# TORch: Illuminating the Path to your Node TORch is a solution for creating an SSH-via-Tor backdoor on a remote device as a means of fallback remote management and initial headless device configuration. ## Description Since Tor traffic easily crosses NAT boundries, this is a nice solution for * fallback connection to remote devices located on other LANs in the event that the network configuration on the remote side changes and the primary connection / VPN fails * the initial discovery and connection to a headless device like a Raspberry Pi on a local network which is configured via DHCP A TORch solution consists of 3 processes: * `torch-agent` - Installed on remote machine; responsible for creating Tor hidden service and broadcasting the onion hostname an MQTT broker * MQTT broker - Any MQTT broker, reachable via IPv4 or Tor, through TLS or insecure communications * `torch-subscriber` - Listens for and handles onion hostname publications ## Installation of TORch Agent (Ubuntu) Copy the files to the target device * `install-ubuntu2004.sh` * `torch-agent.py` * `torch.conf` * `torch.service` Run the installation script: ```bash vagrant@ubuntu2004:~$ ./install-ubuntu2004.sh ``` This will create a local user `torch` and install the TORch agent as a Systemd service named `torch` ## Configuration The TORch agent will look for a `torch.conf` configuration in the configuration directory. The configuation directory can be specified by * The `TORCH_CONFIG_DIR` environment variable * Using the `--config-dir` commandline option * Default: `/etc/torch` A fully configured example can be found [here](example) See the sample [`torch.conf`](torch.conf) file for additional configuration options and details ## Roadmap [] Create a Debian service installation package [] Create a [pi-gen](https://github.com/RPi-Distro/pi-gen) image with TORch agent installed and `/boot` partition configuration