Appearance
How it works
When you install the Dataplicity agent on a Linux device, it establishes and maintains a secure HTTPS connection to the Dataplicity IoT Router.
When you connect to remote shell or reach a web service through a Wormhole URL, traffic is routed between the browser and device through Dataplicity.
Outbound connections
The device initiates the connection. It does not listen for inbound connections from the internet. This means:
- No port forwarding on customer routers
- No firewall exceptions for inbound SSH or RDP
- Devices work on networks where you do not control the firewall
- Portable devices reconnect automatically when they move between networks
Traffic is routed over encrypted WebSocket connections. The connection is robust enough for flaky internet coverage in remote sites and mobile deployments.
Components
| Component | Role |
|---|---|
| Agent | Software installed on each Linux device. Maintains the outbound connection and handles remote access requests. |
| IoT Router | Dataplicity service that routes connections between your browser and devices. |
| Dashboard | Web interface for device list, remote shell, fleet management, logs, and monitors. |
| Wormhole | Persistent outbound tunnel to a web service running on the device. |
| File retrieval | Resilient transfer for support artifacts. |
What this means in practice
You can access devices anywhere they have a viable internet connection. NAT, firewalls, and dynamic IP addressing are not obstacles because the device always connects outward.
This is the same model whether you are validating one development device or managing hundreds of embedded Linux devices in customer facilities.
Related pages
- Security model - authentication, permissions, and production recommendations
- Firewall requirements - URLs and ports the agent needs
- Remote access - shell, Wormhole, and file retrieval
- Port forwarding compared - how this differs from traditional SSH setup