation and maintenance personnel log in to the webpage of the cloud server, find the corresponding terminal device according to the MAC address, and initiate an access information acquisition request.

步骤4、所述远程配置服务器收到该访问信息获取请求后,生成远程访问终端设备的web端口所需的访问信息并发送给云端服务器;Step 4, after the remote configuration server receives the access information acquisition request, it generates the access information required for the web port of the remote access terminal device and sends it to the cloud server;

在本实施例中,该步骤4具体包括:In this embodiment, step 4 specifically includes:

步骤41、所述远程配置服务器收到该访问信息获取请求后,随机生成建立TCP消息代理所需的账号、密码和代理端口信息,并记录到数据库中,目的是方便后面对账号和密码的验证,并且能保证生成的账号、密码和代理端口信息是未使用过的;Step 41, after the remote configuration server receives the access information acquisition request, it randomly generates the account number, password and agent port information required to establish a TCP message agent, and records them in the database, so as to facilitate the account number and password later. Verification, and can ensure that the generated account, password and proxy port information are unused;

步骤42、所述远程配置服务器根据代理端口信息和远程配置服务器启动时配置好的sshd地址生成ur l信息;Step 42, described remote configuration server generates url information according to agent port information and configured sshd address when remote configuration server starts;

步骤43、所述远程配置服务器将账号、密码、代理端口信息、sshd地址和ur l信息返回至云端服务器。其中:Step 43, the remote configuration server returns the account number, password, agent port information, sshd address and url information to the cloud server. in:

1)账户和密码:用于终端设备向sshd服务端发起TCP消息代理功能时的鉴权信息;1) Account and password: used for authentication information when the terminal device initiates the TCP message proxy function to the sshd server;

2)代理端口信息:用于方便sshd服务端开启对应的代理端口,用于后面TCP消息代理建立成功后将消息代理至终端设备的内网web端口;2) Proxy port information: It is used to facilitate the sshd server to open the corresponding proxy port, which is used to proxy the message to the intranet web port of the terminal device after the TCP message proxy is established successfully;

3)sshd地址:在远程配置服务器启动时候配置的,是提供TCP消息代理服务功能的sshd服务端的地址,要使用哪一个sshd服务端进行TCP消息代理;3) sshd address: configured when the remote configuration server is started, it is the address of the sshd server that provides the TCP message proxy service function, which sshd server to use for TCP message proxy;

4)ur l信息:当TCP消息代理建立完成,用于间接访问终端设备的web端口的地址。格式为:http://sshd地址:代理端口地址4) ur l information: when the TCP message agent is established, it is used to indirectly access the address of the web port of the terminal device. The format is: http://sshd address: proxy port address

步骤5、所述云端服务器将访问信息和远程访问指令下发至终端设备;Step 5, the cloud server sends the access information and the remote access instruction to the terminal device;

在本实施例中,该步骤5具体包括:In this embodiment, step 5 specifically includes:

步骤51、所述云端服务器收到后,将账号、密码、代理端口信息和sshd地址转发给TCP长连接服务器;Step 51, after the cloud server receives it, forward the account number, password, proxy port information and sshd address to the TCP persistent connection server;

步骤52、所述TCP长连接服务器接收后,将账号、密码、代理端口信息和sshd地址进行封装后,再与远程访问指令一同下发给终端设备。Step 52: After receiving the TCP persistent connection server, the account number, password, proxy port information and sshd address are encapsulated, and then issued to the terminal device together with the remote access command.

此时,云端服务器已经获取到ur l信息,根据ur l信息打开新的浏览器页面,通过轮询的方式等待TCP消息代理建立成功后进行远程访问和维护终端设备的web端口。At this time, the cloud server has obtained the url information, opens a new browser page according to the url information, waits for the TCP message agent to be successfully established by polling, and performs remote access and maintenance of the web port of the terminal device.

