OpenIPC
/
wiki
mirror of https://github.com/OpenIPC/wiki.git
1
0
Fork 0
Code Activity

Merge branch 'OpenIPC:master' into master

pull/417/head
wkumik 2024-10-08 22:49:47 +02:00 committed by GitHub
parent f111af3600 30efa095ae
commit 395fb5938d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
11 changed files with 639 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -49,6 +49,7 @@ OpenIPC Wiki
### FPV
- [Frequently Asked Question (FAQ) for FPV](en/fpv-faq.md)
- [General Info](en/fpv-general.md)
- [OpenIPC AIO "Mario"](en/fpv-openipc-aio-mario.md)
- [OpenIPC AIO "UltraSight"](en/fpv-openipc-aio-ultrasight.md)
- [Guide to configure an FPV camera and groundstation](en/fpv-step-by-step-guide.md)
@ -62,6 +63,7 @@ OpenIPC Wiki
- [A selection of OpenIPC videos on YouTube](en/fpv-youtube.md)
- [RunCam WiFiLink based on OpenIPC](en/fpv-runcam-wifilink-openipc.md)
- [Radxa based groundstation](en/fpv-radxa.md)
- [The mavfwd tool](en/fpv-mavfwd.md)
### Troubleshooting

35
en/faq.md
View File

@ -29,6 +29,7 @@ and then look it up in the [FCC ID database](https://fccid.io/).
- lame (mp3) and libwebsockets support
- experimental WebRTC support (only recent Hisi/Goke)
$\color{red}{\text{We always recommend using only Lite firmware}}$
### How to strip U-Boot Image wrapper header from a binary image
@ -104,6 +105,10 @@ For a camera with 16MB flash chip, run
sf probe 0; sf erase 0xd50000 0x2b0000; reset
```
### How to connect to camera with SSH using keys / no password
See seperate wiki page [here](en/sshusingkeys.md)
### How to find information about the camera hardware and software?
Sign in on camera via `ssh` and run `ipctool`.
@ -193,36 +198,6 @@ Make sure to use your own IP address and path to the NFS share!
strings dumpfile.bin | grep ^ethaddr
```
### How to configure ssh session authorization by key
__On the camera__: Sign in into web UI on port 85 of your camera.
```bash
passwd
```
__On the desktop__: Copy the public key to the camera by logging in with the
password created above.
```bash
ssh-copy-id root@192.168.1.66
```
__On the camera__: Create a `.ssh` folder in the root user's home directory
and copy the file with the authorized keystore into it.
```bash
mkdir ~/.ssh
cp /etc/dropbear/authorized_keys ~/.ssh/
```
__On the desktop__: Open a new session to verify that the authorization is
passed using the public key not requesting a password.
```bash
ssh root@192.168.1.66
```
### Majestic
#### How to get a memory dump for debugging?

