HKExSh TODO Ideas -- Chaff Improvements - Zipf or other distributions for chaff freq, packetsz - Mimicry of hand-typed traffic for chaff on interactive sessions - Client-input chaff file data (ie., Moby Dick) KEx: Look at ECIES: https://godoc.org/github.com/bitherhq/go-bither/crypto/ecies Architecture (DONE) - Move hkexnet components other than key exchange into a proper hkex package (ie., hkexsh imports hkex) - hkex should be usable for other client/svr utils, ala 'hkex-netcat') (parts split out into hkexnet/*, hkexsession.go) - Make KEx fully-pluggable: isolate all code to do with Herradura into a KEx-neutral pkg so it can be swapped out for other methods (eg., DH etc.) Features (DONE) - Support for hkcp (hkex-cp) - secure file copy protocol - (IN PROGRESS) auth tokens to allow scripted hkexsh/hkexcp use * ~/.hkexsh_id file with multiple (host:token) entries (Currently only one supported - need to support multiple lines for multiple dest servers; client sends host/ip used to connect to server, so multihomed servers can still be specified, with separate entries stored in both server/client ~/.hkexsh_id files. Use connhost here to match against proper entry.) - hktun - tunnelling - multiple tunnel sessions co-existing w/shell sessions Alternate transports for hkexsh.Conn - HTTP-mimicking traffic, ICMP, ... ? (Whatever golang can support for net.Dial(), net.Accept(), io.Reader/Writer should in principle be usable as substrate for hkex.Conn) - hekxsh-over-ssh