IoT Remote Command Execution using REST API.

Today, 3 factors affect the work dynamics of companies of all sizes — small, medium and large — around the world today:

  • The pandemic situation,
  • Geographically distributed workforce
  • The trend towards automation (reduce human involvement/errors)

These 3 factors drive the need for secure remote access to resources such as servers, IoT devices and cloud resources. These resources are not centralized in a single location such as a corporate Datacenter, but they are distributed across different geographical regions.

Commonly, remote command or remote script execution on servers and IoT devices is performed using SSH. This is OK for one-off accesses. But not suited well for repeated tasks/jobs. Moreover, it is not easy and straightforward to automate remote command execution via SSH.

In this article, I’ll discuss an elegant, easy and secure way of executing remote commands or jobs using REST APIs.

No. You don’t have to run an SSH server to use this feature. You could request remote jobs to run on your private devices or servers via REST APIs.

Overall Strategy:

Let’s get started.

Install and Setup SocketXP Agent

Note: You don’t have to run an SSH server (port 22) to run this agent. You could even point the agent to connect to some local unused port such as 52233.

Submit a Remote Command

First, let’s submit a remote job to run using the following curl command. You could use the Postman tool to perform the same request.

curl https://api.socketxp.com/v1/job \
-X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <your-auth-token-goes-here>" \
-d '{“JobName”: “test-job-123”, “DeviceId”: "device-12345”, “Command”: “ls -l /home/test-user | grep script” }'

The response to this POST API call, on success (200 OK), would look something like this.

{“JobId”: ”9b4461f7–5c0a-419c-8157-e57c879f4ade”}

Now you could retrieve the status or the result of the job using the above JobId, as shown below.

curl https://api.socketxp.com/v1/job/9b4461f7–5c0a-419c-8157-e57c879f4ade \
-X GET \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <your-auth-token-goes-here>"

And the response to the curl request would look like this:

{
“JobId”:”9b4461f7–5c0a-419c-8157-e57c879f4ade,
”JobName”:”test-job-123",
”DeviceId”:”device-12345,
”Command”:”ls -l /home/test-user | grep script”,
”StartTime”:”Feb 22 2021 07:48”,
”EndTime”:”Feb 22 2021 07:49”,
”Result”:”-rwxrwxrwx 1 test-user test-user 0 Feb 20 05:47 script”
}

The result field will have the execution result (output/errors) of the remote command executed.

Here are the additional sample remote commands you could execute on a remote server or IoT device using SocketXP API Gateway infrastructure.

“sh /home/john/script.sh”
“python /home/john/check_temperature.py”
"reboot"
"service sshd restart"
"echo 'This is the content of the file.' > /home/test-user/config"

Advantanges:

  • secure access via JWT token and TLS connection to the API Gateway
  • ability to automate the API’s using a python or shell script.
  • execute remote commands without having to manually login to the SSH server.
  • Ability to schedule a job to be run on a cluster of servers or nodes or devices.
  • Ability to label a subgroup of servers and submit a job for the label or the subgroup only.
  • Ability to execute a job at a particular time in the future.
  • Ability to invoke a registered webhook API to notify the admin when the job completes. (pull vs push advantage).
  • And many more…

Please give a try and let us know feedback.

If you have a need to customize or add a new functionality to our APIs, feel free to write to us at: support@socketxp.com

Ganesh Velrajan is the founder of SocketXP. Learn more about SocketXP Remote Access Solutions at https://www.socketxp.com