步骤6、所述终端设备收到远程访问指令后,根据访问信息执行启动TCP代理功能命令,建立终端设备与sshd服务端之间的TCP通道和开放sshd服务端的代理端口,即完成TCP消息代理的建立;Step 6, after the terminal device receives the remote access instruction, execute the command to start the TCP proxy function according to the access information, set up the TCP channel between the terminal device and the sshd service end and open the proxy port of the sshd service end, that is, complete the TCP message proxy Establish;

在本实施例中,该步骤6具体包括:In this embodiment, step 6 specifically includes:

步骤61、所述终端设备收到远程访问指令后,发起启动TCP代理功能命令;Step 61. After receiving the remote access instruction, the terminal device initiates a command to start the TCP proxy function;

步骤62、所述sshd服务端根据sshd地址找到对应的sshd服务端;Step 62, the sshd server finds the corresponding sshd server according to the sshd address;

步骤63、所述sshd服务端通过对比数据库中记录的账号和密码与终端设备发来的账号和密码,来校验终端设备发来的账号和密码是否合法,若校验通过,则说明终端设备发来的账号和密码是合法的,完成终端设备的ssh客户端与sshd服务端的sshd端口之间TCP通道的建立,进入步骤64;若校验不通过,则说明终端设备发来的账号和密码是不合法的;Step 63. The sshd server verifies whether the account number and password sent by the terminal device are legal by comparing the account number and password recorded in the database with the account number and password sent by the terminal device. If the verification passes, it means that the terminal device The account and password sent are legal, complete the establishment of the TCP channel between the ssh client of the terminal device and the sshd port of the sshd server, and proceed to step 64; if the verification fails, it means that the account and password sent by the terminal device is illegal;

步骤64、所述sshd服务端根据代理端口信息开启对应代理端口的消息代理功能;Step 64, the sshd server opens the message proxy function of the corresponding proxy port according to the proxy port information;

步骤65、将数据库中对应的账号、密码和标识为已使用,后续不允许再通过该账号、密码和代理端口信息进行校验。账号和密码随机生成且只能使用一次是防止账号和密码泄露,导致sshd服务端的TCP消息代理服务会为不属于我们的功能服务提供TCP消息代理服务。Step 65: Mark the corresponding account number, password and proxy port information in the database as used, and then do not allow verification through the account number, password and proxy port information. The account and password are randomly generated and can only be used once to prevent the account and password from leaking, causing the TCP message proxy service on the sshd server to provide TCP message proxy services for functional services that do not belong to us.

所述远程配置服务器定期对数据库中标识为已使用过的账号、密码和代理端口信息进行清理。The remote configuration server regularly clears the used account number, password and proxy port information in the database.

一般ssh客户端连接sshd端口时候有两种方式进行鉴权:一种是基于账号密码交互的方式,需要手动输入账号和密码。另外一种是密钥的方式,客户端生成一对密钥,并且把公钥拷贝到服务端,后续就可以直接拿密钥进行鉴权。显然第一种方式需要交互式的输入账号密码没有办法满足实际的需求。第二种方式工程实践中也存在问题,有多少个终端设备服务端就要存多少张证书,并且这种长时间有效的鉴权方式对服务器的安全产生隐患。本发明是对第一种方式进行优化,新增命令行参数-z携带密码把交互式去掉。执行启动TCP代理功能的命令如下:Generally, when the ssh client connects to the sshd port, there are two methods for authentication: one is based on the account and password interaction method, which requires manual input of the account and password. The other is the key method. The client generates a pair of keys, and copies the public key to the server, and then directly uses the key for authentication. Obviously, the first method requires interactive input of account passwords, which cannot meet actual needs. The second method also has problems in engineering practice. There are as many certificates as there are terminal devices on the server side, and this long-term effective authentication method has hidden dangers to the security of the server. The present invention optimizes the first method, adding a new command line parameter -z carrying a password to remove the interactive mode. The command to execute the TCP proxy function is as follows:

ssh-v-z$Password-fCNR$ProxyPort:l oca l host:$Loca lWebPort$Account@$Sshd I Pssh-v-z$Password-fCNR$ProxyPort:l oca l host:$Loca lWebPort$Account@$Sshd I P

其中:in:

$Password为TCP长连接服务器下发的sshd验证的密码$Password is the password for sshd verification issued by the TCP long-connection server

$ProxyPort为TCP长连接服务器下发的sshd代理端口信息$ProxyPort is the sshd proxy port information issued by the TCP long-connection server

$Loca lWebPort为终端设备的web端口$Loca lWebPort is the web port of the terminal device

$Account为TCP长连接服务器下发的sshd验证的账号$Account is the account verified by sshd issued by the TCP long-connection server

$Sshd I P为TCP长连接服务器下发的sshd地址$Sshd IP is the sshd address issued by the TCP long-connection server

步骤7、所述云端服务器访问sshd服务端开放的代理端口,sshd服务端的代理端口通过TCP通道将消息代理至终端设备的web端口,实现云端服务器间接远程访问终端设备的web端口。Step 7, the cloud server accesses the open proxy port of the sshd server, and the proxy port of the sshd server proxies the message to the web port of the terminal device through the TCP channel, so that the cloud server remotely accesses the web port of the terminal device indirectly.

