torch-agent/README.md

51 lines
2.0 KiB
Markdown

# TORch: Illuminating the Path to your Node
TORch is a solution for creating an SSH-via-Tor backdoor on a remote device as a means of fallback remote management and initial headless device configuration.
## Description
Since Tor traffic easily crosses NAT boundries, this is a nice solution for
* fallback connection to remote devices located on other LANs in the event that the network configuration on the remote side changes and the primary connection / VPN fails
* the initial discovery and connection to a headless device like a Raspberry Pi on a local network which is configured via DHCP
A TORch solution consists of 3 processes:
* `torch-agent` - Installed on remote machine; responsible for creating Tor hidden service and broadcasting the onion hostname an MQTT broker
* MQTT broker - Any MQTT broker, reachable via IPv4 or Tor, through TLS or insecure communications
* `torch-subscriber` - Listens for and handles onion hostname publications
## Build Debian Package
If you don't already have a GPG key, generate one:
```bash
gpg --full-generate-key
```
Using the e-mail address you provided during GPG key generation, run `make-pkg.sh` to build a Debian package and install it
```bash
./make-pkg.sh john@doe.com
apt update && apt install build/torch-agent_0.0.1-1_all.deb
```
This will:
* create a local user `torch`
* install the TORch agent as a Systemd service named `torch-agent`
* modify `/etc/tor/torrc` to activate control via the Tor Controller port
## Configuration
The TORch agent will look for a `torch.conf` configuration in the configuration directory.
The configuation directory can be specified by
* The `TORCH_CONFIG_DIR` environment variable
* Using the `--config-dir` commandline option
* Default: `/etc/torch`
A fully configured example can be found [here](example)
See the sample [`torch.conf`](torch.conf) file for additional configuration options and details
## Roadmap
[ ] Create a [pi-gen](https://github.com/RPi-Distro/pi-gen) image with TORch agent installed and `/boot` partition configuration