diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..465945c --- /dev/null +++ b/README.md @@ -0,0 +1,93 @@ + +# lrpb + +Means "last resort primitive backdoor". + +For when you can't log in via ssh but something's still alive... + + +## Requirements + +- bash 4+ +- GNU tar +- curl or wget +- signify from openbsd +- rsync +- ssh + + +## Installation + + make install + + +## Client side usage + +First, create a pair of keys: + + signify -G -p myname.pub -s myname.sec + +Then write a script you want to be launched on remote side: + + #!/bin/sh + touch ~/helloworld-it-works + +Write lrpb client config to `client.conf`: + + # ssh config + upload_host=mydomain.org + upload_port=22 + upload_user=user + upload_path=/home/user/www/lrpb + + name=myname + + signify_path=/bin/signify + seckey_path=./myname.sec + +Finally, sign and upload it to some remote server you control: + + lrpb upload -c ./client.conf -f ./script.sh + +On remote server, set up some http server (nginx, lighttpd, apache, whatever) that serves directory you upload to. +The script will upload archive name `myname.tar.gz` and it must be accessible by http. + + +## Server side usage + +Copy public key to `/etc/lrpb.pub` on the server (or anywhere you +want, just make sure to set correct path in the config). + +Write lrpb server config and save it to `/etc/lrpb.conf`: + + url="https://mydomain.org/lrpb/" + pubkey_path=/etc/lrpb.pub + name=myname + signify_path=/usr/bin/signify-openbsd + cwd=/var/lrpbfsq + cache_file=/var/lrpbfs/cache + +> Optionally, make `/var/lrpbfs` a tmpfs mountpoint. Add to `/etc/fstab`: +> +> ``` +> tmpfs /var/lrpbfs tmpfs size=1M,mode=1755,uid=1000,gid=1000 0 0 +> ``` +> +> Then mount it: +> ``` +> mount /var/lrpbfs +> ``` + +Test that it works: + + lrpb exec + +Add cron task (`crontab -e`): + + 0,30 * * * * /usr/local/bin/lrpb exec + + +## License + +BSD-2c + |