在本实施例中,该步骤7具体包括:In this embodiment, step 7 specifically includes:

步骤71、所述云端服务器通过ur l信息访问sshd服务端的代理端口;Step 71, the cloud server accesses the proxy port of the sshd service end through the url information;

步骤72、所述云端服务器向sshd服务端的代理端口发送维护消息;Step 72, the cloud server sends a maintenance message to the proxy port of the sshd server;

步骤73、所述sshd服务端的代理端口接收到维护消息后,传输给sshd服务端的sshd端口,并由所述sshd服务端的sshd端口发送给已经建立好的TCP通道,再通过所述TCP通道发送至对应终端设备的ssh客户端,再由终端设备的ssh客户端传输至终端设备的web端口,实现云端服务器间接访问和维护终端设备的web端口。Step 73, after the agent port of the sshd server receives the maintenance message, it transmits to the sshd port of the sshd server, and sends it to the established TCP channel by the sshd port of the sshd server, and then sends it to Corresponding to the ssh client of the terminal device, the ssh client of the terminal device is then transmitted to the web port of the terminal device, so that the cloud server can indirectly access and maintain the web port of the terminal device.

如图2所示,当ssh客户端连接到sshd端口时,会建立一个TCP通道,支持双向通信。sshd服务端上:当ssh客户端连接到sshd端口时,让sshd服务端开启一个代理端口,将发送到代理端口上的消息代理到已经建立的TCP通道,再传输到终端设备;终端设备上:当ssh客户端连接到sshd端口时,让自己从TCP通道收到的消息代理到web端口。反向亦是如此,终端设备的web端口会有数据返回,也会通过TCP通道返回到代理端口。As shown in Figure 2, when the ssh client connects to the sshd port, a TCP channel will be established to support two-way communication. On the sshd server: When the ssh client connects to the sshd port, let the sshd server open a proxy port, proxy the message sent to the proxy port to the established TCP channel, and then transmit it to the terminal device; on the terminal device: When the ssh client connects to the sshd port, let itself proxy messages received from the TCP channel to the web port. The same is true in the reverse direction. The web port of the terminal device will return data, and it will also return to the proxy port through the TCP channel.

基于ssh tcp消息代理的物联网云平台终端设备远程访问WEB采用由:云端服务器、TCP长连接服务器、RemoteConf i g(远程配置)服务器、sshd服务端、集成ssh客户端的终端设备。各组件工作原理如下:The IoT cloud platform terminal device based on ssh tcp message agent remotely accesses the WEB by: cloud server, TCP long connection server, RemoteConf i g (remote configuration) server, sshd server, terminal device integrated with ssh client. The working principle of each component is as follows:

1、云端服务器:作为运维人员的操作入口,和RemoteConf i g服务器、TCP长连接服务器进行对接。接收运维人员的对指定终端设备的web进行远程访问的服务请求,并且根据远程配置服务器返回的ur l信息打开新的浏览器页面进行远程访问终端设备的web。1. Cloud server: As the operation entrance of the operation and maintenance personnel, it is connected with the RemoteConfig server and the TCP persistent connection server. Receive the service request for remote access to the web of the specified terminal device from the operation and maintenance personnel, and open a new browser page to remotely access the web of the terminal device according to the url information returned by the remote configuration server.

2、RemoteConf i g服务器:和云端服务器对接。当需要进行远程访问终端设备的web端口时候,接收云端服务器的请求,并且随机生成不重复的tcp代理的账号、密码、代理端口信息、sshd地址和后期间接访问终端设备的web端口的ur l信息并返回给云端服务器。并且负责定期清理已用过的账号、密码和代理端口信息。2. RemoteConfig server: connect with the cloud server. When it is necessary to remotely access the web port of the terminal device, it receives the request from the cloud server, and randomly generates the account number, password, proxy port information, sshd address of the non-repeated tcp proxy, and the url information of the later indirect access to the web port of the terminal device and return to the cloud server. And be responsible for regularly cleaning up the used account, password and proxy port information.