137
en/fpv-general.md 100644
View File

@ -0,0 +1,137 @@
# OpenIPC Wiki
[Table of Content](../README.md)
Be sure to use the [FAQ](../en/fpv-faq.md) as well.
# Acronyms and Definitions
* BEC - BEC stands for Battery Eliminator Circuit. It is used to provide a stable voltage supply to components in a device, often in place of a battery.
* Channel - A Wi-Fi channel is a specific range of frequencies used for communication between wireless devices. Wi-Fi networks typically divide these frequencies into 14 channels in the 2.4 GHz band, 34 channels in the 5 GHz band, and up to 59 channels in the 6 GHz band.
* [Configurator](https://github.com/OpenIPC/configurator) OpenIPC controller for setting up FPV and URLLC devices
* Datalink - Datalink is oncerned with managing data communication links and ensuring reliable data transfer between the device and external systems.
* FEC_K and FEC_N
FEC_K and FEC_N are parameters used in Forward Error Correction (FEC) to define the structure and efficiency of error correction codes.
#### FEC_K
K refers to the number of information (or data) bits in a block before error correction encoding is applied.
This is the actual data that needs to be transmitted without any redundancy added for error correction.
#### FEC_N
N refers to the total number of bits after error correction encoding has been applied.
This includes both the original data bits (K) and the redundant bits that are added for error detection and correction.
Relationship Between FEC_K and FEC_N
The difference between N and K represents the redundancy added by the error correction code. In other words, the redundant bits are used to detect and correct errors in the transmitted data.
```mathematica
N = K + Number of Redundant Bits
```
Example
If FEC_K = 1000 and FEC_N = 1200, this means 200 redundant bits were added to the original 1000 data bits, creating a total of 1200 transmitted bits.
Code Rate
The ratio of information bits (K) to the total bits (N) is called the code rate:
```mathematica
Code Rate = K / N
```
For example, if K = 1000 and N = 1200, the code rate would be:
```yaml
Code Rate = 1000 / 1200 = 0.833
```
This means that 83.3% of the transmitted bits are actual data, and 16.7% are used for error correction.
#### Usage in Communication Systems
FEC_K and FEC_N are commonly used to describe how data is handled in wireless communication standards such as Wi-Fi, 5G, satellite communication, and broadcast systems.
The values of K and N determine how much error correction is added to the data, impacting both the transmission reliability and bandwidth efficiency.
* FPV - FPV stands for First-Person View, a technology that allows users to experience a live video feed from a camera mounted on a drone or other remote-controlled device as if they were in the pilot's seat. FPV provides a real-time, immersive perspective, enhancing control and situational awareness during flight or remote operation.
* Frequency - Wi-Fi transmits data between your device and a router using radio waves over specific frequencies. Depending on the amount of data being transferred, it can use one of two frequencies: 2.4 gigahertz or 5 gigahertz.
* H265/H264 - Video compression standards used to encode and decode video streams.
* H.265 (HEVC): Provides improved compression efficiency compared to H.264, allowing for higher video quality at lower bit rates, which is ideal for 4K and high-definition video streaming.
* H.264 (AVC): A widely used video compression standard that offers good compression and video quality, commonly used for streaming, recording, and video conferencing.
* LDPC - LDPC stands for Low-Density Parity-Check code, which is an advanced error-correcting code used in digital communication systems to improve the reliability of data transmission over noisy channels. LDPC codes are designed to detect and correct errors that occur during data transmission, allowing for more efficient and robust communication.
* [Majestic](https://github.com/OpenIPC/majestic-webui) - Provides web interface for OpenIPC Firmware, and is available on port 80 of your camera. It used for managing and configuring various aspects of the system. It is also a command-line tool.
* MCS Index - The Modulation Coding Scheme (MCS) index is a standard industry metric that reflects various factors in a Wi-Fi connection between a client device and a wireless access point, such as data rate, channel width, and the number of antennas or spatial streams in the device.
* [MSPOSD](https://github.com/OpenIPC/msposd) - OpenIPC implementation of MSP Displayport OSD for INAV/Betaflight/ArduPilot.
* OpenIPC - is a firmware project focused on enhancing and customizing the functionality of IP cameras. IPC acronym means IP Camera.
* [PixelPilot](https://github.com/OpenIPC/PixelPilot) - PixelPilot is an Android app packaging multiple pieces together to decode an H264/H265 video feed broadcast by wfb-ng over the air.
* [PixelPilot_rk](https://github.com/OpenIPC/PixelPilot_rk) - Application that decodes an RTP Video Stream and displays it on screen, for Rockchip devices (aka Radxa).
* STBC - STBC stands for Space-Time Block Coding, which is a technique used in wireless communication systems to improve signal reliability and data transmission performance, particularly in environments with interference or signal fading.
* WFB - Wireless Framebuffer (WFB) is a component that enables remote display and control of a devices graphical interface over a wireless network.
## Filesystem
### Drone
| File Path | Description |
|----------------------|------------------------------------------------------|
| Config |
| `/etc/wfb.conf` | Configure settings for the Wireless Framebuffer (WFB). WFB is a component that allows remote display and control of the device's graphical interface over a wireless network. |
| `/etc/drone.key` | Used to store a secret key that is exchanged with a Groundstation. This key plays a crucial role in securing communications between the drone and the Groundstation. |
| `/etc/datalink.conf` | Used to configure settings related to data link communication. This file plays a role in defining how data is managed and transmitted between various components within the system.|
| `/etc/majestic.yaml` | Majestic Settings |
| `/etc/mavlink` | Mavlink Settings |
| `/etc/openipc_banner`| |
| `/etc/openipc_donors`| |
| `/etc/telemetry.conf`| Used to configure settings related to telemetry. Telemetry involves the collection and transmission of data from the device to an external system for monitoring and analysis.|
| Startup Files |
| `/etc/init.d/S95majestic` | Startup script used to manage the initialization and execution of the Majestic service during system boot. |
| `/etc/init.d/S98datalink` | Startup script used to manage the initialization of the Datalink service during system boot.|
| Apps |
| `/usr/bin/wfb-cli` | used to interact with or configure the Wireless Framebuffer (WFB) service specifically in the context of a ground station. i.e `wfb-cli gs` |
| `/usr/bin/msposd` | MSPOSD binary|
| `/usr/bin/font_hd.png` | font file for msposd |
| `/usr/bin/font.png` | font file for msposd |
| `/usr/bin/telemetry` | Telemetry script |
| `/usr/bin/majestic` | Majestic binary |
### Ground Station
### Radxa
| File Path | Description |
|----------------------|------------------------------------------------------|
| Config |
| `/etc/gs.key` | Shared key|
| `/etc/wifibroadcast.cfg` | Define Connection Parameters|
| Startup |
| `/etc/systemd/system/openipc.service` | Main process Start at boot
| Apps |
| `/home/radxa/wfb_keygen` | Generates shared key|
| `/home/radxa/resizefs.sh` | Resize root filesystem |
| `/home/radxa/scripts/screen-mode` | Setup resolution |
| `/home/radxa/scripts/stream.sh` | Starts main process |
| `/home/radxa/scripts/wifi-connect.sh` | Script to setup local wifi connection to home router|
| Media |
| `/home/radxa/Videos/` | Location where flight videos are stored|

