blob: 88b784fcfe630c57b3993f2eba8175b261e2f5a4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
.TH RAPID-TUNNELING 8 "2011-06-14"
.SH NAME
rapid-tunneling \- Initiate a RapidTunneling tunnel
.SH SYNOPSIS
.B rapid-tunneling
.I [options] remote-access-file
.SH DESCRIPTION
.B rapid-tunneling
initiates a tunnel to the server whose details are provided in
.I remote-access-file.
This parameter is required.
It must be run by the support user, as it relies on status files in the
home directory of that user.
This file is a tarball. Its content is described in the README.
But some technical details anyway:
rapid-tunneling is intended to run as the support user (e.g.: through
sudo). It will generate a new temporary private key that is allowed to
connect to the support user. Next it will daemonize and connect to the
remote support server. The daemonized ssh process (if connected) keeps
the tunnel running. It also makes port 22 of the local system available
to the remote system (through ssh \-R).
The private key is sent upon connection to the remote server, which
allow the operator of the remote server to connect locally.
.SH OPTIONS
The following options allow you to override settings from the tarball with
your own.
.B \-c
.RS
Save a copy of the tarball as $HOME/rapid-tunneling/remote-access.tar.gz .
.RE
.B \-D
.RS
Stay in the background and don't daemonize. Useful when running under a monitor
process (upstart, systemd) or for debugging.
.RE
.B \-h \fIhost\fR
.RS
Overide the SSH host name of the server.
.RE
.B \-p \fIport\fR
.RS
Overide the SSH port number of the server.
.RE
.B \-u \fIuser\fR
.RS
Overide the SSH username to use. Normally should not be needed.
.RE
.SH FILES
.B $HOME/.rapid-tunneling/pid
.RS
PID of the potentially currently running process. Used by
rapid\-tunneling\-status to check for it. That directory may include
several other files.
.RE
.B $HOME/.ssh/authorized_keys
.RS
Adds an entry here with the key sent over to the server. The comment
for the key is 'rapid\-tunneling'.
.RE
.SH SEE ALSO
Full description of the operation is provided in the README file, which
may be /usr/share/doc/rapid\-runneling/README.gz (Debian)
/usr/share/doc/rapid-tunneling-1.*/README (RedHat and similar) or
similar locations on binary packages.
.BR rapid\-tunneling\-status (8)
is used to control the connection.
.SH BUGS
Before running rapid-tunneling, better be sure that the remote-access-file
comes indeed from a trusted source. Recall that once you initiate a tunnel,
the operator at the remote side can log into your system.
Also, in order to simplify the implementation, we currently only allow a
single tunnel per-user. Shouldn't be too much of a problem to fix.
.SH AUTHOR
RapidTunneling was written by Alex Landau <alex.landau@xorcom.com>.
This manual page was written by Tzafrir Cohen <tzafrir.cohen@xorcom.com>
|