3、TCP长连接服务:和云端服务器及终端设备对接,接收云端服务器的请求,并且控制终端设备连接到sshd服务端进行TCP消息代理的功能。接收远程访问终端设备web所需的sshd地址、账号、密码、代理端口信息,然后封装这些信息下发远程访问指令给终端设备,终端设备接收到远程访问web指令使用ssh客户端连接到sshd端口开启TCP消息代理功能。3. TCP persistent connection service: connect with cloud server and terminal equipment, receive requests from cloud server, and control terminal equipment to connect to sshd server for TCP message proxy function. Receive the sshd address, account number, password, and proxy port information required for remote access to the web of the terminal device, and then encapsulate these information and send remote access instructions to the terminal device. After receiving the remote access web instruction, the terminal device uses the ssh client to connect to the sshd port and open it TCP message broker function.

4、sshd服务端:改造过开源的sshd,接收终端设备的ssh客户端请求进行TCP消息代理,实现sshd服务端的TCP消息代理的功能。4. The sshd server: The open-source sshd has been modified, and the ssh client request of the terminal device is used for TCP message proxy, so as to realize the function of the TCP message proxy of the sshd server.

5、终端设备:终端设备根据TCP长连接服务器的指令,使用ssh客户端连接到sshd端口开启对终端设备端的TCP消息代理功能。终端设备实际使用中通过与TCP长连接服务器交互,响应运维的远程访问web的控制操作。采用改造过开源的sshd服务端,接收来自TCP长连接服务器控制信令,连接到sshd实现TCP代理功能。5. Terminal device: The terminal device uses the ssh client to connect to the sshd port according to the instructions of the TCP persistent connection server to enable the TCP message proxy function for the terminal device. In actual use, the terminal device interacts with the TCP persistent connection server to respond to the remote access web control operation of the operation and maintenance. The modified open source sshd server is used to receive control signaling from the TCP long-connection server, and connect to sshd to realize the TCP proxy function.

如图3所示,本发明实施例还提供一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现上述的基于TCP消息代理的终端远程访问方法。As shown in FIG. 3, an embodiment of the present invention also provides an electronic device, including a memory, a processor, and a computer program stored on the memory and operable on the processor. When the processor executes the program, the above-mentioned A terminal remote access method based on a TCP message agent.

如图4所示,本发明实施例还提供一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现上述的基于TCP消息代理的终端远程访问方法。As shown in FIG. 4 , an embodiment of the present invention also provides a computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, the above-mentioned terminal remote access method based on a TCP message agent is implemented.

以上所述仅为本发明的优选实施方式而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. For those skilled in the art, the present invention may have various modifications and changes. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included within the protection scope of the present invention.

Claims (10)

