torch-agent/README.md

TORch: Illuminating the Path to your Node

TORch is a solution for creating an SSH-via-Tor backdoor on a remote device as a means of fallback remote management and initial headless device configuration.

Description

Since Tor traffic easily crosses NAT boundries, this is a nice solution for

• fallback connection to remote devices located on other LANs in the event that the network configuration on the remote side changes and the primary connection / VPN fails
• the initial discovery and connection to a headless device like a Raspberry Pi on a local network which is configured via DHCP

A TORch solution consists of 3 processes:

• torch-agent - Installed on remote machine; responsible for creating Tor hidden service and broadcasting the onion hostname an MQTT broker
• MQTT broker - Any MQTT broker, reachable via IPv4 or Tor, through TLS or insecure communications
• torch-subscriber - Listens for and handles onion hostname publications

Installation of TORch Agent (Ubuntu)

Copy the files to the target device

• install-ubuntu2004.sh
• torch-agent.py
• torch.conf
• torch.service

Run the installation script:

vagrant@ubuntu2004:~$ ./install-ubuntu2004.sh

This will create a local user torch and install the TORch agent as a Systemd service named torch

Configuration

The TORch agent will look for a torch.conf configuration in the configuration directory.

The configuation directory can be specified by

• The TORCH_CONFIG_DIR environment variable
• Using the --config-dir commandline option
• Default: /etc/torch

A fully configured example can be found here

See the sample torch.conf file for additional configuration options and details