2020-10-07 13:57:38 +00:00
# ![torch-icon](torch.png) TORch: Illuminating the Path to your Node
2020-10-06 13:14:57 +00:00
TORch is a solution for creating an SSH-via-Tor backdoor on a remote device as a means of fallback remote management and initial headless device configuration.
## Description
Since Tor traffic easily crosses NAT boundries, this is a nice solution for
* fallback connection to remote devices located on other LANs in the event that the network configuration on the remote side changes and the primary connection / VPN fails
2020-10-07 13:43:00 +00:00
* the initial discovery and connection to a headless device like a Raspberry Pi on a local network which is configured via DHCP (use a pre-baked RPi image from [torch-pi-gen ](/bj/torch-pi-gen ))
2020-10-06 13:14:57 +00:00
A TORch solution consists of 3 processes:
* `torch-agent` - Installed on remote machine; responsible for creating Tor hidden service and broadcasting the onion hostname an MQTT broker
* MQTT broker - Any MQTT broker, reachable via IPv4 or Tor, through TLS or insecure communications
* `torch-subscriber` - Listens for and handles onion hostname publications
2020-10-20 10:26:26 +00:00
## Installation
### Install Package from Rudefox Debian Repo
1. Add the [Rudefox Repo ](https://rudefox.io/repo/ ) as an `apt` source
2. Install the `torch-agent` package
```bash
sudo apt install torch-agent
```
### Build Debian Package from Source
2020-10-06 13:14:57 +00:00
2020-10-07 11:13:12 +00:00
If you don't already have a GPG key, generate one:
2020-10-06 13:14:57 +00:00
```bash
2020-10-07 11:13:12 +00:00
gpg --full-generate-key
```
2020-10-08 13:25:08 +00:00
Using the e-mail address you provided during GPG key generation, run `build-deb.sh` to build a Debian package and install it
2020-10-07 11:13:12 +00:00
```bash
2020-10-08 13:25:08 +00:00
./build-deb.sh john@doe.com
2020-10-20 10:25:35 +00:00
apt update & & apt install build/torch-agent_0.0.5-1_all.deb
2020-10-06 13:14:57 +00:00
```
2020-10-07 11:13:12 +00:00
This will:
* create a local user `torch`
* install the TORch agent as a Systemd service named `torch-agent`
* modify `/etc/tor/torrc` to activate control via the Tor Controller port
2020-10-06 13:14:57 +00:00
## Configuration
The TORch agent will look for a `torch.conf` configuration in the configuration directory.
The configuation directory can be specified by
* The `TORCH_CONFIG_DIR` environment variable
* Using the `--config-dir` commandline option
* Default: `/etc/torch`
2020-10-06 13:16:27 +00:00
A fully configured example can be found [here ](example )
2020-10-06 13:14:57 +00:00
2020-10-20 10:26:26 +00:00
See the sample [`torch.conf` ](torch.conf ) file for additional configuration options and details