[BTC-dev] (EXPERIMENTAL) A Recipe for the use of Wires via SSH Tunnels.
Stanislav Datskovskiy
stas@loper-os.org
Thu Feb 23 23:51:54 UTC 2017
Name: README.txt
URL: <http://therealbitcoin.org/ml/btc-dev/attachments/20170223/README-0001.txt?sha1=f0f19d88f25b7c6291ab207af073e1318c73b8d2>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Recipe for simple non-diddleable pipes between TRB nodes.
/****************************\
* EXTREME DANGER: *
* FOR LABORATORY USE ONLY. *
********************************
************
**************
****************
**** **** ****
*** *** ***
*** *** ***
*** * * **
******** ********
******* ******
*** **
* ******* **
** * * * * *
** * * ***
**** * * * * ****
**** *** * * ** ***
**** ********* ******
******* ***** *******
********* ****** **
** ****** ******
** ******* **
** ******* ***
**** ******** ************
************ ************
******** *******
****** ****
*** ***
********************************
You will need the 'Wires' patch on the SLAVE:
http://therealbitcoin.org/ml/btc-dev/2017-February/000251.html
PART A -- SLAVE.
1) On the SLAVE:
install (e.g., yum install) autossh.
2) Make a tunnel user, e.g.,
useradd -d /home/tunnel tunnel
and give him an ssh pubkey,
ssh-keygen
Save the pubkey for step 5 of part B.
2) create a script, e.g., do_tunnel.sh :
autossh -f -M 0 -L 9000:127.0.0.1:8333 tunnel@yourmaster.com
3) crontab -e :
@reboot /home/tunnel/do_tunnel.sh
so that it runs on boot.
4) su to your trb user on the slave.
if you have a crontab there that runs trb, set it up like so:
LC_ALL="C" /home/bitcoin/bin/bitcoind -datadir=/home/bitcoin/.bitcoin -myip=$wanip -addwire=127.0.0.1:9000 2>&1 &
PART B -- MASTER.
1) On the MASTER:
create fuckoff.c :
//////////////////////////////////
#include <stdio.h>
#include <unistd.h>
#include <signal.h>
#include <stdlib.h>
void sig_handler(int signo) {
if (signo == SIGHUP) exit(0);
}
int main() {
printf("OK\n");
while(1) { sleep(1); }
exit(0);
}
//////////////////////////////////
2) gcc fuckoff.c -o fuckoff
3) (as root) cp fuckoff /sbin/fuckoff
4) useradd -d /home/tunnel -s /sbin/fuckoff tunnel
this creates a user 'tunnel' with fuckoff shell.
5) vi /home/tunnel/.ssh/authorized_keys :
will have the form:
permitopen="127.0.0.1:8333" ssh-rsa THEPUBKEYGOESHERE tunnel@yourhostname
chown 700 /home/tunnel/.ssh/authorized_keys
6) That's it, boot the slave, it should report a successful connection in
its bitcoin debug log, e.g.,
$ grep wire .bitcoin/debug.log
Connecting to wire node...
127.0.0.1:9000
Added wire node !
and netstat -an will report something like:
...
tcp 0 0 127.0.0.1:9000 127.0.0.1:23591 ESTABLISHED
...
Enjoy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBCgAGBQJYr3VJAAoJELmCKKABq//HzzUH/RqGiQ5ifcwgTdHm0dBrBiFn
o2RNyl9CH/ZUGY0BDe8D50jQMzXwRNxAzQyi//3KAkJgCHLDRD4abRjzoR9CxRPL
SVEBlg5KFvDI/GKV5vSr8qcBTJDMcEIYFrKkwL21jEV8RVbQ0cv6/1WeazacrB6w
jHVIrQLSQ26GBwA13SILyVTVhUQ1uZ7Aym0sC1iSJV3Y2CJtyjeL5HBRf0/mqxAl
Crjdc7hZLfLynOuxSDgrzoDouGrYcgKyeFatt7R3DNfO4gdg8lciKuCza9/JJFBU
xBL0PkucFWmNT6ssQRj/oGlXNTXP7tRya1uzKt3rhGy8mcF+owMeIqQ1sADC1Y0=
=l5aR
-----END PGP SIGNATURE-----
More information about the BTC-dev
mailing list