From 4bf94a7854f7a566d0f6d00ac6a867d88a556512 Mon Sep 17 00:00:00 2001 From: Russ Magee Date: Tue, 13 Nov 2018 13:54:07 -0800 Subject: [PATCH] README.md: Tunnel example usage TODO updates Signed-off-by: Russ Magee --- README.md | 14 ++++++++++++++ TODO.txt | 14 ++++++++++---- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index cd98d6f..7546fd9 100644 --- a/README.md +++ b/README.md @@ -136,3 +136,17 @@ Put another way, the destination (whether local or remote) is ALWAYS a dir. hkexcp uses tar with gzip compression (ala a 'tarpipe') under the hood, sending tar data over the hkex encrypted channel. Use the -d flag on client or server to see the generated tar commandlines if you're curious. + +Tunnels +-- +Simple tunnels (only client tunnels from client -> server for now, no reverse +tunnels) are supported. + +Syntax: hkexsh -T={,...} +.. where is + +Example, tunnelling ssh through hkexsh + +* [server side] $ sudo /usr/sbin/sshd -p 7002 +* [client side] $ hkexsh -T=6002:7002 @server.hostname +* [client side] $ ssh user@localhost -p 6002 diff --git a/TODO.txt b/TODO.txt index 1e3add3..c32ea18 100644 --- a/TODO.txt +++ b/TODO.txt @@ -12,16 +12,22 @@ Architecture (ie., hkexsh imports hkex) - hkex should be usable for other client/svr utils, ala 'hkex-netcat') (parts split out into hkexnet/*, hkexsession.go) -- Make KEx fully-pluggable: isolate all code to do with Herradura into a +(DONE) - Make KEx fully-pluggable: isolate all code to do with Herradura into a KEx-neutral pkg so it can be swapped out for other methods (eg., DH etc.) Features (DONE) - Support for hkcp (hkex-cp) - secure file copy protocol -(DONE) auth tokens to allow scripted hkexsh/hkexcp use -- hktun - tunnelling - multiple tunnel sessions co-existing w/shell sessions +(DONE) - auth tokens to allow scripted hkexsh/hkexcp use +(DONE) - tunnelling - multiple tunnel sessions co-existing w/shell sessions +- non-interactive tunnel-only mode +- reverse tunnels Alternate transports for hkexsh.Conn - HTTP-mimicking traffic, ICMP, ... ? (Whatever golang can support for net.Dial(), net.Accept(), io.Reader/Writer should in principle be usable as substrate for hkex.Conn) -- hekxsh-over-ssh + +Install +- init scripts for open-rc/init (and systemd, sigh) +- make install +- common packages (yum/deb/portage)