5
en/fpv-kit.md
View File

@ -4,11 +4,6 @@
Selecting hardware to complete OpenIPC FPV kits
-----------------------------------------------
<p align="center">
<img src="https://github.com/OpenIPC/wiki/blob/master/images/fpv-logo.jpg?raw=true" alt="Logo"/>
</p>
### FPV kit 1
- IPCam board GK7205V200 + IMX307

30
en/fpv-mavfwd.md 100644
View File

@ -0,0 +1,30 @@
# OpenIPC Wiki
[Table of Content](../README.md)
OpenIPC FPV - mavfwd tool
-------------------------
Edit **/etc/wifibroadcast.cfg**:
```diff
[gs_mavlink]
peer = 'connect://127.0.0.1:14550' # outgoing connection
-# peer = 'listen://0.0.0.0:14550' # incoming connection
+peer = 'listen://0.0.0.0:14550' # incoming connection
```
Update settings:
```
echo cli -s .video0.fps 120 > /dev/udp/localhost/14550
```
Update drone key:
```
file="echo $(cat gs.key | base64) | base64 -d > /etc/drone.key"
echo $file > /dev/udp/localhost/14550
```
Update configuration:
```
file="echo $(cat wfb.conf | base64) | base64 -d > /etc/wfb.conf"
echo $file > /dev/udp/localhost/14550
```

