In the following example we will go through the Tunnel Step-by-Step Guide with an extra setup guide specific for the Raspberry Pi (RPI).

The idea is to make a Nabto P2P connection to make a TCP tunnel to the SSH server on a Raspberry PI so you can remote connect to the RPI using this TCP tunnel and SSH. 

You can read more about Nabto tunnels here.

The existing TCP Client application in the above drawing is the SSH client on the desktop and the existing TCP Server application is the SSH server on the RPi. The idea is to make an TCP (server) endpoint on the client that mirrors the server port on the RPI.

This of course itself is a useful application of Nabto, being able to remotely connect to an RPi via SSH, but also is a simple way of establishing a proof-of-concept with Nabto. The encapsulation of SSH could of course be any type of TCP protocol, HTTP, telnet, SMTP, but in this example we just show SSH.

Step 1: Setting up your RPi

For further details and a more in-depth documentaion, see the Rasperry Pi Documentaion.

Note: Before you begin, make sure to enable SSH either manually through the RPI interface in the Raspberry Pi Configuration or through the command sudo raspi-config and Interfacing Options

Also make sure to be on the same wifi, both your PC and RPI in order to connect.

A freshly installed RPi comes with the hostname known as raspberrypiwhich is widely used to connect to the RPI commandline using the secure shell (SSH) protocol. SSH in turn needs the IP address of the RPi.

So, to begin with we will ping the RPI, and if the RPI is reachable (and running an mDNS server and your client machine running an mDNS client), the IP will be shown, as seen down below.

Use the following command: ping raspberrypi.local

[christopher@Christophers-Macbook-Air ~ % ping raspberrypi.local
PING raspberrypi.local ( 56 data bytes
64 bytes from icmp_seq=0 ttl=64 time=15.038 ms
64 bytes from icmp_seq=1 ttl=64 time=14.757 ms

Now we can use SSH to connect to the RPI command line, using the IP of the RPi.

Use the following command: ssh pi@<IP> (Where <IP> is the IP address of your RPi).

<p>[christopher@Christophers-Macbook-Air ~ % ssh [email protected]</p>

You will be prompted to enter a password, for a freshly installed RPi this will be “raspberry”.

If everything is entered as previously stated, your command line text should turn green, as shown below, indicating a successful connection to the RPI command line.

You are now ready to execute commands on your RPI command line.

Step 2: Setting up Nabto Cloud Console and Embedded SDK

Following the steps of the Tunnel Step-by-Step Guide for setting up an account in the Nabto Cloud Console, you should add a Public TCP Tunnel Client, like seen below:

Now go to Configured Devices and create a new single device, like this:

Follow the Raspberry Pi specific Nabto Embedded SDK build instructions – this builds everything including the tunnel binary.

Note: If CMake is not installed, please install first by following the cmake installation instructions.

To run initialize and configure the built tunnel binary, follow the final parts of the Tunnel Step-by-Step Guide:

./tcp_tunnel_device --init

Afterwards you can see the steps in the guide and enter the product/device ID found in the Nabto Cloud Console.

If asked about new user roles, just select Standard.

After following the steps of the tunnel guide, you will be given a fingerprint and in my case, mine looks like this:


Now go back into you Nabto Cloud Console and insert the fingerprint into your tcp device, it should look something like this:

cloud console device configuration

Now click “Save”.

The device is now ready to roll, try typing the following command, which should now look like something from the guide:


Step 3: Setting up the client

In order to connect to the embedded device, we will need the corresponding tunnel client. This can be obtained by following the guide.

The idea is to have the embedded part on the RPi and the client part on the PC.

First step is to download the tunnel client application, do this anyway you’d like, I will be using the terminal. I will install it to my desktop for easy access, and afterwards use the following command:

git clone [email protected]:/nabto/nabto-client-edge-tunnel 

Follow the guide’s instructions on obtaining the Nabto Client SDK libraries.

Afterwards, follow the client section of Tunnel Step-by-Step Guide, e.g. star local pairing:

./edge_tunnel_client --pair-local

Afterwards, it should look like the following:

Scanning for local devices for 2 seconds.
Found 1 local devices.
Choose a device for pairing:
[q]: Quit without pairing
[0]: ProductId: pr-w34yvehn DeviceId: de-3tfkvxfn

In this example, the device found is my own, your device will look different, but nonetheless, press the number corresponding to the right device. (In this case, 0)

Following the directions of the Tunnel Step-by-Step Guide, select the Local Initial pairing method, as seen below:

Connected to the device. ProductId: pr-w34yvehn DeviceId: de-3tfkvxfn
Several pairing modes exists choose one of the following.
[0]: Password Invite
[1]: Local Initial
Coose a pairing mode: 1

Step 4: Using the tunnel

The last part will essentially follow nabto’s Tunnel Step-by-Step Guide under the “Using the tunnel” part. 

We can now fully utilize nabto’s tunnel example, and with the following command:

./edge_tunnel_client --help

A list of possible commands and functions for the client command line can be seen.


Explainer Video

You can also follow our video explainer below:

Want to learn more about P2P IoT?

Please visit the:
P2P IoT Academy

Deep dive Into our documentation?

Please visit the:
Nabto Platform Overview

Try our demo for Video Surveillance?

Please visit the:
Nabto Edge
Video Cam Demo

Looking for other Great posts?