Hologram provides a service called Spacebridge that allows you to create secure authenticated tunnels to send data to a device with a Hologram SIM card connected to the cellular network. With Spacebridge, you can send inbound traffic to any port on the device.
Tunneling without the Spacebridge desktop client
The officially supported Spacebridge client is a convenient wrapper around Hologram API calls and an SSH client. In environments where a GUI application isn't appropriate, you can use these standard protocols to open a secure tunnel directly.
These instructions are for Linux with OpenSSH and assume that you've already enabled tunneling for your device in the dashboard (covered in the section above).
Generate a SSH key and upload to the Hologram API
You only need to complete this section the first time you're setting up the tunnel on this computer. If you already have an SSH key-pair that you'd like to use, skip to step 2.
- Use ssh-keygen to generate a SSH key-pair:
bash ssh-keygen -f spacebridge.key -b 4096
You'll see a prompt asking if you want to put a password on the key. We recommend this for enhanced security. - Upload your public key to the Hologram API. In the code below, replace "~APIKEY~" with your Hologram API key. Your personal API can be found in your dashboard by clicking on the Account section in the main menu and selecting API tab at the top of the screen. If you are using a key that you already generated, replace the filename in the export command.
The filename ends in .pub
, not .key.
If you use the .key
file this will upload your private key which you don't want to do.
bash PUBKEY=$(cat spacebridge.key.pub); curl -X POST -H "Content-Type: application/json" -d "{\"public_key\":\"$PUBKEY\"}" "https://dashboard.hologram.io/api/1/tunnelkeys?apikey=~APIKEY~"
You should get a successful response back.
Open the Tunnel by Running SSH With Port Forwarding
- Look up the link ID for the SIM you are trying to tunnel into. You can find this on the Dashboard by clicking on the plus sign next to the SIM number.
- The command below will open up the tunnel. You can see in this command where you would replace the link ID with your own ID. In this case, port
22
is the port on the device, and port5000
is the local port being forwarded. Replace spacebridge.key with whatever private key you are using. This should be key file that goes with the .pub file that you uploaded to the Hologram API.
bash ssh -p 999 -L 5000:link10311:22 -N -i spacebridge.key htunnel@tunnel.hologram.io
- You should now be able to connect to port
22
on your device from port5000
on the local host.