Главная Обзор Помощь
Регистрация Вход
ka-cn
/
vibe-coding-cn
2
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Ветка: dev
Ветки Метки
vibe-coding-cn
/
i18n
/
en
/
documents
/
02-methodology
/
How to SSH to Local Computer from Any Location via Mobile, Based on FRP Implementation.md

How to SSH to Local Computer from Any Location via Mobile, Based on FRP Implementation.md 11 KB
Постоянная ссылка История Исходник

How to SSH to Your Local Computer from Anywhere via Mobile, Based on FRP Implementation

Don't know how to set it up? Install Codex on both your server and computer (if you don't know how, ask GPT; just type commands in the terminal). Then paste this document into Codex and let it configure everything for you. If you really can't figure it out, just contact me: telegram=https://t.me/desci0 x=https://x.com/123olp (P.S.: Paid setup service available)

📌 Prerequisites

Before deploying the FRP server and client, please ensure you have the following environment and tools. These prerequisites are necessary for the FRP tunnel to function correctly.

1. Basic Environment Requirements

✔ A permanently online AWS EC2 instance

  • Recommended OS: Ubuntu 20.04/22.04 (this article uses Ubuntu as an example)
  • Must have a public IP address (AWS provides this by default)
  • Requires permission to modify security group rules (to open FRP ports)

Purpose: To act as the FRP server (frps), providing a fixed access point for your Windows computer.

2. An internet-connected Windows computer

  • Windows 10 or Windows 11
  • Requires normal user privileges (but some configurations need administrator privileges)
  • OpenSSH Server must be installed

Purpose: To act as the FRP client (frpc), automatically connecting to AWS regardless of the network it's on.

3. Required Software / Repositories to Download

✔ FRP (Fast Reverse Proxy)

Official Repository Address:

https://github.com/fatedier/frp

Version used in this deployment:

frp_0.58.1

Download Page:

https://github.com/fatedier/frp/releases

Needed to download:

  • Linux version (for AWS)
  • Windows version (for local computer)

4. Required Software to Install

✔ Windows: OpenSSH Server + OpenSSH Client

Installation Path:

Settings → Apps → Optional features → Add a feature

Purpose: Provides SSH login capability, allowing FRP to forward SSH to Windows.

5. Terminal Tool

✔ Termius (Recommended)

  • Used to connect to your Windows via SSH from your phone or computer
  • Supports generating SSH keys
  • Supports managing multiple hosts

You must use Termius to generate the SSH private key (because you've enabled "key-only login").

Official Download:

https://termius.com

6. Network and Port Requirements

The following ports must be open in the AWS Security Group:

| Port | Purpose | Required | | :---------------------------------------- | :------------------------- | :------- | | FRP Control Port (e.g., 1234 or 114514) | frpc → frps connection | ✔ Required | | SSH Mapping Port (e.g., 12345 or 114515) | Termius → Windows SSH | ✔ Required |

If using UFW (Ubuntu Firewall), also need:

sudo ufw allow <FRP Control Port>/tcp
sudo ufw allow <SSH Mapping Port>/tcp

7. Public Key / Private Key Preparation (Key Login Required)

You need to prepare in advance:

  • SSH private key generated by Termius (local)
  • SSH public key generated by Termius (needs to be placed in Windows' authorized_keys)

This deployment has disabled password login, so the private key must be kept secure, otherwise you will not be able to log in to Windows.

8. Basic Linux Operation Skills

Needs knowledge of the following basic commands (very simple):

cd /path
nano / vim / notepad
chmod / chown
ps -ef | grep
ss -lnpt
nohup <cmd> &
tail -f

All covered in your document, no extra requirements.

📌 Summary of Prerequisites (Final Version)

Must have:
- AWS EC2 (Ubuntu, with public IP)
- Windows computer (OpenSSH Server installed)
- Termius (for SSH + key generation)
- FRP (Download Linux + Windows versions)
- AWS security group has FRP control port and SSH mapping port open
- Termius generated SSH key pair

As long as the above prerequisites are met, your FRP tunnel, SSH key login, and cross-network remote access to your computer will 100% work correctly.