1.基于TCP消息代理的终端远程访问方法,其特征在于,所述方法包括如下步骤:1. based on the terminal remote access method of TCP message agent, it is characterized in that, described method comprises the steps: 步骤1、对终端设备的远程访问权限进行配置;Step 1. Configure the remote access authority of the terminal device; 步骤2、所述终端设备与云端服务器之间建立长连接,并将设备信息上报给云端服务器;Step 2, establishing a long connection between the terminal device and the cloud server, and reporting the device information to the cloud server; 步骤3、所述云端服务器收到设备信息后,向远程配置服务器发起访问信息获取请求;Step 3. After receiving the device information, the cloud server initiates an access information acquisition request to the remote configuration server; 步骤4、所述远程配置服务器收到该访问信息获取请求后,生成所需的访问信息并发送给云端服务器;Step 4. After the remote configuration server receives the access information acquisition request, it generates the required access information and sends it to the cloud server; 步骤5、所述云端服务器将访问信息和远程访问指令下发至终端设备;Step 5, the cloud server sends the access information and the remote access instruction to the terminal device; 步骤6、所述终端设备收到远程访问指令后,根据访问信息执行启动TCP代理功能命令,建立终端设备与sshd服务端之间的TCP通道和开放sshd服务端的代理端口;Step 6, after the terminal device receives the remote access instruction, execute the command to start the TCP proxy function according to the access information, set up the TCP channel between the terminal device and the sshd service end and open the proxy port of the sshd service end; 步骤7、所述云端服务器访问sshd服务端开放的代理端口,sshd服务端的代理端口通过TCP通道将消息代理至终端设备的web端口,实现云端服务器间接远程访问终端设备的web端口。Step 7, the cloud server accesses the open proxy port of the sshd server, and the proxy port of the sshd server proxies the message to the web port of the terminal device through the TCP channel, so that the cloud server remotely accesses the web port of the terminal device indirectly. 2.根据权利要求1所述的基于TCP消息代理的终端远程访问方法,其特征在于,所述步骤2具体为:2. the terminal remote access method based on TCP message agent according to claim 1, is characterized in that, described step 2 is specifically: 所述终端设备通过TCP长连接服务器与云端服务器之间建立长连接,并将设备信息通过TCP长连接服务器上报给云端服务器。The terminal device establishes a persistent connection with the cloud server through the TCP persistent connection server, and reports the device information to the cloud server through the TCP persistent connection server. 3.根据权利要求2所述的基于TCP消息代理的终端远程访问方法,其特征在于,所述步骤4具体包括:3. the terminal remote access method based on TCP message agent according to claim 2, is characterized in that, described step 4 specifically comprises: 步骤41、所述远程配置服务器收到该访问信息获取请求后,随机生成建立TCP消息代理所需的账号、密码和代理端口信息,并记录到数据库中;Step 41, after the remote configuration server receives the access information acquisition request, it randomly generates the account number, password and proxy port information required to establish a TCP message proxy, and records them in the database; 步骤42、所述远程配置服务器根据代理端口信息和远程配置服务器启动时配置好的sshd地址生成url信息;Step 42, the remote configuration server generates url information according to the agent port information and the configured sshd address when the remote configuration server starts; 步骤43、所述远程配置服务器将账号、密码、代理端口信息、sshd地址和url信息返回至云端服务器。Step 43, the remote configuration server returns the account number, password, agent port information, sshd address and url information to the cloud server. 4.根据权利要求3所述的基于TCP消息代理的终端远程访问方法,其特征在于,所述步骤5具体包括:4. the terminal remote access method based on TCP message agent according to claim 3, is characterized in that, described step 5 specifically comprises: 步骤51、所述云端服务器收到后,将账号、密码、代理端口信息和sshd地址转发给TCP长连接服务器;Step 51, after the cloud server receives it, forward the account number, password, proxy port information and sshd address to the TCP persistent connection server; 步骤52、所述TCP长连接服务器接收后,将账号、密码、代理端口信息、sshd地址和远程访问指令下发给终端设备。Step 52: After receiving the TCP persistent connection server, send the account number, password, agent port information, sshd address and remote access command to the terminal device. 5.