146
en/fpv-openipc-aio-internet-forwarding.md 100644
View File

@ -0,0 +1,146 @@
## AIO Mario firmware update over usb via internet forwarding
This method will work on Linux due to specific network commands. The key idea is to use the local PC as a network bridge betwen AIO board ethernet interface and your local internet interface.
## Steps
1. Connect AIO Mario to USB
2. Identify your PC address. On your local PC run:
```bash
ip -c a
...
3: enx00e099fead02: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:e0:99:fe:ad:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.11/24 brd 192.168.1.255 scope global noprefixroute enx00e099fead02
valid_lft forever preferred_lft forever
inet6 fe80::de74:78fc:9af0:f031/64 scope link noprefixroute
valid_lft forever preferred_lft forever
```
Here: `192.168.1.11` is my local PC address on AIO ethernet interface.
3. Connect to AIO Mario over ssh. On PC:
```bash
ssh root@192.168.1.10
```
4. List AIO routes. On AIO run:
```bash
root@openipc-ssc338q:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
```
5. We need to add a route to our local PC, so traffic could get route over. On AIO run:
```bash
root@openipc-ssc338q:~# route add default gw 192.168.1.11 eth0
```
Here: `192.168.1.11` is the local PC address.
6. Verify that route was added correctly:
```bash
root@openipc-ssc338q:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.11 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
```
7. On the local PC we need to forward all the traffic from `enx00e099fead02` AIO Mario ethernet interface to our local connection.
This can be `wlp2s0` for wifi. To check the interface name, on the local PC run again:
```bash
ip -c a
2: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether f8:34:41:af:55:37 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.8/24 brd 192.168.1.255 scope global noprefixroute wlp2s0
valid_lft forever preferred_lft forever
inet6 fe80::8d6a:f2f6:c850:cf9d/64 scope link noprefixroute
valid_lft forever preferred_lft forever
```
Here: `wlp2s0` is my internet connection, it could be also `eth0` on other setups.
8. Traffic forwarding. Create a bash script `~/forward.sh`:
```bash
#!/bin/bash
# Get the interface name of the wireless card by stdin
# $1 is the interface name of the AIO card
USB_AIO=$1
INTERNET_IF=$2
sudo iptables -A FORWARD -i $USB_AIO -o $INTERNET_IF -j ACCEPT
sudo iptables -A FORWARD -i $INTERNET_IF -o $USB_AIO -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables --table nat -A POSTROUTING -o $INTERNET_IF -j MASQUERADE
```
This script will receive as input `$1` the AIO ethernet interface, and forward the traffic to `$2`.
Enable IP forwading by editing `/etc/sysctl.conf` on your local PC and adding:
```
net.ipv4.ip_forward = 1
```
And enable the changes with:
```bash
sudo sysctl -p /etc/sysctl.conf
```
on Debian/Ubuntu systems this can be also done restarting the procps service:
```
sudo /etc/init.d/procps restart
```
9. Run the script on your local PC:
```bash
chmod u+x ./forward.sh
sudo ./forward.sh enx00e099fead02 wlp2s0
```
Here: `enx00e099fead02` is AIO ethernet interface, and `wlp2s0` local PC interface.
10. On AIO Mario we need to configure DNS servers. Edit `/etc/resolv.conf` and add:
```
nameserver 8.8.8.8
nameserver 8.8.4.4
```
11. Test internet acces. On AIO run `ping 8.8.8.8` and `ping openipc.org`:
```bash
root@openipc-ssc338q:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=116 time=23.611 ms
64 bytes from 8.8.8.8: seq=1 ttl=116 time=28.683 ms
^C
--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 23.611/26.147/28.683 ms
root@openipc-ssc338q:~# ping openipc.org
PING openipc.org (5.161.116.152): 56 data bytes
64 bytes from 5.161.116.152: seq=0 ttl=51 time=290.381 ms
64 bytes from 5.161.116.152: seq=1 ttl=51 time=207.881 ms
64 bytes from 5.161.116.152: seq=2 ttl=51 time=232.049 ms
^C
--- openipc.org ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 207.881/243.437/290.381 ms
```
12. Update firmware:
```bash
root@openipc-ssc338q:~# sysupgrade -r -k -n --force_ver
OpenIPC System Updater v1.0.41
Vendor sigmastar
SoC ssc338q
Kernel 03:35:18 2024-09-27
RootFS master+d69195a, 2024-09-27
Synchronizing time
ntpd: setting time to 2024-09-28 00:05:42.525372 (offset +73821.493151s)
Sat Sep 28 00:05:42 GMT 2024
Checking for sysupgrade update...
Same version. No update required.
Stop services, sync files, free up memory
Stopping crond: OK
Stopping ntpd: OK
Stopping klogd: OK
Stopping syslogd: OK
...
```