If you wish, I can also help you:

  • String the entire document into a professional, formalized, integrated tutorial
  • Add "Scope, Version Description, Architecture Overview Diagram, Flowchart" to your document
  • Provide a systemd service template for FRP deployment
  • Provide a background frpc auto-start script for Windows (more reliable)

Let me know if you need any of these!

FRP Server Deployment Guide

This guide documents the FRP server configuration and operation methods on the current AWS EC2 (Ubuntu) instance, for future maintenance or reconstruction.

Basic Information

  • Working directory: /home/ubuntu/.frp
  • FRP version: frp_0.58.1_linux_amd64
  • Executable: /home/ubuntu/.frp/frp_0.58.1_linux_amd64/frps
  • Configuration file: /home/ubuntu/.frp/frp_0.58.1_linux_amd64/frps.ini
  • Log file: /home/ubuntu/.frp/frps.log
  • Startup script: /home/ubuntu/.frp/start_frps.sh
  • Listening ports:
    • Control port bind_port = 1234
    • SSH mapping port 12345
  • Token: 123456

Installation Steps

  1. Create directory and download FRP:

    mkdir -p /home/ubuntu/.frp
cd /home/ubuntu/.frp
wget https://github.com/fatedier/frp/releases/download/v0.58.1/frp_0.58.1_linux_amd64.tar.gz
tar -zxf frp_0.58.1_linux_amd64.tar.gz

  2. Create configuration /home/ubuntu/.frp/frp_0.58.1_linux_amd64/frps.ini:

    [common]
bind_port = 1234
token = 123456

  3. Write startup script /home/ubuntu/.frp/start_frps.sh (ready):

    #!/usr/bin/env bash
set -euo pipefail
BASE_DIR="$(cd "$(dirname "$0")" && pwd)"
FRP_DIR="$BASE_DIR/frp_0.58.1_linux_amd64"
FRPS_BIN="$FRP_DIR/frps"
CONFIG_FILE="$FRP_DIR/frps.ini"
LOG_FILE="$BASE_DIR/frps.log"

if ! [ -x "$FRPS_BIN" ]; then
 echo "frps binary not found at $FRPS_BIN" >&2
 exit 1
fi
if ! [ -f "$CONFIG_FILE" ]; then
 echo "Config not found at $CONFIG_FILE" >&2
 exit 1
fi

PIDS=$(pgrep -f "frps.*frps\.ini" || true)
if [ -n "$PIDS" ]; then
 echo "frps is running; restarting (pids: $PIDS)..."
 kill $PIDS
 sleep 1
fi

echo "Starting frps with $CONFIG_FILE (log: $LOG_FILE)"
cd "$FRP_DIR"
nohup "$FRPS_BIN" -c "$CONFIG_FILE" >"$LOG_FILE" 2>&1 &

sleep 1
PIDS=$(pgrep -f "frps.*frps\.ini" || true)
if [ -n "$PIDS" ]; then
 echo "frps started (pid: $PIDS)"
else
 echo "frps failed to start; check $LOG_FILE" >&2
 exit 1
fi

Start and Stop

  • Start/Restart:

    cd /home/ubuntu/.frp
bash ./start_frps.sh

  • Check process: ps -ef | grep frps

  • Check listening: ss -lnpt | grep 1234

  • View logs: tail -n 50 /home/ubuntu/.frp/frps.log

  • Stop (if manual): pkill -f "frps.*frps.ini"

Security Group and Firewall

  • AWS Security Group (sg-099756caee) needs to open inbound TCP 1234 (FRP control) and 12345 (SSH mapping).

  • If using ufw, execute:

    sudo ufw allow 1234/tcp
sudo ufw allow 12345/tcp

Remote Client Requirements

  • In Windows frpc.ini, server_addr points to this EC2 public IP, server_port=1234, remote_port=12345, token matches server.
  • Termius/SSH client uses ssh lenovo@<AWS IP> -p 12345, authentication method is key (private key generated by Termius Keychain).

Maintenance Suggestions

  • FRP official has indicated that INI format will be deprecated in the future; subsequent upgrades recommend switching to TOML/YAML.
  • start_frps.sh can be registered as a systemd service to ensure automatic startup after instance reboot.
  • Regularly check frps.log for abnormal connections or errors, and ensure the token is not leaked.

