Once upon a time, in a secluded corner of the city, there was a laboratory tucked away from prying eyes. This laboratory was run by the eccentric Professor Huxley and his faithful assistant, Igor. Professor Huxley was known far and wide for his groundbreaking experiments in the field of Internet of Things (IoT), and Igor, though a bit clumsy at times, was always eager to assist in any way he could.
One sunny morning, Professor Huxley burst into the laboratory, his eyes sparkling with excitement. "Igor, my dear assistant!" he exclaimed, "Today, we shall delve into the mysterious realm of MQTT with Mosquitto!"
Igor blinked, trying to keep up with the professor's rapid pace. "MQTT with Mosquitto, Professor? What's that?"
"MQTT stands for Message Queuing Telemetry Transport, and Mosquitto is an open-source MQTT broker," explained the professor. “It's a protocol commonly used in IoT applications for communication between devices. But before we can begin our exploration, we must first install and configure the Mosquitto service on our trusty UNIHIKER.”
With a flourish, Professor Huxley led Igor to the UNIHIKER terminal and initiated an SSH connection.
# connect via shh
$ ssh root@10.1.2.3
Note: user is root and default password is dfrobot.
"Ah, UNIHIKER, my old friend," mused the professor as the connection was established. "Now, let us install the Mosquitto service."
# update repositories and install latest packages
$ apt update && apt upgrade -y
# search needed packages (optional)
$ apt search mosquitto
$ apt search mosquitto-clients
# get information about packages (optional)
$ apt info mosquitto
$ apt info mosquitto-clients
# install packages
$ apt install -y mosquitto mosquitto-clients
# list packages (optional)
$ apt list mosquitto
$ apt list mosquitto-clients
# get service status (optional)
$ systemctl status mosquitto.service
With the Mosquitto service installed, it is time to configure it but you should stop first the service.
# stop mosquitto service
$ systemctl stop mosquitto.service
The professor then guided Igor through the creation of the configuration file.
# verify folder (optional)
$ ls /etc/mosquitto/conf.d/
# create new file with vim
$ echo 'listener 1883\n\nallow_anonymous false\npassword_file /etc/mosquitto/mqttpasswd\nacl_file /etc/mosquitto/user.acl' > /etc/mosquitto/conf.d/secure.conf
# verify file (optional)
$ cat /etc/mosquitto/conf.d/secure.conf
Content of file: secure.conf
listener 1883
allow_anonymous false
password_file /etc/mosquitto/mqttpasswd
acl_file /etc/mosquitto/user.acl
"Now, Igor, we must create a user/password file to secure our MQTT service," instructed the professor.
# create new file with echo
$ echo 'admin:test123\nsubscriber:test456\npublisher:test789' > /etc/mosquitto/mqttpasswd
# verify file (optional)
$ cat /etc/mosquitto/mqttpasswd
Content of file: mqttpasswd
admin:test123
subscriber:test456
publisher:test789
But the professor wasn't finished yet. "We must update the password file to use hashed passwords and set appropriate permissions," he said.
# update a plain text password file to use hashed passwords
$ mosquitto_passwd -U /etc/mosquitto/mqttpasswd
# change permissions
$ chmod 0640 /etc/mosquitto/mqttpasswd
# verify file (optional)
$ cat /etc/mosquitto/mqttpasswd
Content of file: mqttpasswd
admin:$6$087vRo4NQAsYez7j$iPaV/3b1doRKgveUfpWtGWmR7/s2HslhCfeJrbijqrvajpGA86FmXXKXT2hmL0DBzgyogHMLTh0ae8Hb09oQbA==
subscriber:$6$QtlECMJ3EaVEZt95$Me+/KLwJm7Z+saAnugEIKuv+jA3I0o+6Spc50QImpgvHV0gEiZ2FX0+t6fImrOz9ko9YGNp1AfKUIyGzjkY1bQ==
publisher:$6$vTSiOO8f4SM3jMlH$5jF5kINU/JkbLZTODduoLWW5gB6mvWPW+Lv7J026FbaYVeF/rGn5DuGzNWl1U3/JtyutvQkFWk8Kg2qbENSpxg==
With the user/password file in place, it was time to configure Access Control Lists.
# create new file via vim
$ vim /etc/mosquitto/user.acl
# verify file (optional)
$ cat /etc/mosquitto/user.acl
Content of file: user.acl
user admin
topic read $SYS/#
topic read #
topic write #
user subscriber
topic read devices/sensors/#
user publisher
topic write devices/sensors/temperature
pattern write $SYS/broker/connection/%c/state
The professor then started and enabled the Mosquitto service.
# start mosquitto service
$ systemctl start mosquitto.service
# check status of service (optional)
$ systemctl status mosquitto.service
# start service on boot
$ systemctl enable mosquitto.service
"Now, Igor, it's time to put our MQTT configuration to the test!" exclaimed Professor Huxley.
With bated breath, Igor watched as the professor initiated positive tests for the MQTT configuration.
# test as user admin (terminal 0)
$ mosquitto_sub -u admin -P test123 -d -v -t '$SYS/broker/clients/active'
# test as user subscriber (terminal 1)
$ mosquitto_sub -i test_subscriber -u subscriber -P test456 -d -t devices/sensors/# -v
# test as user publisher (terminal 2)
$ mosquitto_pub -i test_publisher -u publisher -P test789 -d -t devices/sensors/temperature -m 39 -q 0 -r
As the tests ran successfully, Professor Huxley beamed with pride. "Well done, Igor! Our first journey into the world of MQTT with Mosquitto has been a success!"
And so, with their newfound knowledge, the professor and his trusty assistant continued to push the boundaries of IoT, one experiment at a time.