62
en/fpv-openipc-aio-mario.md
View File

@ -57,15 +57,37 @@ MSIC BEC on board is up to 2A 5V output
enter uboot use uart device connect to top of AIO board(R0,T0)pad.
How to get lower voltage input for DC input
AIO power supply from 2s-3S battery needed more current and required 4wires connected, but higher voltage 4S+ may works 2wire connection.
Remove two resistors then you can get input as low as 5.4V input available.
![image](https://github.com/user-attachments/assets/24218925-fca8-47e2-bc4a-1326dabeaa68)
### Connect usb debug port
Plug USB cable to connect AIO and PC first, then power on DC, or usb power only.
If there are unknown USB devices in the computer, the following drivers need to be installed.
[corechip-sr9900-usb20-to-fast-ethernet-adapter-1750095.zip](https://github.com/user-attachments/files/16829005/corechip-sr9900-usb20-to-fast-ethernet-adapter-1750095.zip)
If there are unknown USB devices in the computer, the following [corechip-sr9900](https://github.com/user-attachments/files/16829005/corechip-sr9900-usb20-to-fast-ethernet-adapter-1750095.zip) drivers need to be installed.
in windows:
Operations on Mac OS
<img width="686" alt="Screenshot 2024-09-21 at 10 07 24AM" src="https://github.com/user-attachments/assets/15fde52d-8f14-4377-87ed-cec6e05dc70a">
<img width="714" alt="Screenshot 2024-09-21 at 10 09 18AM" src="https://github.com/user-attachments/assets/ce029aab-7505-41f8-81fc-283e41dfe84a">
<img width="544" alt="Screenshot 2024-09-21 at 10 11 31AM" src="https://github.com/user-attachments/assets/97aff8d8-1a1b-4682-a304-4af58a29e68a">
#### Autosetup in windows
Please download [Auto_Set_Mario_CDC.zip](https://github.com/user-attachments/files/17010487/Auto_Set_Mario_CDC.zip) file, unzip it and run as administrator.
or setting manually as follows:
go to control panel- internet -network:
@ -79,6 +101,36 @@ then open ssh to connect AIO address:192.168.1.10
user:root password:12345
**How to get internet for AIO**
1.Open network connections on you windows, right click your main network adapter properties---Sharing: Allow other network users choose USB CDC
![image](https://github.com/user-attachments/assets/e3f41122-7601-4dff-b599-a325e0693b8c)
Apply,then the CDC ethernet will got a ip address 192.168.137.1 automaticlly
![image](https://github.com/user-attachments/assets/bac7350b-399e-419c-8a4a-557d4378cf79)
open admin terminal
![image](https://github.com/user-attachments/assets/7eaae7ca-16c6-4e59-a8de-9178c9e3b77c)
using arp -a to find AIO's IP
![image](https://github.com/user-attachments/assets/f6d2641e-a5e9-45cd-90cb-5328d423a6c7)
here 192.168.137.147 is my AIO's ip address.
open ssh connect to AIO,Done.
![5ed177f3dc690f9e70452e3e4c93b17](https://github.com/user-attachments/assets/48f44a3d-ae04-4780-aac7-b878a043c3e6)
Now you can use sysupgrade -r -k -n --force_ver to update your firmware.
### Upgrade firmware
@ -130,8 +182,10 @@ on bench test or debug is disable the record function defaultly
To enable the recording function set (record value)true in majestic.yaml
SD card must insert before Powering.
On board heat sink and cooling fan:
**On board heat sink and cooling fan:**
cooling fan out put power up to 500mA max

6
en/gpio-settings.md
View File

@ -103,6 +103,12 @@ Tested on GK7205V300 for /dev/ttyАМА1:
| Hi3516Ev200 | 53 | 52 | 4 | |
| Hi3516Cv100 | 42 | 43 | 6 | IPG5020A-H-V1.0, 5013A-CF/5020A-FF |
### JVT boards
| Processor | IRCUT1 | IRCUT2 | LIGHT | RESET | PWM | USB | TESTED BOARDS |
|-------------|--------|--------|-------|-------|-----|-----|------------------|
| GK7205v300 | | | | 9 | 3 | 61 | |
### JUAN boards (Sannce)
| Processor | IRCUT1 | IRCUT2 | IRSTATUS | TESTED BOARDS | DEVICE ID |

