mirror of https://gogs.blitter.com/RLabs/xs
README.md: Tunnel example usage
TODO updates Signed-off-by: Russ Magee <rmagee@gmail.com>
This commit is contained in:
parent
2cb254ef69
commit
4bf94a7854
14
README.md
14
README.md
|
@ -136,3 +136,17 @@ Put another way, the destination (whether local or remote) is ALWAYS a dir.
|
||||||
hkexcp uses tar with gzip compression (ala a 'tarpipe') under the hood, sending tar data over
|
hkexcp uses tar with gzip compression (ala a 'tarpipe') under the hood, sending tar data over
|
||||||
the hkex encrypted channel. Use the -d flag on client or server to see the generated tar
|
the hkex encrypted channel. Use the -d flag on client or server to see the generated tar
|
||||||
commandlines if you're curious.
|
commandlines if you're curious.
|
||||||
|
|
||||||
|
Tunnels
|
||||||
|
--
|
||||||
|
Simple tunnels (only client tunnels from client -> server for now, no reverse
|
||||||
|
tunnels) are supported.
|
||||||
|
|
||||||
|
Syntax: hkexsh -T=<tunspec>{,<tunspec>...}
|
||||||
|
.. where <tunspec> is <localport:remoteport>
|
||||||
|
|
||||||
|
Example, tunnelling ssh through hkexsh
|
||||||
|
|
||||||
|
* [server side] $ sudo /usr/sbin/sshd -p 7002
|
||||||
|
* [client side] $ hkexsh -T=6002:7002 @server.hostname
|
||||||
|
* [client side] $ ssh user@localhost -p 6002
|
||||||
|
|
14
TODO.txt
14
TODO.txt
|
@ -12,16 +12,22 @@ Architecture
|
||||||
(ie., hkexsh imports hkex) - hkex should be usable for other client/svr utils,
|
(ie., hkexsh imports hkex) - hkex should be usable for other client/svr utils,
|
||||||
ala 'hkex-netcat')
|
ala 'hkex-netcat')
|
||||||
(parts split out into hkexnet/*, hkexsession.go)
|
(parts split out into hkexnet/*, hkexsession.go)
|
||||||
- Make KEx fully-pluggable: isolate all code to do with Herradura into a
|
(DONE) - Make KEx fully-pluggable: isolate all code to do with Herradura into a
|
||||||
KEx-neutral pkg so it can be swapped out for other methods (eg., DH etc.)
|
KEx-neutral pkg so it can be swapped out for other methods (eg., DH etc.)
|
||||||
|
|
||||||
Features
|
Features
|
||||||
(DONE) - Support for hkcp (hkex-cp) - secure file copy protocol
|
(DONE) - Support for hkcp (hkex-cp) - secure file copy protocol
|
||||||
(DONE) auth tokens to allow scripted hkexsh/hkexcp use
|
(DONE) - auth tokens to allow scripted hkexsh/hkexcp use
|
||||||
- hktun - tunnelling - multiple tunnel sessions co-existing w/shell sessions
|
(DONE) - tunnelling - multiple tunnel sessions co-existing w/shell sessions
|
||||||
|
- non-interactive tunnel-only mode
|
||||||
|
- reverse tunnels
|
||||||
|
|
||||||
Alternate transports for hkexsh.Conn - HTTP-mimicking traffic, ICMP, ... ?
|
Alternate transports for hkexsh.Conn - HTTP-mimicking traffic, ICMP, ... ?
|
||||||
(Whatever golang can support for net.Dial(), net.Accept(), io.Reader/Writer
|
(Whatever golang can support for net.Dial(), net.Accept(), io.Reader/Writer
|
||||||
should in principle be usable as substrate for hkex.Conn)
|
should in principle be usable as substrate for hkex.Conn)
|
||||||
- hekxsh-over-ssh
|
|
||||||
|
Install
|
||||||
|
- init scripts for open-rc/init (and systemd, sigh)
|
||||||
|
- make install
|
||||||
|
- common packages (yum/deb/portage)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue