Updating RPort

RPort is under active development. Keep your installation up-to-date.

Update the RPort clients

The rport open-source version has been discontinued 2023-09-20. All future version require a valid license subject to a paid subscription.

The latest open-source version is 0.9.12. The below update instructions and scripts will update your client to 1.X.X which is not compatible with server versions 0.9.12 or older.

Do not update clients, unless you have updated the server to 1.X.

It's recommended to run your clients with the latest version of rport. We try to always keep server and client compatible, regardless of the version. Basic connectivity and the usage of tunnels should always be possible with clients running an older version than the server. An exception to that rule is the licence change from 0.9.12 to 1.0.0. Clients >= 1.0 will not connect to an open-source server <= 0.9.12.

A fast and easy update of the rport clients can be done through the pairing service. If you have scripting with root privileges enabled, you can trigger a client update through the rport server.

💡It's safe to execute the update while being connected via SSH or RDP through an RPort tunnel. On Windows and Linux, the rport client is restarted delayed and from a decoupled background process. You will be disconnected, but the client reconnects, and you can create a new tunnel after the update.

On Linux

For systems using Debian packages (Debian & Ubuntu)

From a terminal or via the RPort script execution, execute the following script to update the rport client to the latest version. Execute with root or sudo rights.

at now << EOF
sleep 2
DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install rport
service rport restart
EOF

It's important to wrap the update into the at command to decouple it from the current rport connection. Otherwise, the update would restart the rport client, killing the current connection and the update process, leaving the update unfinished and the client will very likely remain disconnected.

For RHEL-based system using the rport yum repo

From a terminal or via the RPort script execution, execute the following script to update the rport client to the latest version. Execute with root or sudo rights.

at now << EOF
sleep 2
dnf -y --refresh install rport
service rport restart
EOF

For systems not using packages

set -e
if [ $(id -u) -ne 0 ];then 
  echo "Needs to run from the root account. Activate sudo!"
  false
fi
if which at; then
  true
else
  echo "System is missing the at command."
  echo "Try 'dnf -y install at; pidof atd||systemctl start atd' on RHEL"
  echo "Try 'DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install at' on Debian/Ubuntu"
  false
fi
curl -sf https://pairing.rport.io/update > /tmp/rport-update.sh
at now << EOF
sleep 5
sh /tmp/rport-update.sh >/tmp/rport-update.log 2>&1
rm /tmp/rport-update.sh
EOF
echo "The rport client update will shortly start in the background."
echo "If update fails, inspect /tmp/rport-update.log"

The Linux update script accepts parameters as follows:

sh rport-update.sh -h

Usage rport-update.sh [OPTION(s)]

Update the current version of RPort to the latest version.

Options:
-h  print this help message
-v [version] update to the specified version.
-c  update the rport client, default action
-t  use the latest unstable version (DANGEROUS!)
-u  uninstall the rport client and all configurations and logs
-x  enable script execution in rport.conf
-d  disable script execution in rport.conf
-s  create sudo rules to grant full root access to the rport user
-n  do not create sudo rules to grant full root access to the rport user

On Windows

cd $env:temp
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$url="https://pairing.rport.io/update"
Invoke-WebRequest -Uri $url -OutFile "rport-update.ps1"
powershell -ExecutionPolicy Bypass -File .\rport-update.ps1
rm .\rport-update.ps1 -Force

The Windows update script accepts parameters as follows:

PS C:\Users\Administrator> .\rport-update.ps1 -h
Update the rport client.
Invoking without parameters updates to the latest stable version.

Parameters:
-t  Use the latest unstable version.
-x  Enable command and script execution without asking for confirmation.
-d  Disable command and script execution.
-v [version] Upgrade to the specified version.

Update the RPort server

The RPort open-source version has been discontinued 2023-09-20. Any update will now require a valid license, subject to a paid subscription. The rportd process will not start without a license.

We keep all major and minor versions of the rportd and the frontend compatible. Do not run different major and minor versions of frontend and backend.

The rport server has database migrations built-in. But some tables are excluded from auto-migration. An update consists basically of replacing the old rportd binary by a newer version. If you need to change the database manually, we will provide SQL snippets.

For a fast, secure and convenient update, use the update script as follows, read the security advice below first:

rportd-update.sh

export RPORTD_LICENSE_ID=<YOUR-ID>
export RPORTD_LICENSE_KEY=<YOUR-KEY>
curl -s https://get.rport.io/update -o rportd-update.sh
sudo -E bash rportd-update.sh

👉 After the update, use SHIFT-Reload on your browser to purge the old frontend from the cache.

If you already entered your licence details to the rportd.conf file, you must not export them to the environment before starting the update.

Security advise

Exporting your licence key to an environment variable via the export command can be insecure because the key could be extracted from the process list by currently logged in none-root users.

To prevent this, create a text file, e.g. rportd-license-key.txt that contains the line export RPORTD_LICENSE_KEY=<YOUR-KEY>.

Load the environment variables from the file with . ./rportd-license-key.txt and delete the file securely afterwards, e. g. using shred rportd-license-key.txt.

PreviousMonitoring of RPortd NextBacking up the rport server

Last updated 7 months ago

set -e if [ $(id -u) -ne 0 ];then echo "Needs to run from the root account. Activate sudo!" false fi if which at; then true else echo "System is missing the at command." echo "Try 'dnf -y install at; pidof atd||systemctl start atd' on RHEL" echo "Try 'DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install at' on Debian/Ubuntu" false fi curl -sf https://pairing.rport.io/update > /tmp/rport-update.sh at now << EOF sleep 5 sh /tmp/rport-update.sh >/tmp/rport-update.log 2>&1 rm /tmp/rport-update.sh EOF echo "The rport client update will shortly start in the background." echo "If update fails, inspect /tmp/rport-update.log"

sh rport-update.sh -h Usage rport-update.sh [OPTION(s)] Update the current version of RPort to the latest version. Options: -h print this help message -v [version] update to the specified version. -c update the rport client, default action -t use the latest unstable version (DANGEROUS!) -u uninstall the rport client and all configurations and logs -x enable script execution in rport.conf -d disable script execution in rport.conf -s create sudo rules to grant full root access to the rport user -n do not create sudo rules to grant full root access to the rport user

cd $env:temp [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $url="https://pairing.rport.io/update" Invoke-WebRequest -Uri $url -OutFile "rport-update.ps1" powershell -ExecutionPolicy Bypass -File .\rport-update.ps1 rm .\rport-update.ps1 -Force

PS C:\Users\Administrator> .\rport-update.ps1 -h Update the rport client. Invoking without parameters updates to the latest stable version. Parameters: -t Use the latest unstable version. -x Enable command and script execution without asking for confirmation. -d Disable command and script execution. -v [version] Upgrade to the specified version.