TORch: Illuminating the Path to your Node
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

61 lines
2.3 KiB

  1. # ![torch-icon](torch.png) TORch: Illuminating the Path to your Node
  2. TORch is a solution for creating an SSH-via-Tor backdoor on a remote device as a means of fallback remote management and initial headless device configuration.
  3. ## Description
  4. Since Tor traffic easily crosses NAT boundries, this is a nice solution for
  5. * fallback connection to remote devices located on other LANs in the event that the network configuration on the remote side changes and the primary connection / VPN fails
  6. * the initial discovery and connection to a headless device like a Raspberry Pi on a local network which is configured via DHCP (use a pre-baked RPi image from [torch-pi-gen](/bj/torch-pi-gen))
  7. A TORch solution consists of 3 processes:
  8. * `torch-agent` - Installed on remote machine; responsible for creating Tor hidden service and broadcasting the onion hostname an MQTT broker
  9. * MQTT broker - Any MQTT broker, reachable via IPv4 or Tor, through TLS or insecure communications
  10. * `torch-subscriber` - Listens for and handles onion hostname publications
  11. Easily launch a TORch Node monitor service using the [`torch-subscriber-docker`](https://git.rudefox.io/bj/torch-subscriber-docker) project
  12. ## Installation
  13. ### Install Package from Rudefox Debian Repo
  14. 1. [Add the Rudefox Repo](https://rudefox.io/repo/) as an `apt` source
  15. 2. Install the `torch-agent` package
  16. ```bash
  17. sudo apt install torch-agent
  18. ```
  19. ### Build Debian Package from Source
  20. If you don't already have a GPG key, generate one:
  21. ```bash
  22. gpg --full-generate-key
  23. ```
  24. Using the e-mail address you provided during GPG key generation, run `build-deb.sh` to build a Debian package and install it
  25. ```bash
  26. ./build-deb.sh [email protected]
  27. apt update && apt install build/torch-agent_0.0.6-1_all.deb
  28. ```
  29. This will:
  30. * create a local user `torch`
  31. * install the TORch agent as a Systemd service named `torch-agent`
  32. * modify `/etc/tor/torrc` to activate control via the Tor Controller port
  33. ## Configuration
  34. The TORch agent will look for a `torch.conf` configuration in the configuration directory.
  35. The configuation directory can be specified by
  36. * The `TORCH_CONFIG_DIR` environment variable
  37. * Using the `--config-dir` commandline option
  38. * Default: `/etc/torch`
  39. A fully configured example can be found [here](example)
  40. See the sample [`torch.conf`](torch.conf) file for additional configuration options and details