Skip to content

Home

Jump to bottom Edit New page
Loachy edited this page Aug 22, 2015 · 11 revisions

Prerequisite

  • python 3.4+ on Unix-like system
  • openssl (optional, required to generate certificate and key)

Installation

  • Download 'src' directory to both your server and client.

Configuration

  • cd to 'src' directory

  • Run make_key.sh

    • You will be prompted for some information. For most of them, the default values should do just fine. However, when prompted for 'Common Name', you should enter a arbitrary string and remember it.

  • Edit config.py

    config.py may look something like:

    SERVER = dict(
     run = False,
     listen = ('0.0.0.0', 443),
     connect = ('127.0.0.1', 22),
     password = b'this is a example password',
     certfile = 'cert.pem'
     )

CLIENT = dict(
     run = True,
     listen = ('127.0.0.1', 22),
     connect = ('1.2.3.4', 443),
     password = b'this is a example password',
     hostname = 'server',
     cafile = 'ca.crt'
     )

    As you may see, there are two sections of configuration: SERVER CLIENT.

    Section SERVER:

    This section, except field run, will be ignored by client code.

    • run = True for server configuration, run = False for client configuration.

    • listen = (host, port)

      Specifies what internet address the server should use to communicate with clients. Use 443 for port for better obfuscation. This may, however, require root privilege. Use a number greater then 443 if you could-not/would-not grant root privilege. '0.0.0.0' for host usually suffice for ordinary use.

    • connect = (host, port)

      Specifies what internet address the server should redirect clients' traffic to. To illustrate, lets take an example. Suppose your server is hosting a website which is blocked by firewall, you can set connect = ('127.0.0.1', 80) to unblock your website ('127.0.0.1' is the IP address of your server, with respect to your server itself, and 80 is the port where HTTP is served). Generally speaking, if some service is provided at (host, port) and is accessible for your server, you can make it accessible at your client, by setting connect to that (host, port).

    • password = b'something'

      This is a password for client authentication. Just don't forget the b prefix!

    • certfile = 'cert.pem'

      Path to certificate file. No need to modify if you generate certificate using make_key.sh.

    Section Client:

    This section, except field run, will be ignored by server code.

    • run = True for client configuration, run = False for server configuration.

    • listen = (host, port)

      Listen on the specified address and forward any traffic to server. This address will exhibit (almost) the same behavior as the address specified by SERVER['connect']. See SERVER``connect for further understanding.

    • connect = (host, port)

      host should be the IP address of your server, and port should be the same as specified in SERVER``listen

    • password = b'something'

      Should be the same as SERVER``password, obviously.

    • hostname = 'yourserver.com'

      Recall that I told you to remember the 'Common Name' you entered when running make_key.sh? Now plug it here!

    • cafile = 'ca.crt'

      Path to certificate file. No need to modify if you generate certificate using make_key.sh.

    Note: config.py is different on server and client

Run

  • cd to the directory containing all files

  • type python3 main.py hit Enter

Add a custom footer
Add a custom sidebar

Clone this wiki locally