summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Cady <d@cryptonomic.net>2021-10-08 01:50:28 -0400
committerAndrew Cady <d@cryptonomic.net>2021-10-08 04:01:58 -0400
commit07f88c96a6fd5c66c1883c7170e665d18c38861c (patch)
treeb9d5800559732b782685a0ac664abd79e02b8b57
parenteb4d601667665c3b757a917f7c9ad0f2c233fe07 (diff)
new command toxish
-rw-r--r--Makefile3
-rwxr-xr-xscripts/toxish132
2 files changed, 134 insertions, 1 deletions
diff --git a/Makefile b/Makefile
index 60ec88b..f08e26e 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,6 @@
1SOURCES = client.c gitversion.c log.c mach.c main.c util.c 1SOURCES = client.c gitversion.c log.c mach.c main.c util.c
2OBJECTS = $(SOURCES:.c=.o) 2OBJECTS = $(SOURCES:.c=.o)
3SCRIPTS = scripts/tokssh scripts/toxish
3EXECUTABLES = tuntox tuntox_nostatic 4EXECUTABLES = tuntox tuntox_nostatic
4DEB_VERSION = 0.0.9-1 5DEB_VERSION = 0.0.9-1
5DEB_ARCH = amd64 6DEB_ARCH = amd64
@@ -63,7 +64,7 @@ install: tuntox_nostatic
63 install -d -m755 $(DESTDIR)$(bindir) $(DESTDIR)$(etcdir) 64 install -d -m755 $(DESTDIR)$(bindir) $(DESTDIR)$(etcdir)
64 install -d -m700 $(DESTDIR)$(etcdir)/tuntox 65 install -d -m700 $(DESTDIR)$(etcdir)/tuntox
65 install -D -T tuntox_nostatic $(DESTDIR)$(bindir)/tuntox 66 install -D -T tuntox_nostatic $(DESTDIR)$(bindir)/tuntox
66 install -D scripts/tokssh -t $(DESTDIR)$(bindir)/ 67 install -D -t $(DESTDIR)$(bindir) $(SCRIPTS)
67 install -m0644 -D -t $(DESTDIR)$(etcdir)/systemd/system scripts/tuntox.service 68 install -m0644 -D -t $(DESTDIR)$(etcdir)/systemd/system scripts/tuntox.service
68ifeq ($(SKIP_SYSTEMCTL),) 69ifeq ($(SKIP_SYSTEMCTL),)
69 systemctl daemon-reload 70 systemctl daemon-reload
diff --git a/scripts/toxish b/scripts/toxish
new file mode 100755
index 0000000..9f62b53
--- /dev/null
+++ b/scripts/toxish
@@ -0,0 +1,132 @@
1#!/bin/bash
2set -e
3function help
4{
5 PROGNAME=${0##*/}
6 cat <<EOF
7$PROGNAME: Save TunTox numbers in OpenSSH contact list.
8
9Usage: $PROGNAME add <name> <TunTox Number>
10Usage: $PROGNAME connect <name> <TunTox Number>
11
12
13For example, first do this:
14
15 $PROGNAME add billy 4BC18209278C9B2AA1BF9B9B27E671FC47D3DE3B15D175A63CC2C6E01B532A4CAE3D4BE083C8
16
17Then you can connect to billy's SSH server through Tox with this command:
18
19 ssh billy
20
21
22
23It will use Tox for connectivity but provide all the features of ssh (such as
24git, rsync, tunneling with -w, etc).
25
26
27
28It is also possible to use this command:
29
30 $PROGNAME connect <name> <TunTox Number>
31 $PROGNAME connect billy 4BC18209278C9B2AA1BF9B9B27E671FC47D3DE3B15D175A63CC2C6E01B532A4CAE3D4BE083C8
32
33...which will first add the entry, if necessary, and then connect by running the
34command 'ssh billy'.
35
36
37EOF
38}
39
40function main
41{
42 if [ $# = 0 ]
43 then
44 help
45 exit
46 fi
47 case "$1" in
48 add)
49 shift
50 tokssh_add "$@"
51 ;;
52 connect)
53 shift
54 exists_ok
55 tokssh_add "$@"
56 exec ssh "$name"
57 ;;
58 *)
59 help
60 exit 1
61 ;;
62 esac
63 exit
64}
65
66
67function ssh_config_fragment
68{
69 cat <<EOF
70Host $name
71# Cryptographic trust comes from Hostname, which is a Tox key hash.
72#
73# We know we're talking to someone who has this key hash because Tox crypto
74# verifies.
75#
76# Thus we can safely disable StrictHostKeyChecking, and we can use this as a
77# secure channel to obtain and save SSH public keys for the remote server.
78
79StrictHostKeyChecking=no
80Hostname=$toxid
81ProxyCommand=tuntox -C ~/.tuntox/persist -i %h -W localhost:%p
82EOF
83}
84
85function tokssh_add
86{
87 if [ $# != 2 ]
88 then
89 help
90 exit 1
91 fi
92 if [ ${#2} = 76 ]
93 then
94 name=$1
95 toxid=$2
96 elif [ ${#1} = 76 ]
97 then
98 name=$2
99 toxid=$1
100 else
101 echo "$0: Error: Invalid ToxID: $2" >&2
102 exit 1
103 fi
104 mkdir -p ~/.ssh/config.d
105 mkdir -p ~/.tuntox/persist
106 grep -q '^Include config\.d/\*' ~/.ssh/config || sed -i -e '1i Include config.d/*' ~/.ssh/config
107 if grep -q "^Host $name" ~/.ssh/config
108 then
109 if [ "$exists_ok" ]
110 then
111 return
112 else
113 echo "$0: Error: name exists in your .ssh/config. Refused to edit. name=$name" >&2
114 exit 1
115 fi
116 fi
117 out=~/.ssh/config.d/$name
118 if [ -e "$out" ]
119 then
120 if [ "$exists_ok" ]
121 then
122 return
123 else
124 echo "$0: Error: file exists. Refused to edit. file=$out" >&2
125 exit 1
126 fi
127 else
128 ssh_config_fragment > "$out"
129 fi
130}
131
132main "$@"