138
en/sshusingkeys.md 100644
View File

@ -0,0 +1,138 @@
# OpenIPC Wiki
[Table of Content](../README.md)
SSH access using public key authentication
==========================================
## Introduction
OpenIPC uses a package called Dropbear for managing **S**ecure **SH**ell (SSH) client connections. By default this is configured to use the root username and associated password however it can be made both more secure and simpler by making it passwordless.
If you are new to understanding SSH and PKI then it is suggested you read the ssh guide [here](https://www.ssh.com/academy/ssh) for a full understanding however unless you need to debug why connections are failing or some other in depth issue then the basic understanding of the terms client, server and keys should be sufficient.
The term PKI is used to describe all of the elements used for creating a secure encrypted connection between two devices. These devices are referred to as clients or servers. In simple terms the target machine you are connecting to is the server and the host machine you are connecting from is the client.
To create a secure connection your client is setup with a 'private' key and each server you access is setup with a matching 'public' key. The public key is exchanged during the connection process and tested to make sure it matches with the private key.
Your private key is the only thing that can decrypt data that has been encoded with the matching public key hence why your private key must be safely guarded and the public key part is what we share.
In the initial connection phase there is also a check that the server is the correct device and so these identities are stored in a 'known_hosts' file.
There are many algorithms that have been implemented over the years to ensure connections are extremely hard to break into and so with modern computing power this has meant some of the earlier ones are no longer supported. Modern popular public key encryption standards include RSA (RivestShamirAdleman) and EdDSA (Edwards-curve Digital Signature Algorithm).
This article has been written on how to achieve this using the standard SSH clients included with most modern Linux and Windows distributions i.e. OpenSSH.
## OpenIPC camera with public key (most common setup)
For the most common configuration we first need to generate a key pair and securely get our key to the camera into the authorized_key file.
#### Step 1: connect to the camera
Establish a terminal connection to the camera using the traditional way with your current root password (as per the Majestic web login) e.g. ``` ssh root@<camera_ip_address> ```
#### Step 2: check there is a symlink to the dropbear files
When using SSH there are two key files, authorized_keys and known_hosts, which are expected to be found in the users home **.ssh** directory in both Windows and Linux systems.
As OpenIPC uses Dropbear, and not OpenSSH, these files are actually located in the cameras **/etc/dropbear** directory and so there is a link in the **root user home directory (/root)** that points to the required files and will look like this **.ssh -> /etc/dropbear/**.
If this is missing then it is critical to recreate it with the command **ln -s ~/.ssh /etc/dropbear**
Logout again from the camera.
#### Step 3: create a key pair
To create our private and public key pair we use **ssh-keygen**. This gives us options on what type of key to create and it is recommended you use either the RSA or EdDSA type with EdDSA being the newest and potentially will take longer to break than the older RSA format.
To create the key pair on your **client** machine open a terminal window enter ```ssh-keygen -t ed25519``` .
You will be prompted with a few questions, simply press enter to accept the defaults.
You should see an output similar to this.
```Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/<yourusername>/.ssh/id_ed25519):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/<yourusername>/.ssh/id_ed25519
Your public key has been saved in /home/<yourusername>/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:caaCz/2+eXiIbIPTkIo0/1+7njo8+7tHzaVVA4gworc <yourusername>@<yourmachinename>
The key's randomart image is:
+--[ED25519 256]--+
| . o. . ... |
| . . .. . ..|
| . . . o o|
| ... = o|
| .E..S o + |
| o ooo . + |
| . + .o*...+ |
| . o o Xoo++ |
| ..++X&O |
+----[SHA256]-----+
```
If using windows then you will see /users/<yourusername> instead of the Linux /home/xxx format.
#### Step 4: get the public key on the camera
So we now have a private key and the associated public key on our host machine and the challenge is how to securely get this onto our target, in this case our camera, and added to the authorized_keys file in the target .ssd folder.
Thankfully this has been thought of and there is a utility called ssh-copy-id which allows us to do that.
Enter the following substituting your camera ip address and username:
```
ssh-copy-id -i /home/<yourusername>/.ssh/id_ed25519 root@<camera_ip_address>
```
You should get the following
```ssh-copy-id -i /home/<yourusername>/.ssh/id_ed25519 root@<camera_ip_address>
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/<yourusername>/.ssh/id_ed25519.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@<yourcameraip>'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@<camera_ip_address>'"
and check to make sure that only the key(s) you wanted were added.
```
Now test it is working by trying to access the camera. You should find it will successfully login without asking for a password.
```~$ ssh root@<camera_ip_address>
.d88888b. 8888888 8888888b. .d8888b.
d88P" "Y88b 888 888 Y88b d88P Y88b
888 888 888 888 888 888 888
888 888 88888b. .d88b. 88888b. 888 888 d88P 888
888 888 888 "88b d8P Y8b 888 "88b 888 8888888P" 888
888 888 888 888 88888888 888 888 888 888 888 888
Y88b. .d88P 888 d88P Y8b. 888 888 888 888 Y88b d88P
"Y88888P" 88888P" "Y8888 888 888 8888888 888 "Y8888P"
888
888
888 local+build, 2024-10-04
Please help the OpenIPC Project to cover the cost of development and
long-term maintenance of what we believe is going to become a stable,
flexible Open IP Network Camera Framework for users worldwide.
Your contributions could help us to advance the development and keep
you updated on improvements and new features more regularly.
Please visit https://openipc.org/sponsor/ to learn more. Thank you.
root@openipc-hi3516ev300:~#
````
Now if you enter ```cd .ssh``` and ```ls -la``` you will see similar to the following
```
drwxr-xr-x 1 root root 0 Oct 4 14:54 .
drwxr-xr-x 1 root root 0 Oct 4 12:28 ..
-rw------- 1 root root 101 Oct 4 14:54 authorized_keys
-rw------- 1 root root 83 Oct 4 12:29 dropbear_ed25519_host_key
```
#### Step 4: Troubleshooting
There are few reasons why if you have followed the above that this will not work however the main issue faced is if for some reason the permissions are not correct on the .ssh folder and the files within it.
Ensure the .ssh folder has 700 permissions and the authorized_keys file 600 or similar in Windows, only your user and administrators have permission.
To get a clue how to resolve issues then when entering the ssh command add -vvv which gives verbose debug output and usually will highlight where things are failing.
#### Finally
Remember the private key should never be duplicated or moved.

