debian | ||
example | ||
.gitignore | ||
make-pkg.sh | ||
README.md | ||
torch-agent.py | ||
torch-agent.service | ||
torch.conf |
TORch: Illuminating the Path to your Node
TORch is a solution for creating an SSH-via-Tor backdoor on a remote device as a means of fallback remote management and initial headless device configuration.
Description
Since Tor traffic easily crosses NAT boundries, this is a nice solution for
- fallback connection to remote devices located on other LANs in the event that the network configuration on the remote side changes and the primary connection / VPN fails
- the initial discovery and connection to a headless device like a Raspberry Pi on a local network which is configured via DHCP (use a pre-baked RPi image from torch-pi-gen)
A TORch solution consists of 3 processes:
torch-agent
- Installed on remote machine; responsible for creating Tor hidden service and broadcasting the onion hostname an MQTT broker- MQTT broker - Any MQTT broker, reachable via IPv4 or Tor, through TLS or insecure communications
torch-subscriber
- Listens for and handles onion hostname publications
Build Debian Package
If you don't already have a GPG key, generate one:
gpg --full-generate-key
Using the e-mail address you provided during GPG key generation, run make-pkg.sh
to build a Debian package and install it
./make-pkg.sh john@doe.com
apt update && apt install build/torch-agent_0.0.1-1_all.deb
This will:
- create a local user
torch
- install the TORch agent as a Systemd service named
torch-agent
- modify
/etc/tor/torrc
to activate control via the Tor Controller port
Configuration
The TORch agent will look for a torch.conf
configuration in the configuration directory.
The configuation directory can be specified by
- The
TORCH_CONFIG_DIR
environment variable - Using the
--config-dir
commandline option - Default:
/etc/torch
A fully configured example can be found here
See the sample torch.conf
file for additional configuration options and details
Roadmap
[ ] Create a pi-gen image with TORch agent installed and /boot
partition configuration