Autonomous systems are moving out of the lab and into the field. Inspection UAVs (unmanned aerial vehicles) lift off from rooftop docking stations, quadruped robots and UGVs (unmanned ground vehicles) patrol industrial sites and farms, and USVs (unmanned surface vehicles) survey harbors, offshore wind farms, and inland waterways. What they all have in common is that they are deployed far from the engineers who built them — and that nobody wants to drive, fly, or sail out to a remote site just to reboot a service or inspect a log file.
A typical autonomous platform today is built around an NVIDIA Jetson mission computer running Linux and the Robot Operating System (ROS), paired with a web-based command-and-control (C2) interface for mission planning, telemetry, and live video. Giving operators and developers reliable remote access to all of these surfaces — without exposing the device to the open internet — is one of the harder problems in modern robotics deployment.
Field robots are almost never reachable directly. UAVs and UGVs typically sit behind 4G/5G routers with carrier-grade NAT, USVs rely on satellite or cellular links with similarly restrictive addressing, and stationary docking infrastructure is usually tucked behind a customer firewall. Public IPv4 addresses are scarce and rarely allocated to mobile devices. Classic answers — VPNs, port forwarding with dynamic DNS, or rolling your own reverse-tunnel infrastructure — are either complex to operate at fleet scale, insecure, or both. And every open port on a robot is a potential attack surface on a system that may be carrying a camera, a manipulator, or several kilograms of payload at altitude or at sea.
macchina.io REMOTE takes a different approach.
A lightweight Device Agent (WebTunnelAgent) running on the Jetson opens an
outbound, TLS-encrypted WebSocket tunnel to the macchina.io REMOTE server. The device never
needs an open inbound port, and never gets a public IP. From the operator's point of view, every
UAV, UGV, or USV in the fleet simply becomes a host on the internet, addressable by its own URL
and protected by user authentication, role-based permissions, and optional TOTP-based two-factor
authentication.
Four capabilities matter most for autonomous platforms:
Remote access to the C2 web UI. Because macchina.io REMOTE transparently tunnels HTTP, the web-based mission console running on the Jetson — whether it is a custom React frontend or a vendor-supplied dashboard — is reachable from any browser through the macchina.io REMOTE server. REST APIs exposed by ROS bridges or mission services are forwarded the same way, which makes integration with mobile apps and back-office systems straightforward.
SSH for troubleshooting. When something misbehaves at 2 a.m. — a ROS node crashing, a sensor driver failing to initialize, a disk filling up — engineers need a real shell. macchina.io REMOTE tunnels SSH (and SFTP/SCP for log retrieval and patch deployment) through the same secure channel, with no extra firewall rules on either side.
HTTP-based live video streaming. Live video from onboard cameras can be served as MJPEG, HLS, or MPEG-DASH from a small HTTP server on the Jetson, then consumed over the macchina.io REMOTE tunnel by the C2 UI or an operations dashboard. Because the transport is plain HTTP under the hood, no special streaming infrastructure is required, and the same authentication and TLS protections apply.
MAVLink telemetry and log retrieval. Drones built on PX4 or ArduPilot expose
their telemetry, parameters, and onboard logs via the MAVLink protocol, typically over a TCP
port on the companion computer. Using the remote-client command-line tool, ground
control software such as QGroundControl or MAVProxy — or a custom log-download script
— can open a tunneled TCP connection straight to the autopilot's MAVLink endpoint on the
Jetson. Flight logs can be pulled after every mission for post-flight analysis, parameters can
be inspected or updated, and live telemetry can be streamed for remote monitoring, all over the
same authenticated, TLS-protected channel.
For a single drone on a workbench, almost any remote access hack will do. For a mixed fleet of UAVs, UGVs, and USVs spread across customer sites, the requirements are different: zero open ports, encrypted end-to-end, centrally managed users, auditable access, and easily scriptable through a REST API. The combination of a Jetson-based mission computer, ROS, a web C2 system, and macchina.io REMOTE gives autonomous platform builders a path from working prototype to deployable product without having to reinvent the secure-connectivity layer along the way.
Ready to integrate secure remote access into your autonomous system?