One thing many people want to achieve with a Raspberry Pi is a functioning simple web kiosk. Combined with a touchscreen, it could potentially replace ATM machines. Yes, it’s high time we switched to low cost, secure ATM kiosks based on easily available commodity hardware. ATM machines and Kiosks mostly run a Windows XP (!?) on a machine that’s configured to launch only one application and in the event the application crashes, the system shuts down and sends an alert to the bank staff. This can easily be done with a Raspberry Pi. The system should have no problem delivering the complete set of functionality, should be fairly easy to deploy, maintain and secure on a large scale and hey, Raspberry Pi is so tiny, we’ll be spoilt for space inside the ATM machine. (More cash, Yay!). I’m not even going to elaborate on the savings on electricity (go figure!).
The idea of this exercise is simple. You start the system and you get dumped onto a web browser with a specific site loaded. That’s it. Nothing more, nothing less. If the web browser crashes, the system attempts to restart the browser or dies trying
We also need this kiosk thing to be gentle on system resources. So we’ll use lightweight (albeit effective and powerful) applications. The ingredient list is as follows:
Auto Log-in: nodm
Auto X start: we use a simple .xsession file
Window Manager: We’ll be using the full awesomeness of matchbox
Browser: uzbl. Haven’t heard of it? You should totally check it out.
Amazon VPC CIDR (the /16 one) – 172.31.0.0/16 is our example
Ubuntu 14.04 instance launched in a public subnet with EIP attached
EIP of the above machine – 184.108.40.206 is our example
SSH connection to the Ubuntu instance
Setting up the server
We are going to use a distribution of OpenVPN called OpenVPN-NL (http://openvpn.fox-it.com/) because it has more secure defaults than the standard OpenVPN installation that is distributed with Ubuntu. Also, OpenVPN-NL makes use of mbed-TLS (previously PolarSSL) instead of OpenSSL because of its compactness and ease of auditability (is that even a word?). Run all following commands as the root user:Continue reading “Accessing AWS VPC instances using OpenVPN-NL”→