README.md: Tunnel example usage

TODO updates

Signed-off-by: Russ Magee <rmagee@gmail.com>
This commit is contained in:
Russ Magee 2018-11-13 13:54:07 -08:00
parent 2cb254ef69
commit 4bf94a7854
2 changed files with 24 additions and 4 deletions

View File

@ -136,3 +136,17 @@ Put another way, the destination (whether local or remote) is ALWAYS a dir.
hkexcp uses tar with gzip compression (ala a 'tarpipe') under the hood, sending tar data over hkexcp uses tar with gzip compression (ala a 'tarpipe') under the hood, sending tar data over
the hkex encrypted channel. Use the -d flag on client or server to see the generated tar the hkex encrypted channel. Use the -d flag on client or server to see the generated tar
commandlines if you're curious. commandlines if you're curious.
Tunnels
--
Simple tunnels (only client tunnels from client -> server for now, no reverse
tunnels) are supported.
Syntax: hkexsh -T=<tunspec>{,<tunspec>...}
.. where <tunspec> is <localport:remoteport>
Example, tunnelling ssh through hkexsh
* [server side] $ sudo /usr/sbin/sshd -p 7002
* [client side] $ hkexsh -T=6002:7002 @server.hostname
* [client side] $ ssh user@localhost -p 6002

View File

@ -12,16 +12,22 @@ Architecture
(ie., hkexsh imports hkex) - hkex should be usable for other client/svr utils, (ie., hkexsh imports hkex) - hkex should be usable for other client/svr utils,
ala 'hkex-netcat') ala 'hkex-netcat')
(parts split out into hkexnet/*, hkexsession.go) (parts split out into hkexnet/*, hkexsession.go)
- Make KEx fully-pluggable: isolate all code to do with Herradura into a (DONE) - Make KEx fully-pluggable: isolate all code to do with Herradura into a
KEx-neutral pkg so it can be swapped out for other methods (eg., DH etc.) KEx-neutral pkg so it can be swapped out for other methods (eg., DH etc.)
Features Features
(DONE) - Support for hkcp (hkex-cp) - secure file copy protocol (DONE) - Support for hkcp (hkex-cp) - secure file copy protocol
(DONE) auth tokens to allow scripted hkexsh/hkexcp use (DONE) - auth tokens to allow scripted hkexsh/hkexcp use
- hktun - tunnelling - multiple tunnel sessions co-existing w/shell sessions (DONE) - tunnelling - multiple tunnel sessions co-existing w/shell sessions
- non-interactive tunnel-only mode
- reverse tunnels
Alternate transports for hkexsh.Conn - HTTP-mimicking traffic, ICMP, ... ? Alternate transports for hkexsh.Conn - HTTP-mimicking traffic, ICMP, ... ?
(Whatever golang can support for net.Dial(), net.Accept(), io.Reader/Writer (Whatever golang can support for net.Dial(), net.Accept(), io.Reader/Writer
should in principle be usable as substrate for hkex.Conn) should in principle be usable as substrate for hkex.Conn)
- hekxsh-over-ssh
Install
- init scripts for open-rc/init (and systemd, sigh)
- make install
- common packages (yum/deb/portage)