85
en/sysupgrade.md
View File

@ -3,31 +3,58 @@
Upgrading firmware
------------------
Once the initial installation of the OpenIPC software for your camera is complete it is possible to upgrade it either via the web interface or manually via a terminal window.
### Upgrading from GitHub
For old firmware running `sysupgrade` without parameters is enough. For newer firmware, run `sysupgrade -k -r` to update both kernel and rootfs.
This article is about how to manually perform an update using a terminal window using the sysupgrade command.
__ATTENTION! Upgrading firmware can lead to "bricking" your camera. Make sure you are prepared both morally and skillwise. Have your rescue SD card and/or UART adapter ready. Be prepared to de-solder and reprogram flash chip as the last resort. Do not upgrade production cameras unless you really have to!__
_Note: By default, sysupgrade will reboot the camera to complete the update. If you don't wish to do that then use the -x option (see sysupgrade --help for all options)_.
### Upgrading from a TFTP server
### Upgrading from the GitHub latest release.
By default, running sysupgrade will attempt to download the latest software for your camera model from the github sources.
[Set up a TFTP server](installation-tftpd.md).
There are other options available so you can use a local copy of the Linux kernel (uImage) and camera software (rootfs.squashfs).
Go to <https://github.com/OpenIPC/firmware/releases/tag/latest> and download the latest firmware bundle for your SoC.
Extract content of the bundle into the root directory of your TFTP server.
For old firmware running `sysupgrade` without parameters is enough. For newer firmware, run `sysupgrade -k -r` to update both kernel and rootfs is required.
On the camera run:
__ATTENTION! Upgrading firmware can lead to "bricking" your camera. Make sure you are prepared both morally and skill wise. Have your rescue SD card and/or UART adapter ready. Be prepared to de-solder and reprogram flash chip as the last resort. Do not upgrade production cameras unless you really have to!__
#### Github: From Linux
### Using sysupgrade
Typically running sysupgrade will give you the latest release for your camera, as described above, however if you wish to revert to a previous image, or load your own updates, then use any the options described below.
Remember once you are ready to run sysupgrade you must use the syntax </br></br>
`sysupgrade --kernel=/tmp/uImage.${soc} --rootfs=/tmp/rootfs.squashfs.${soc} -z` </br></br>where '${soc}' is your camera specific soc e.g. gk7205v300
otherwise the latest release on Github will be downloaded.
### Using a TFTP server
#### On your host machine:
If you haven't already got a TFTP server running on your host machine then take a look at the Wiki article [Set up a TFTP server](installation-tftpd.md).
If you don't already have the uImage and rootfs.squashfs images for your camera then go to <https://github.com/OpenIPC/firmware/releases/tag/latest> and download the latest firmware bundle for your SoC and extract the content of the bundle into the root directory of your TFTP server.
```bash
tar xvf <firmware.tgz>
```
If you have built your own versions using a copy of the [firmware repository](https://github.com/OpenIPC/firmware) then your uImage and rootsfs.squashfs images will be in your _output/images_ folder. Copy these to the root of your tftp server.
#### On the camera:
You can either update the images from a Linux terminal session or from the U-Boot prompt, if you have a UART serial connection and interrupted Linux loading.
Check that your camera environment variable for the TFTP server is correct by looking for the _serverip_ entry when listing them with _fw_printenv_.
If it needs updating use _fw_setenv serverip <your.tftp.ip.address>_ command.
##### From Linux
```bash
soc=$(fw_printenv -n soc)
serverip=$(fw_printenv -n serverip)
cd /tmp
busybox tftp -r rootfs.squashfs.${soc} -g ${serverip}
busybox tftp -r uImage.${soc} -g ${serverip}
sysupgrade --kernel=/tmp/uImage.${soc} --rootfs=/tmp/rootfs.squashfs.${soc} -z
```
#### Github: Alternatively, from U-Boot
##### From U-Boot
for 8MB image
