How to remotely manage your mining rig from your phone?

Remote Access Setup

1. Install a lightweight Linux distribution like Ubuntu Server or Raspbian on the mining rig’s host system. This ensures minimal resource overhead while supporting essential remote protocols.

2. Enable SSH service and configure it to start automatically at boot. Assign a static IP address to the rig via DHCP reservation on the router or through manual network configuration.

3. Set up port forwarding on the home or data center router to direct inbound SSH traffic to the rig’s local IP address. Use non-default ports to reduce automated scan exposure.

4. Generate an SSH key pair on your mobile device or desktop, then copy the public key to the rig’s authorized_keys file for passwordless, secure authentication.

5. Verify connectivity using a terminal app such as Termux on Android or Blink Shell on iOS. Enter the command ssh -p [port] user@public-ip to establish a session.

Mobile Monitoring Tools

1. Deploy Prometheus with Node Exporter on the rig to collect real-time metrics including GPU temperature, fan speed, hash rate, and power draw.

2. Configure Grafana on a cloud VPS or NAS device to visualize those metrics. Share dashboards via publicly accessible links secured with basic HTTP auth.

3. Install the official Grafana mobile app to view live charts without needing to open a browser. Pin frequently used panels for one-tap access.

4. Integrate Telegram Bot API into your monitoring stack. Trigger alerts when core temperature exceeds 85°C or when hashrate drops below 90% of baseline for over five minutes.

5. Use Termux with custom bash scripts to fetch JSON-RPC responses from the miner software (e.g., ethminer --rpc or lolMiner --api) and parse them into human-readable summaries.

Command-Line Miner Control

1. Create shell aliases for common operations: alias rigstart='sudo systemctl start hiveon-agent', alias rigtemp='nvidia-smi --query-gpu=temperature.gpu --format=csv,noheader,nounits'.

2. Write a script named rigctl.sh that accepts arguments like reboot, restart-miner, or check-pools. Embed logic to validate pool connectivity before issuing restart commands.

3. Store the script in /usr/local/bin/ and make it executable with chmod +x. Ensure the mobile user has sudo privileges limited to this script only via visudo.

4. Use Termux’s built-in curl to send POST requests to Hive OS or SimpleMining REST endpoints for rig-wide actions such as firmware updates or overclock profile swaps.

5. Log all remote commands to /var/log/rig-remote.log with timestamps and originating IP addresses for audit purposes. Rotate logs weekly using logrotate.

Security Hardening Measures

1. Disable root login over SSH and enforce key-based authentication exclusively. Remove all unused system users and disable legacy services like Telnet or FTP.

2. Install Fail2ban and configure jail rules to block repeated failed SSH attempts after three failures within ten minutes.

3. Run the mining process under a dedicated unprivileged user account with no shell access. Restrict its filesystem permissions using chroot or systemd scope isolation.

4. Apply mandatory firewall rules via ufw to allow only outbound NTP, pool stratum, and SSH ingress — deny everything else by default.

5. Regularly update the kernel and miner binaries using automated cron jobs that verify GPG signatures before installation.

Frequently Asked Questions

Q: Can I use TeamViewer to control my mining rig?A: TeamViewer is discouraged due to high CPU usage, potential telemetry, and lack of fine-grained permission controls. It also introduces unnecessary attack surface compared to SSH + CLI tools.

Q: Why does my SSH connection time out after 60 seconds?A: The default SSH server idle timeout is often set too low. Edit /etc/ssh/sshd_config and add ClientAliveInterval 30 and ClientAliveCountMax 5 to keep sessions alive longer.

Q: Is it safe to expose my rig’s RPC port to the internet?A: No. Miner RPC interfaces typically lack authentication and encryption. Exposing them invites unauthorized command execution, wallet theft, or firmware tampering. Always restrict RPC access to localhost only.

Q: How do I recover if I lock myself out after misconfiguring SSH?A: Physical access is required to revert changes. Boot from a live USB, mount the root partition, edit /etc/ssh/sshd_config, and restore PermitRootLogin yes or PasswordAuthentication yes temporarily.