FPR is an open-source project, thanks to the author.
Here is the GitHub link for the FRP project: https://github.com/fatedier/frp
Why do we need FRP?
Network penetration
As more and more devices around the world are connected to the internet, it is no longer possible to assign a unique IP address to each device. If you have a server at home, or a NAS at home, and you want to access it remotely from outside your home. But there is no public IP at home, this is when you need to use FPR for network penetration, allowing us to remotely access devices at home without a public IP.
Secure Connection
Many times, exposing your devices directly to the public internet is unwise, as many companies are constantly scanning the ports of IP addresses worldwide. For example, if you open your NAS to public internet access, it’s like your NAS is streaking on the internet. If at this time your password is also very simple, then your data is exposed to others completely. However, using FRP can add a layer of security, which is relatively safer.
Preparation
A cloud server with a public IP (Microsoft Azure, GCP, AWS, Alibaba Cloud, Huawei Cloud, etc.)
Installation tutorial (download on both the public network server and the controlled computer)
Check Linux version
dpkg --print-architecture
If the output is arm64, execute this command
wget https://github.com/fatedier/frp/releases/download/v0.61.0/frp_0.61.0_linux_arm64.tar.gz
If it is amd64, then execute the following command
wget https://github.com/fatedier/frp/releases/download/v0.61.0/frp_0.61.0_linux_amd64.tar.gz
If an error “-bash: /usr/bin/wget: No such file or directory” appears, it means that your system has not installed the wget plugin, use the following command to install
sudo apt install wget
Extract files
The download command just now will download a tar.gz compressed file, we use the following command to extract, replace Your_File_Name with the filename you downloaded
tar -zxvf Your_File_Name
Enter directory
For example: “cd frp_0.61.0_linux_amd64/”, depending on the file you downloaded
cd Your_Directory
Configure server side
Modify the configuration file
Open with vim or nano
vim frps.ini
If an error occurs, it’s because you haven’t downloaded vim, you can download vim with the following command
sudo apt install vim
After successfully opening, we modify the configuration file as follows
[common]
# frp listening port, the default one is 7000
bind_port = 7000
# Token, this will be used later
token = Change_To_Your_Token
# Port mapped from the server
vhost_http_port = 9000
# frp website ports
dashboard_port = 7500
# frp webpage user name & password
dashboard_user = admin
dashboard_pwd = admin
enable_prometheus = true
# frp log setting
log_file = /var/log/frps.log
log_level = info
log_max_days = 3
After modifying, we run the following commands to start the frp server side and add frp to startup
sudo mkdir -p /etc/frp
sudo cp frps.ini /etc/frp
sudo cp frps /usr/bin
sudo cp systemd/frps.service /usr/lib/systemd/system/
sudo systemctl enable frps
sudo systemctl start frps
If you are using a cloud server provided by a manufacturer, then you need to open your firewall and add the corresponding policy group at the cloud server company. If you are using a server from a smaller manufacturer, there might not be an integrated security management software, you can try the following command to allow the ports needed by frp
sudo ufw allow 7000
sudo ufw allow 7500
If an error cannot find ufw, you can try downloading ufw
sudo apt install ufw
Configure client side
Modify the configuration file
Similarly, enter this folder to modify the configuration file, note the name of the configuration file has changed
vim frpc.ini
Modify the settings as follows
[common]
server_addr = Your_Server_IP
server_port = 7000 # Same as the listening port on server
token = Your_Token # The token needs to be the same
# SSH
[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000 # (connecting port) you can change this port to any you want
Firewall pass
Generally speaking, the controlled side is usually a home server, usually without a dedicated firewall, so if your home device is Ubuntu, you can try the following command
sudo ufw allow 6000
Start the frp client
./frpc -c frpc.ini
Normally, you will see the connection successful sign if your settings are all correct
Summary
The article only demonstrated how to enable remote access to SSH, but frp can also be used to enable HTTP, HTTPS services.