Sir FICO
Posts: 29
Joined: Sat Nov 07, 2015 11:34 pm

Mac to RPi program to program

Wed Oct 26, 2016 11:22 pm

I have a python program running on RPi that can control various things. I want to have a master program running on my iMac (python again) that can send information to the RPi program (over the network) in order to get it to trigger the appropriate action. But how to do this?

All I can think is for my iMac program to put a file into a RPi shared directory and for the RPi to poll the directory and take appropriate action depending on the file name. The RPi can then delete this file upon successful action being completed that my iMac program can also monitor.

However I suspect there is probably a better approach for program to program communication on different computers. Does anyone have any tips or pointers as to what may be possible in this regards or where I should be looking for this sort of information. Thanks kindly for any suggestions on this.

Heater
Posts: 13120
Joined: Tue Jul 17, 2012 3:02 pm

Re: Mac to RPi program to program

Thu Oct 27, 2016 8:37 am

Use MQTT.

Basically MQTT is a message exchange system. You run an MQTT server some place then send it messages from your programs, on the same machine or from different machines. Other programs, on the same machine or different machines, can receive those messages.

Install mosquitto on you Pi.

$ sudo apt-get install mosquitto
$ sudo apt-get install mosquitto-clients

Test that it works by sending receiving messages from the command line:

$ mosqitto_sub -h localhost -t "#" -v

Then in a different terminal window:

$ mosqitto_pub -h localhost -t "myMessage" -m "Hello" -v

Then find a Python module that can send an receive MQTT messages to use in your programs. Sorry I'm not into Python so I cannot advise there.

There are plenty of MQTT/mosquitto tutorials around the net.
Last edited by Heater on Thu Oct 27, 2016 12:09 pm, edited 1 time in total.

Sir FICO
Posts: 29
Joined: Sat Nov 07, 2015 11:34 pm

Re: Mac to RPi program to program

Thu Oct 27, 2016 11:28 am

Hi Heater,
Thanks for that info, that sounds just what I was after, I will do some testing on it.

ejolson
Posts: 3425
Joined: Tue Mar 18, 2014 11:47 am

Re: Mac to RPi program to program

Sun Oct 30, 2016 5:17 pm

Heater wrote:Use MQTT.
Does MQTT have enough built-in security that it can be used on the public internet? What are best practices in the case the Pi is behind a firewall and the iMac outside?

User avatar
DavidS
Posts: 4334
Joined: Thu Dec 15, 2011 6:39 am
Location: USA
Contact: Website

Re: Mac to RPi program to program

Sun Oct 30, 2016 5:28 pm

Best principle is to never hook anything that controls anything important to the internet at all, no matter how secure it is supposed to be.

Though otherwise, if you must export some control to the internet for some reason or another, then use the best encryption method you know how to use.
RPi = The best ARM based RISC OS computer around
More than 95% of posts made from RISC OS on RPi 1B/1B+ computers. Most of the rest from RISC OS on RPi 2B/3B/3B+ computers

Heater
Posts: 13120
Joined: Tue Jul 17, 2012 3:02 pm

Re: Mac to RPi program to program

Sun Oct 30, 2016 7:27 pm

ejolson,
Does MQTT have enough built-in security that it can be used on the public internet?
MQTT can be operated over TLS. https://mosquitto.org/man/mosquitto-tls-7.html

Which makes it about as secure as your internet banking connection as far as I can tell. Perhaps even more so as you can insist that both client and server have the certs to authenticate themselves to each other. Also an MQTT client/server setup has far less security issues than your web browser!

Keeping your stuff off the net does not help. Remember Stuxnet?

ejolson
Posts: 3425
Joined: Tue Mar 18, 2014 11:47 am

Re: Mac to RPi program to program

Tue Nov 01, 2016 12:41 am

Heater wrote:MQTT can be operated over TLS. https://mosquitto.org/man/mosquitto-tls-7.html
Thanks, that looks easy enough.

While it is difficult to imagine a Raspberry Pi being used for anything that requires much security, the Pi is also being used as a teaching tool to train people that might later work on something important. As it is not clear how long a particular person's attention span will last, it seems a good idea to discuss security right from the beginning.

As an aside, since the only thing useful to criminals about most Pi computers is being connected to the internet, not connecting your Pi to the internet makes it an uninteresting and therefore unlikely target.

Heater
Posts: 13120
Joined: Tue Jul 17, 2012 3:02 pm

Re: Mac to RPi program to program

Tue Nov 01, 2016 6:21 am

ejolson,
...it is difficult to imagine a Raspberry Pi being used for anything that requires much security,...
You may have read recently about the huge Denial Of Service (DOS) attacks against prominent web sites that has been going on. These attacks come from millions of computers around the world, they are distributed (DDOS). They are very difficult and expensive to defend against.

What are those millions of computers? Used to be insecure Windows machines were taken over. Increasingly though it's insecure IoT devices that have been employed. For example there are millions of web cameras on the net. They run Linux. They are easy to get into. Especially as no body ever changes the default password.

I'm willing to bet there maybe a million or so Pi accessible from the internet. So if one could find a way to take them over they would make a great addition to the DDOS army.

Clearly the bad guys are looking into this. For example when I put a Pi on the net soon enough I see login attempts for user "pi" showing up in the logs.

Actually it's shocking that the Pi comes with a default password like that.

ejolson
Posts: 3425
Joined: Tue Mar 18, 2014 11:47 am

Re: Mac to RPi program to program

Thu Nov 03, 2016 12:45 am

Heater wrote:when I put a Pi on the net soon enough I see login attempts for user "pi" showing up in the logs.
That is why I suggested discussing security of MQTT from the beginning. Setting up a Pi to turn on and off light bulbs is less fun if the entire Pi is subsequently controlled by an unauthorized third party.

At one point in history many Unix computers ran a network service called finger that would publicly report the usernames of everyone currently logged in. Knowing the username is already half the work when using trial-and-error methods to access a computer. Therefore, as a security measure, most systems no longer run the finger service. Similarly, most systems don't allow root to log in remotely.

All releases of Raspbian have a user named pi. Changing the password is good. Since the username is well known, it is still dangerous to allow the pi user to log in remotely.

Changing the name of the pi user is difficult, because it is hard coded into start-up scripts and configuration tools. Instead of an installation program that guides users through the process of creating a new user, setting passwords and otherwise configuring the system, the last update to Raspbian added a splash screen and more colorful icons.

Return to “General programming discussion”