-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Recipe for simple non-diddleable pipes between TRB nodes. /****************************\ * EXTREME DANGER: * * FOR LABORATORY USE ONLY. * ******************************** ************ ************** **************** **** **** **** *** *** *** *** *** *** *** * * ** ******** ******** ******* ****** *** ** * ******* ** ** * * * * * ** * * *** **** * * * * **** **** *** * * ** *** **** ********* ****** ******* ***** ******* ********* ****** ** ** ****** ****** ** ******* ** ** ******* *** **** ******** ************ ************ ************ ******** ******* ****** **** *** *** ******************************** You will need the 'Wires' patch on the SLAVE: http://therealbitcoin.org/ml/btc-dev/2017-February/000251.html PART A -- SLAVE. 1) On the SLAVE: install (e.g., yum install) autossh. 2) Make a tunnel user, e.g., useradd -d /home/tunnel tunnel and give him an ssh pubkey, ssh-keygen Save the pubkey for step 5 of part B. 2) create a script, e.g., do_tunnel.sh : autossh -f -M 0 -L 9000:127.0.0.1:8333 tunnel@yourmaster.com 3) crontab -e : @reboot /home/tunnel/do_tunnel.sh so that it runs on boot. 4) su to your trb user on the slave. if you have a crontab there that runs trb, set it up like so: LC_ALL="C" /home/bitcoin/bin/bitcoind -datadir=/home/bitcoin/.bitcoin -myip=$wanip -addwire=127.0.0.1:9000 2>&1 & PART B -- MASTER. 1) On the MASTER: create fuckoff.c : ////////////////////////////////// #include #include #include #include void sig_handler(int signo) { if (signo == SIGHUP) exit(0); } int main() { printf("OK\n"); while(1) { sleep(1); } exit(0); } ////////////////////////////////// 2) gcc fuckoff.c -o fuckoff 3) (as root) cp fuckoff /sbin/fuckoff 4) useradd -d /home/tunnel -s /sbin/fuckoff tunnel this creates a user 'tunnel' with fuckoff shell. 5) vi /home/tunnel/.ssh/authorized_keys : will have the form: permitopen="127.0.0.1:8333" ssh-rsa THEPUBKEYGOESHERE tunnel@yourhostname chown 700 /home/tunnel/.ssh/authorized_keys 6) That's it, boot the slave, it should report a successful connection in its bitcoin debug log, e.g., $ grep wire .bitcoin/debug.log Connecting to wire node... 127.0.0.1:9000 Added wire node ! and netstat -an will report something like: ... tcp 0 0 127.0.0.1:9000 127.0.0.1:23591 ESTABLISHED ... Enjoy. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBCgAGBQJYr3VJAAoJELmCKKABq//HzzUH/RqGiQ5ifcwgTdHm0dBrBiFn o2RNyl9CH/ZUGY0BDe8D50jQMzXwRNxAzQyi//3KAkJgCHLDRD4abRjzoR9CxRPL SVEBlg5KFvDI/GKV5vSr8qcBTJDMcEIYFrKkwL21jEV8RVbQ0cv6/1WeazacrB6w jHVIrQLSQ26GBwA13SILyVTVhUQ1uZ7Aym0sC1iSJV3Y2CJtyjeL5HBRf0/mqxAl Crjdc7hZLfLynOuxSDgrzoDouGrYcgKyeFatt7R3DNfO4gdg8lciKuCza9/JJFBU xBL0PkucFWmNT6ssQRj/oGlXNTXP7tRya1uzKt3rhGy8mcF+owMeIqQ1sADC1Y0= =l5aR -----END PGP SIGNATURE-----