README
¶
sectra
sectra stands for Secrets Transport. Sensitive information is encrypted and securely transfered by piggybacking on the SSH v2 protocol. It's essential a funny behaving SSH server.
Usage:
- sectra itself needs a host key pair to work. If no SSH key pair exists in
sectra/host_key, a new host key pair will be generated automatically by sectra (requiresssh-keygencommand to be found inPATH).- Warning: The newly created SSH private key will be generated without a passphrase. So please keep it private or better yet, delete it directly after it's not needed anymore.
-
The Up&Running way:
If the user who should connect tot the sectra server has one ore more public SSH keys added to his GitHub profile, then the fastest way to use them with sectra is:$ ./binaries/osx/fetchghkeys/fetchghkeys <GitHub username>This will create a new subdirectory
./data/<GitHub username>, which contains theauthorized_keysfile containing the fetched public SSH keys for the user given by<GitHub username>.
Last thing to do is to create a file./data/<GitHub username>/payloadand put the actual sensitive data to transport into it. Then the the sectra server can be started. -
The manual way:
Create a subdirectory under thedatadirectory which has to match a SSH username that should be allowed to connect to the sectra server. Inside the user-sepcific subdirectory, the public SSH keys of the user who is allowed to connect have to be placed in a file namedauthorized_keysin the same format as used by OpenSSH. A file namedpayloadin the same user-sepcific subdirectory contains the actually sensitive information which should be transfered (make sure it uses DOS line endings (:set ff=dosin Vim)).-
Example directory structure:
. ├── data │ └── username │ ├── authorized_keys │ └── payload ├── host_key │ ├── id_rsa │ └── id_rsa.pub
-
How to run the sectra server (OS X):
# optional (default port is 3333):
#export PORT=3456
# run the sectra server:
$ ./binaries/osx/sectra
How to connect to the sectra server:
$ ssh -q username@<sectra-HOST-IP> -p 3333
If nothing gets displayed on the console, run the ssh command with -vvv to see debug messages.
License
Licensed under the MIT License. See the LICENSE file for details.
TODO
- Tests!
Documentation
¶
There is no documentation for this package.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Godeps
|
|
|
_workspace/src/github.com/google/go-github/github
Package github provides a client for using the GitHub API.
|
Package github provides a client for using the GitHub API. |
|
_workspace/src/github.com/google/go-querystring/query
Package query implements encoding of structs into URL query parameters.
|
Package query implements encoding of structs into URL query parameters. |
|
_workspace/src/github.com/juju/deputy
Package deputy provides more advanced options for running commands.
|
Package deputy provides more advanced options for running commands. |
|
_workspace/src/golang.org/x/crypto/curve25519
Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.
|
Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519. |
|
_workspace/src/golang.org/x/crypto/ssh
Package ssh implements an SSH client and server.
|
Package ssh implements an SSH client and server. |
|
_workspace/src/golang.org/x/crypto/ssh/agent
Package agent implements a client to an ssh-agent daemon.
|
Package agent implements a client to an ssh-agent daemon. |
|
_workspace/src/golang.org/x/crypto/ssh/terminal
Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems.
|
Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems. |
|
_workspace/src/golang.org/x/crypto/ssh/test
This package contains integration tests for the golang.org/x/crypto/ssh package.
|
This package contains integration tests for the golang.org/x/crypto/ssh package. |
|
helper
|
|