[BTC-dev] (EXPERIMENTAL) A Recipe for the use of Wires via SSH Tunnels.

Stanislav Datskovskiy stas@loper-os.org
Thu Feb 23 23:51:54 UTC 2017


Name: README.txt
URL: <http://therealbitcoin.org/ml/btc-dev/attachments/20170223/README-0001.txt?sha1=f0f19d88f25b7c6291ab207af073e1318c73b8d2>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Recipe for simple non-diddleable pipes between TRB nodes.

 /****************************\
*        EXTREME DANGER:       *
*    FOR LABORATORY USE ONLY.  *
********************************
          ************
         **************
        ****************
       ****   ****   ****
       ***     ***    ***
       ***     ***    ***
        ***    * *    **
        ******** ********
        *******   ******
            ***   **
          *  ******* **
          ** * * * * *
    **     *         *     ***
   ****    * *     * *    ****
   ****    *** * * **     ***
    ****    *********   ******
   *******    *****    *******
   *********        ****** **
    **   ******   ******
           **  *******       **
   **       *******         ***
  ****   ********  ************
  ************    ************
   ********             *******
  ******                   ****
   ***                      ***
********************************

You will need the 'Wires' patch on the SLAVE:
http://therealbitcoin.org/ml/btc-dev/2017-February/000251.html


PART A -- SLAVE.

1) On the SLAVE:

   install (e.g., yum install) autossh.

2) Make a tunnel user, e.g.,
   useradd -d /home/tunnel tunnel

   and give him an ssh pubkey,

   ssh-keygen

   Save the pubkey for step 5 of part B.

2) create a script, e.g., do_tunnel.sh :

   autossh -f -M 0  -L 9000:127.0.0.1:8333  tunnel@yourmaster.com

3) crontab -e  :

      @reboot /home/tunnel/do_tunnel.sh

   so that it runs on boot.

4) su to your trb user on the slave.
   if you have a crontab there that runs trb, set it up like so:

   LC_ALL="C" /home/bitcoin/bin/bitcoind -datadir=/home/bitcoin/.bitcoin -myip=$wanip -addwire=127.0.0.1:9000 2>&1 &



PART B -- MASTER.

1) On the MASTER:

create fuckoff.c :

//////////////////////////////////
#include <stdio.h>
#include <unistd.h>
#include <signal.h>
#include <stdlib.h>

void sig_handler(int signo) {
  if (signo == SIGHUP) exit(0);
}

int main() {
  printf("OK\n");
  while(1) { sleep(1); }
  exit(0);
}
//////////////////////////////////

2) gcc fuckoff.c -o fuckoff

3) (as root) cp fuckoff /sbin/fuckoff

4) useradd -d /home/tunnel -s /sbin/fuckoff tunnel

   this creates a user 'tunnel' with fuckoff shell.

5) vi /home/tunnel/.ssh/authorized_keys  :

   will have the form:

   permitopen="127.0.0.1:8333" ssh-rsa THEPUBKEYGOESHERE tunnel@yourhostname

   chown 700 /home/tunnel/.ssh/authorized_keys

6) That's it, boot the slave, it should report a successful connection in
   its bitcoin debug log, e.g.,

   $ grep wire .bitcoin/debug.log  
   
   Connecting to wire node...
   127.0.0.1:9000
   Added wire node !


   and   netstat -an   will report something like:

   ...
   tcp        0      0 127.0.0.1:9000              127.0.0.1:23591             ESTABLISHED
   ...

Enjoy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBCgAGBQJYr3VJAAoJELmCKKABq//HzzUH/RqGiQ5ifcwgTdHm0dBrBiFn
o2RNyl9CH/ZUGY0BDe8D50jQMzXwRNxAzQyi//3KAkJgCHLDRD4abRjzoR9CxRPL
SVEBlg5KFvDI/GKV5vSr8qcBTJDMcEIYFrKkwL21jEV8RVbQ0cv6/1WeazacrB6w
jHVIrQLSQ26GBwA13SILyVTVhUQ1uZ7Aym0sC1iSJV3Y2CJtyjeL5HBRf0/mqxAl
Crjdc7hZLfLynOuxSDgrzoDouGrYcgKyeFatt7R3DNfO4gdg8lciKuCza9/JJFBU
xBL0PkucFWmNT6ssQRj/oGlXNTXP7tRya1uzKt3rhGy8mcF+owMeIqQ1sADC1Y0=
=l5aR
-----END PGP SIGNATURE-----


More information about the BTC-dev mailing list