# Slave Mode
SocketXP agent when run in slave mode will act like a local proxy server.
Imagine a VPN client software running on your laptop or PC.
If you want to connect to your remote device directly from your laptop or PC, without having to visit the SocketXP Portal page, then this is an alternate method for connecting to your Raspberry Pi or any Linux device over the internet using the SocketXP IoT solution.
This method is especially useful, if you want to connect to your remote device using an SSH client such as PuTTY, FileZilla or SecureCRT installed on your laptop or desktop. And, you want to use your SSH public/private keys to login to your device more securely.
The slave mode feature can be used to access any service (not just SSH server) running in your Raspberry Pi or Linux device. This method is equivalent to connecting to your device using a local IP address and TCP port, as if the device is connected to your local network. Again, imagine a VPN client software running on your laptop.
Here is a list of other services running in your Linux device or Raspberry Pi that can be accessed by running SocketXP agent in slave mode in your laptop or desktop:
- Python, NodeJS, Java, Golang web service
- Any program or service listening on a TCP port.
First download and install the regular SocketXP agent software on your accessing device (such as a laptop running Windows or Mac OS). Next, configure the agent to run in slave mode using the command option "--iot-slave" as shown in the example below. Also, specify the device ID of the IoT device you want to connect to, using the
$ socketxp connect tcp://localhost:3000 --iot-slave --peer-device-id "abc123456789" --peer-device-port 22 Listening for TCP connections at: Local URL -> tcp://localhost:3000 Accessing the IoT device from your laptop
Where port 3000 is the local proxy port at which the SocketXP agent is listening for SSH connections from any SSH client. You could specify any free port in your laptop as a local proxy port instead of 3000. You could find the device ID of your device from the SocketXP Portal page in the Devices section. Alternatively, you could provide the IoT device name to connect in slave mode as shown below:
$ socketxp connect tcp://localhost:3000 --iot-slave --peer-device-name "sensor12345" --peer-device-port 22 Listening for TCP connections at: Local URL -> tcp://localhost:3000 Accessing the IoT device from your laptop
SocketXP automatically assigns a unique ID for your device. You could find this device ID information in the device.key file at /var/lib/socketxp/device.key. You could also find this information in the SocketXP Portal's device page (opens new window)
Why this is important?:
SocketXP IoT Agent when run in IoT Slave Mode acts like a localproxy server. It proxies all connections to a user-specified local port (3000 in the example above) in your laptop/PC to the SocketXP IoT Cloud Gateway using a secure SSL/TLS tunnel. Also the SocketXP IoT Agent authenticates itself with the SocketXP IoT Cloud Gateway using your auth token. This ensures that only legitimate, authenticated users are permitted to access your remote IoT devices. SocketXP ensures Zero-Trust security on all connected devices.
Now you can SSH into your IoT device using the local proxy port (3000), as shown in the example below.
$ ssh -i ~/.ssh/john-private.key [email protected] -p 3000
john is a user account that exists in your IoT device.
You can also use PuTTY (opens new window) SSH client to remote SSH into your device using the same parameters show above. You can also use PuTTY or FileZilla (opens new window) to perform SFTP actions such as file upload and file download on your remote IoT or Raspbery Pi device.