Since a few months now we are hosting a WebSDR from our ham radio club station in the STH Hollabrunn. The big problem there is that we don’t have full access to the configuration of the firewall because we share the network with another institution. Due to these circumstances we had to find an easy way to tunnel the WebSDR traffic to a network that is fully under our control – the egimoto.com server. VPN would come to the mind of most people when encountering such a problem but if you ever tried to set up your own VPN server as an IT noob (me) then you know that’s not easy. Anyways, I remembered that SSH creates a tunnel to encrypt the console traffic. Maybe this tunnel can be used to transport the WebSDR traffic between the club station and egimoto.com. After some quick googling I was happy to find out that this is possible with “reverse SSH tunnelling”. From my search results I realised that this solution seems not to be very common, so I want to document my findings here.
The following scrip allows the WebSDR to connect to a Raspberry PI in the egimoto.com network where the web requests are distributed by a proxy server. The Raspberry PI only serves as a SSH server and does nothing more. The following script is called by a service at system start-up on the WebSDR side.
!/bin/bash sleep 60 autossh -M 0 -N -R 8080:localhost:8073 user\@yourdomain.com -p22
“email@example.com -p22” should be changed to your needs. For this to work you must be able to log into your SSH server without entering the password (I used method one). The WebSDR runs on the local port 8073 and will be available at the Raspberry PI side on 8080. Autossh is very handy because it regularly checks if the SSH connection is still alive and reconnects if necessary. For this to work you must enable “Keep alive packages” on the SSH server or client side (to be save, I did it on both ends).
Here you can find the config options for client side. (ServerAliveCountMax, ServerAliveInterval)
Here you can find the config options for server side. (ClientAliveCountMax, ClientAliveInterval)
Of course Stack Exchange was the source 🥣 for this.
This setup is running for 3 months now without any problems now which makes me very happy 😁.
🌍 Visiting the WebSDR
- The WebSDR always covers the full 2m Band and 70cm repeater outputs + simplex channels, analog and digital modes.
- Other SDRs are reconfigured and added from time to time but currently the full 6m band is available.
- OpenWebRX is the used software
- APRS and FT8 background decoding + reporting is enabled
- The reverence oscillator for all SDRs will be updated to a calibrated OCXO in a few weeks
- 25 users are supported
- Wideband antenna used (Discone antenna)
- Map for APRS and FT8 spots available
Click here to visit: OE3XHU WebSDR