TORch: Illuminating the Path to your Node
example | ||
.gitignore | ||
install-ubuntu2004.sh | ||
README.md | ||
torch-agent.py | ||
torch.conf | ||
torch.service |
TORch: Illuminating the Path to your Node
TORch is a solution for creating an SSH-via-Tor backdoor on a remote device as a means of fallback remote management and initial headless device configuration.
Description
Since Tor traffic easily crosses NAT boundries, this is a nice solution for
- fallback connection to remote devices located on other LANs in the event that the network configuration on the remote side changes and the primary connection / VPN fails
- the initial discovery and connection to a headless device like a Raspberry Pi on a local network which is configured via DHCP
A TORch solution consists of 3 processes:
torch-agent
- Installed on remote machine; responsible for creating Tor hidden service and broadcasting the onion hostname an MQTT broker- MQTT broker - Any MQTT broker, reachable via IPv4 or Tor, through TLS or insecure communications
torch-subscriber
- Listens for and handles onion hostname publications
Installation of TORch Agent (Ubuntu)
Copy the files to the target device
install-ubuntu2004.sh
torch-agent.py
torch.conf
torch.service
Run the installation script:
vagrant@ubuntu2004:~$ ./install-ubuntu2004.sh
This will create a local user torch
and install the TORch agent as a Systemd service named torch
Configuration
The TORch agent will look for a torch.conf
configuration in the configuration directory.
The configuation directory can be specified by
- The
TORCH_CONFIG_DIR
environment variable - Using the
--config-dir
commandline option - Default:
/etc/torch
A fully configured example can be found here
See the sample torch.conf
file for additional configuration options and details