根据权利要求4所述的基于TCP消息代理的终端远程访问方法,其特征在于,所述步骤6具体包括:5. the terminal remote access method based on TCP message agent according to claim 4, is characterized in that, described step 6 specifically comprises: 步骤61、所述终端设备收到远程访问指令后,发起启动TCP代理功能命令;Step 61. After receiving the remote access instruction, the terminal device initiates a command to start the TCP proxy function; 步骤62、所述sshd服务端根据sshd地址找到对应的sshd服务端;Step 62, the sshd server finds the corresponding sshd server according to the sshd address; 步骤63、所述sshd服务端通过对比数据库中记录的账号和密码与终端设备发来的账号和密码,来校验终端设备发来的账号和密码是否合法,若校验通过,则说明终端设备发来的账号和密码是合法的,完成终端设备的ssh客户端与sshd服务端的sshd端口之间TCP通道的建立,进入步骤64;若校验不通过,则说明终端设备发来的账号和密码是不合法的;Step 63. The sshd server verifies whether the account number and password sent by the terminal device are legal by comparing the account number and password recorded in the database with the account number and password sent by the terminal device. If the verification passes, it means that the terminal device The account and password sent are legal, complete the establishment of the TCP channel between the ssh client of the terminal device and the sshd port of the sshd server, and proceed to step 64; if the verification fails, it means that the account and password sent by the terminal device is illegal; 步骤64、所述sshd服务端根据代理端口信息开启对应代理端口的消息代理功能;Step 64, the sshd server opens the message proxy function of the corresponding proxy port according to the proxy port information; 步骤65、将数据库中对应的账号、密码和标识为已使用,后续不允许再通过该账号、密码和代理端口信息进行校验。Step 65: Mark the corresponding account number, password and proxy port information in the database as used, and then do not allow verification through the account number, password and proxy port information. 6.根据权利要求5所述的基于TCP消息代理的终端远程访问方法,其特征在于,所述步骤7具体包括:6. the terminal remote access method based on TCP message agent according to claim 5, is characterized in that, described step 7 specifically comprises: 步骤71、所述云端服务器通过url信息访问sshd服务端的代理端口;Step 71, the cloud server accesses the proxy port of the sshd server through the url information; 步骤72、所述云端服务器向sshd服务端的代理端口发送维护消息;Step 72, the cloud server sends a maintenance message to the proxy port of the sshd server; 步骤73、所述sshd服务端的代理端口接收到维护消息后,传输给sshd服务端的sshd端口,并由所述sshd服务端的sshd端口发送给已经建立好的TCP通道,再通过所述TCP通道发送至对应终端设备的ssh客户端,再由终端设备的ssh客户端传输至终端设备的web端口,实现云端服务器间接访问和维护终端设备的web端口。Step 73, after the agent port of the sshd server receives the maintenance message, it transmits to the sshd port of the sshd server, and sends it to the established TCP channel by the sshd port of the sshd server, and then sends it to Corresponding to the ssh client of the terminal device, the ssh client of the terminal device is then transmitted to the web port of the terminal device, so that the cloud server can indirectly access and maintain the web port of the terminal device. 7.根据权利要求1所述的基于TCP消息代理的终端远程访问方法,其特征在于,所述远程配置服务器定期对数据库中标识为已使用过的账号、密码和代理端口信息进行清理。7. The terminal remote access method based on TCP message proxy according to claim 1, wherein the remote configuration server regularly cleans up the used account number, password and proxy port information in the database. 8.根据权利要求1所述的基于TCP消息代理的终端远程访问方法,其特征在于,所述设备信息包括MAC地址。8. The terminal remote access method based on TCP message agent according to claim 1, characterized in that the device information includes a MAC address. 9.一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,其特征在于,所述处理器执行所述程序时实现如权利要求1至8任一项所述的基于TCP消息代理的终端远程访问方法。9. An electronic device comprising a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor implements any of claims 1 to 8 when executing the program. The terminal remote access method based on TCP message agent described in item. 10.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该程序被处理器执行时实现如权利要求1至8任一项所述的基于TCP消息代理的终端远程访问方法。10. A computer-readable storage medium, on which a computer program is stored, characterized in that, when the program is executed by a processor, the method for remotely accessing a terminal based on a TCP message agent according to any one of claims 1 to 8 is realized .
CN202211553525.9A 2022-12-06 2022-12-06 Terminal remote access method, equipment and medium based on TCP message proxy Active CN115811432B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211553525.9A CN115811432B (en) 2022-12-06 2022-12-06 Terminal remote access method, equipment and medium based on TCP message proxy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211553525.9A CN115811432B (en) 2022-12-06 2022-12-06 Terminal remote access method, equipment and medium based on TCP message proxy

