(2019-07-30, 09:36)mcelliott Wrote: [ -> ]Hi,
I'm pretty new to TVHeadEnd (moved from the MediaPortal camp). I have a Raspberry Pi 4 with three X-Box One TV tuners. It's working well. I use the iPhone app for checking schedules, etc.
It would be really good to be able to use this app when I'm not home to set recordings, etc.
I know the idea behind this. I need to set the IP address on my phone to that provided by my internet provider and then to set port forwarding on my router. However, the guides I have found for this tend to assume that you actually understand all of this, rather than guiding you through the steps.
Does anyone have a guide that is suitable for a total newbie?
Best wishes,
Mark
I have never used or even heard of this app you speak of, then again I can't afford an iPhone and wouldn't want one anyway. In theory you could just do port forwarding in your router's configuration, but the reason we can't tell you how to do that is because every router is different. You could go to YouTube and watch some videos on how to set up port forwarding; they may even have one for your router. But I don't recommend doing that for a phone app because it leaves a big security hole that could allow the bad guys to get into your system.
So my question to you is, when you are at home do you ever use Tvheadend's web interface to schedule recordings? I am not talking about an app, I am talking about going to the address of your Tvheadend box and port 9981 using a web browser. If not, you should first learn how to do that.
Them my second question is, when you are at home can you ssh into your Tvheadend server machine and get a terminal prompt? If not, you should learn how to do that. You may need to install openssh-server if it's not already installed.
If you can do both of those things, then my suggestion to you would be the following:
First change your ssh server to not use the default port 22, but rather some obscure port number in the four or five digit range (lower than 32767). This will not give you perfect security, but it will stop some of the "script kiddies". Then change your user password to something really long, like 64 random characters including numbers and special characters. Use a password manager to store this. Since you probably don't want to have to type this at home, you may want to do something like this, this will allow you to access your system via ssh from your own machines without entering a password at all:
https://www.tecmint.com/ssh-passwordless...asy-steps/
Now the next step is to port forward to your obscure ssh port in your router. This is kind of router specific, again try to find a video on YouTube that shows how to do it (you could start at
https://www.youtube.com/results?search_q...n+a+router). Note that you could leave your ssh port at the default 22 but in your router connect that with an obscure port for traffic from the outside, but I just like to change it at the actual system because it does provide a slight increase in security (not only do the bad guys have to guess your ssh password, they also have to guess which port you are using).
The goal here is that you want to be able to make an SSH connection to your Tvheadend server from a remote location, by just using
ssh -p ssh_port_number user@your_ip_address. Try it from any location not on your local network (could be your cell phone using cellular internet), specifying your obscure port number as shown and your home IP address.
Now once you can do that, instead of logging in that way try this:
ssh -p ssh_port_number -L 9981:localhost:9981 -l user@your_ip_address
Leave that terminal window open (connected) and then on the same machine open a web browser and go to
localhost:9981 or
127.0.0.1:9981 - you should be into your Tvheadend web interface, just as if you were sitting at home, and you can schedule recordings and do anything else that can be done from the web interface. No setting up a complicated VPN required, no monthly fees, none of that nonsense.
What you are doing is creating a secure tunnel between your web browser and Tvheadend's web server using ssh. So basically you want to make your ssh connection as secure as possible because if anyone can guess your password and ssh port and break in, they own your system. So please avoid the temptation to use a simple password. As you learn more about this you will find that you can disable password logins completely and only use secure key access but if you do that and somehow lose the key file then you are locked out of your system, however doing so would increase security considerably because now there is no password the bad guys can guess that will let them in. Anyway there are many videos on YouTube and many articles explaining the ins and outs of ssh, and that is what you want to learn about.
A similar option,
that is not what I am talking about above, is to set up a SOCKS5 proxy. The line to invoke that would be this:
ssh -C -p ssh_port_number user@your_ip_address -D proxy_port_number
You have to pick a proxy_port_number to use (could be something like 9999) and then you have to configure your browser to use a SOCKS5 proxy, again check YouTube for videos on how to enable a SOCKS5 proxy. When you do this ALL your browser traffic goes through your local network, so you can go to your Tvheadend backend by simply entering the address as you normally would. The disadvantage to this is if you surf to any other web sites that traffic has to flow through your local network twice (in and back out) so you really don't want to do that if you have bandwidth caps. And also you do have to configure your browser to use a SOCKS5 proxy, which is a little tricky (especially in Chrome, where you have to use an addon such as SwitchyOmega), whereas the tunnel I mentioned first requires no special browser configuration or difficult setup. I don't recommend a SOCKS5 proxy in your situation UNLESS you also have other machines or devices on your home network that you want to be able to access remotely.
I wish I could give you better instructions but without knowing anything about your configuration it's kind of difficult. You managed to install Tvheadend so I have to assume you know a small bit about Linux, though it may be very small if you are just starting out. But there are videos and web pages that explain at least all the elementary concepts, the trick is knowing what to search for to bring up a helpful page, and avoiding pages and videos by some clown that wants you to do everything the hard way (tip - never just accept the first result you see, always try to look at two or three videos or pages because in Linux there are many things that can be done easily, but for some reason some people seem to want to add several extra unnecessary steps. If you encounter instructions that seem overlay complicated, it may be because they are, and you can probably find a page that's at least more understandable if not easier to follow). I've been using Linux on my Tvheadend server and my computer that runs Kodi for years and still know very little about Linux, but once you know what you are looking for there is a lot of information available.