FRP Windows Client Configuration Guide

Last Updated: 2025-12-05 Applicable Environment: Windows 10/11, user lenovo, OpenSSH Server already installed on this machine.

I. Directories and Files

  • FRP Program Directory: C:\frp\
    • frpc.exe
    • frpc.ini (client configuration)
    • start_frpc.bat (background startup script)
  • SSH Keys:
    • Private key: C:\Users\lenovo.ssh\666
    • Public key: C:\Users\lenovo.ssh\666.pub
    • Administrator authorized public key: C:\ProgramData\ssh\666_keys

II. frpc.ini Content (currently effective) [common] server_addr = 13.14.223.23 server_port = 1234 token = 123456

[ssh] type = tcp local_ip = 127.0.0.1 local_port = 22 remote_port = 12345

III. Startup and Autostart 1) Manual foreground verification (optional) PowerShell: cd C:\frp .\frpc.exe -c frpc.ini

2) Background quick start Double-click C:\frp\start_frpc.bat

3) Startup autostart (simple way) Copy start_frpc.bat to the Startup folder: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Automatically starts in the background on next login.

IV. SSH Connection Method

  • Terminal command: ssh -i "C:\Users\lenovo.ssh\666" -p 12345 lenovo@13.14.223.23

  • Termius entry: Host 13.14.223.23 Port 12345 User lenovo Key Select C:\Users\lenovo.ssh\666 (no passphrase)

V. Permissions and Security

  • Private key permissions restricted to lenovo, SYSTEM readable.
  • sshd has password login disabled (PasswordAuthentication no), key-only.
  • Administrator group users use C:\ProgramData\ssh\666_keys as the authorization list.

VI. Common Checks

  • Check frpc running: Task Manager or netstat -ano | findstr 1234
  • Check frpc logs (WSL version, if needed): /tmp/frpc-wsl.log
  • Test SSH: If the above ssh command returns ok, it's working.

VII. Troubleshooting Quick Reference

  • "Permission denied (publickey)":
    • Confirm 666 public key is in C:\ProgramData\ssh\666_keys
    • Confirm private key path/permissions are correct.
  • "Connection refused": frps not running or ports 1234/12345 not open.
  • frpc not connecting: Run frpc in foreground to check prompts, or check if server_addr, token in frpc.ini match.

Termius (Mobile) Connection Steps:

  1. Create Host
    • Host (Address): 13.14.223.23
    • Port: 12345
    • Label can be customized (e.g., FRP-Home)
  2. Authentication method select Key
    • In Authentication, select Key
    • Click Import Key (or "From file/paste")
    • Import the content of the local private key 666 (it is recommended to transfer it securely to the mobile phone and then paste it; if Termius supports importing from a file, select that file). The private key content is at PC path: C:\Users\lenovo.ssh\666 (plain text, starting with -----BEGIN OPENSSH PRIVATE KEY-----).
    • Leave Passphrase empty (this key has no passphrase).
  3. Username
    • Username: lenovo
  4. Save and Connect
    • Accept the fingerprint prompt on first connection.
  5. Optional Security Measures
    • Set a local encryption password for this private key in Termius (App-layer protection).
    • If it is inconvenient to copy the private key, you can generate a new key on the mobile end and append its public key to C:\ProgramData\ssh\666_keys, but currently 666 is already usable, just import as above.

One-click startup command (execute in current administrator PowerShell)

Allow, prevent blocking & direct foreground startup

Add-MpPreference -ExclusionPath "C:\frp" Unblock-File C:\frp\frpc.exe cd C:\frp .\frpc.exe -c frpc.ini

If you want to start in the background (without occupying a window):

cd C:\frp Start-Process -FilePath ".\frpc.exe" -ArgumentList "-c frpc.ini" -WindowStyle Hidden

Need autostart on boot (highest privilege):

schtasks /Create /TN "FRPClient" /TR "C:\frp\frpc.exe -c C:\frp\frpc.ini" /SC ONLOGON /RL HIGHEST /F /RU lenovo