Publications (2)

Publication Number Publication Date
CN115811432A true CN115811432A (en) 2023-03-17
CN115811432B CN115811432B (en) 2025-09-09

Family

ID=85485005

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211553525.9A Active CN115811432B (en) 2022-12-06 2022-12-06 Terminal remote access method, equipment and medium based on TCP message proxy

Country Status (1)

Country Link
CN (1) CN115811432B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117857131A (en) * 2023-12-13 2024-04-09 天翼云科技有限公司 Method and system for remote management of wide area network intelligent gateway equipment based on web

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080281900A1 (en) * 2000-07-19 2008-11-13 International Business Machines Corporation Technique for Sending TCP Messages through HTTP Systems
WO2013020207A1 (en) * 2012-01-30 2013-02-14 Martello Technologies Corporation Method and system for providing secure external client access to device or service on a remote network
CN104243210A (en) * 2014-09-17 2014-12-24 湖北盛天网络技术股份有限公司 Method and system for remotely having access to administrative web pages of routers
WO2016197637A1 (en) * 2015-12-10 2016-12-15 中兴通讯股份有限公司 Method for implementing remote access, alljoyn gateway proxy, cloud server and mobile device
WO2017054443A1 (en) * 2015-09-30 2017-04-06 深圳市先河系统技术有限公司 Remote control method, server and network attached storage
CN109743373A (en) * 2018-12-25 2019-05-10 北京奇安信科技有限公司 Remote assistance method, equipment, system and the medium of terminal
CN113794772A (en) * 2021-09-15 2021-12-14 山东有人物联网股份有限公司 Method and system for remotely accessing built-in page of terminal equipment
KR102351795B1 (en) * 2021-10-06 2022-01-17 주식회사 파이오링크 Method for remote managing network devices in cloud platform and cloud terminal control server using them
US20220255902A1 (en) * 2021-02-05 2022-08-11 Red Hat, Inc. Remote management of software on private networks

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080281900A1 (en) * 2000-07-19 2008-11-13 International Business Machines Corporation Technique for Sending TCP Messages through HTTP Systems
WO2013020207A1 (en) * 2012-01-30 2013-02-14 Martello Technologies Corporation Method and system for providing secure external client access to device or service on a remote network
CN104243210A (en) * 2014-09-17 2014-12-24 湖北盛天网络技术股份有限公司 Method and system for remotely having access to administrative web pages of routers
WO2017054443A1 (en) * 2015-09-30 2017-04-06 深圳市先河系统技术有限公司 Remote control method, server and network attached storage
WO2016197637A1 (en) * 2015-12-10 2016-12-15 中兴通讯股份有限公司 Method for implementing remote access, alljoyn gateway proxy, cloud server and mobile device
CN109743373A (en) * 2018-12-25 2019-05-10 北京奇安信科技有限公司 Remote assistance method, equipment, system and the medium of terminal
US20220255902A1 (en) * 2021-02-05 2022-08-11 Red Hat, Inc. Remote management of software on private networks
CN113794772A (en) * 2021-09-15 2021-12-14 山东有人物联网股份有限公司 Method and system for remotely accessing built-in page of terminal equipment
KR102351795B1 (en) * 2021-10-06 2022-01-17 주식회사 파이오링크 Method for remote managing network devices in cloud platform and cloud terminal control server using them

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117857131A (en) * 2023-12-13 2024-04-09 天翼云科技有限公司 Method and system for remote management of wide area network intelligent gateway equipment based on web

Also Published As

Publication number Publication date
CN115811432B (en) 2025-09-09

Similar Documents

Publication Publication Date Title
CN110719276B (en) Network equipment safety access system based on cache password and working method thereof
CN109768965B (en) Login method, equipment and storage medium of server
CN102045375B (en) Remote command interaction method and bastion host
WO2017024842A1 (en) Internet access authentication method, client, computer storage medium
CN110719277B (en) System and method for secure access of network device based on one-time access credential
CN111935276B (en) Remote host access method, device and device
CN109819053A (en) Applied to the springboard machine system and its control method under mixing cloud environment
CN110995715B (en) Dialysis access method and system for intranet https service
KR102533536B1 (en) A method, an apparatus, an electronic device and a storage medium for communicating between private networks
CN110502315A (en) A kind of method, apparatus and system remotely accessing physical machine
CN115811432A (en) Terminal remote access method, device and medium based on TCP message agent
CN105704209A (en) Breathing machine data transmission method, system, breathing machine and service platform
CN107070732A (en) The method and device of server configuration information in a kind of batch modification cluster
CN110719255B (en) Collaborative operation and maintenance method and system based on SSH protocol
CN111193776B (en) Method, device, equipment and medium for automatically logging in client under cloud desktop environment
CN103220170B (en) Method and device for automatically configuring and managing equipment
US20080092206A1 (en) Security protocol control apparatus and security protocol control method
CN118590272A (en) Server access method, device, storage medium and electronic device
CN109450887B (en) Data transmission method, device and system
JPH11150532A (en) Intranet remote management system and recording medium on which program used for the system is recorded
CN111722901B (en) Electronic information centralized management and control system and method based on cloud editing
CN111252639B (en) Method, system, terminal and medium for offline updating elevator car display screen resources
CN113206821A (en) Cloud desktop single sign-on method, network equipment and storage medium
JP5535104B2 (en) Information processing system, management server, terminal device, information processing method, and program
CN115379008B (en) Data transfer station system based on network server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载