@ -49,37 +76,53 @@ tftp ${baseaddr} rootfs.squashfs.${soc}
sf probe 0; sf erase 0x250000 0xA00000; sf write ${baseaddr} 0x250000 ${filesize}
```
### Upgrading from local files
Now restart the camera to load the new images.
Go to <https://github.com/OpenIPC/firmware/releases/tag/latest> and download the latest firmware bundle for your SoC.
Unpack the bundle and upload its content on camera using `scp`:
### Using scp
#### On your host machine:
If you don't already have the uImage and rootfs.squashfs images for your camera then go to <https://github.com/OpenIPC/firmware/releases/tag/latest> and download the latest firmware bundle for your SoC and extract the contents.
```bash
tar xvf <firmware.tgz>
```
If you have built your own versions using a copy of the [firmware repository](https://github.com/OpenIPC/firmware) then your uImage and rootsfs.squashfs images will be in your _output/images_ folder.
Now copy these to the camera using scp.
```bash
scp uImage* rootfs* root@<yourcameraip>:/tmp/
```
On the camera run:
**Note:** If you get an error that '/usr/libexec/sftp-server could not be found' it is because in later versions of scp sftp is now used behind the scenes and this is not built into the busybox implementation currently. To force scp to use the legacy behavour use the -O option so
```bash
scp -O uImage* rootfs* root@<yourcameraip>:/tmp/
```
#### On the camera:
Now create a terminal session with the camera e.g. ssh root@192.168.1.10 and run the sysupgrade command pointing at your new images in /tmp.
```bash
soc=$(fw_printenv -n soc)
sysupgrade --kernel=/tmp/uImage.${soc} --rootfs=/tmp/rootfs.squashfs.${soc} -z
```
### Upgrading from SD card
### Upgrading from an SD card
#### On your host machine
If you don't already have the uImage and rootfs.squashfs images for your camera then go to <https://github.com/OpenIPC/firmware/releases/tag/latest> and download the latest firmware bundle for your SoC and extract the contents
#### SD Card: From Linux
If you have built your own versions using a copy of the [firmware repository](https://github.com/OpenIPC/firmware) then your uImage and rootsfs.squashfs images will be in your _output/images_ folder.
Go to <https://github.com/OpenIPC/firmware/releases/tag/latest> and download the latest firmware bundle for your SoC.
Insert an SD card into your desktop PC. Unpack the bundle and copy its content to the card:
Insert an SD card into your host machine and copy the uImage and squashfs files to the card e.g.
```bash
tar xvf <firmware.tgz>
cp uImage* rootfs* /media/<username>/<card-id>/
```
#### On your camera
Insert the SD card into your camera.
On the camera run:
Create a terminal session and run the following
```bash
soc=$(fw_printenv -n soc)
@ -114,7 +157,7 @@ sf probe 0; sf erase 0x350000 0xa00000; sf write ${baseaddr} 0x350000 ${filesize
### Flashing U-Boot via ymodem
Clean 320K of RAM amd load bootloader file into it:
Clean 320K of RAM and load bootloader file into it:
```bash
mw.b ${baseaddr} 0xff 0x50000

53
ru/run_onvif_simple_server_on_gk7205v200 100644
View File

@ -0,0 +1,53 @@
После нескольких попыток запуска onvif_simple_server на камере с процессором gk7205v200 и получением ошибки 401 Unauthorized был придуман следующий костыль:
Запускаю дополнительный httpd сервер
httpd -p 8080 -h /var/www -c /etc/httpdonvif.conf
содержимое httpdonvif.conf примерно такое:
A:*
/cgi-bin:*:*
В /etc/onvif.config прописываю следующее (пример):
# General
model=OpenIPC ShowMe
manufacturer=OpenIPC
firmware_ver=2.3.7.x
hardware_id=openipc-gk7205v200
serial_num=OPENIPC.ORG
ifs=lo
port=85
scope=onvif://www.onvif.org/Profile/Streaming
user=viewer
password=123456
#Advanced options
#adv_fault_if_unknown=1
#adv_synology_nvr=0
#Profile 0
name=Profile_0
width=1920
height=1080
url=rtsp://127.0.0.1/stream=0
snapurl=http://127.0.0.1/image.jpg
type=H264
#Profile 1
name=Profile_1
width=640
height=480
url=rtsp://127.0.0.1/stream=0
snapurl=http://127.0.0.1/image.jpg?width=640&height=480
type=H264
#PTZ
ptz=1
move_left=motor gk7205v200 1 0
move_right=motor gk7205v200 -1 0
move_up=motor gk7205v200 0 1
move_down=motor gk7205v200 0 -1
#move_stop=motor -d s
#move_preset=xm-kmotor -d t
Onvif работает.