hyung-hwan/hodu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
311 Commits 1 Branch 0 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
hyung-hwan 0d966108ee new configuration item snis under tls for server use
2026-04-26 13:44:36 +09:00
cmd
new configuration item snis under tls for server use
2026-04-26 13:44:36 +09:00
atom_test.go
generated some unit test files
2026-02-26 04:12:45 +09:00
atom.go
rpty at least working
2025-08-12 02:50:10 +09:00
bulletin_test.go
generated some unit test files
2026-02-26 04:12:45 +09:00
bulletin.go
fixed wrong queue implementation in bulletin.go
2025-03-12 12:08:56 +09:00
client_test.go
generated some unit test files
2026-02-26 04:12:45 +09:00
client-ctl.go
protected session-info endpoints.
2026-04-17 21:23:01 +09:00
client-cts-rpty.go
fixed minor error condition check before setting O_NONBLOCK
2026-04-11 10:33:05 +09:00
client-cts-rpx.go
added a new client configuration item rxc-user
2026-03-18 15:57:31 +09:00
client-cts-rxc.go
fixed minor error condition check before setting O_NONBLOCK
2026-04-11 10:33:05 +09:00
client-metrics.go
adding rxc code for remote execuution - work in progress
2026-03-13 11:44:53 +09:00
client-peer.go
added code for rpx handling
2025-08-19 20:20:18 +09:00
client-pty.go
fixed the formatting of the 'failed to authenticate' message
2026-04-19 23:13:19 +09:00
client-rxc-profile.go
implemented argument manipulation in rxc profile handling
2026-03-20 10:46:59 +09:00
client.go
fixed a bug of an error message as basic auth realm
2026-04-17 17:28:30 +09:00
go.mod
added pty terminal support to the client side
2025-06-21 02:43:28 +09:00
go.sum
added pty terminal support to the client side
2025-06-21 02:43:28 +09:00
hodu_grpc.pb.go
hodu_util_test.go
enhanced to preserve the query string part when redirecting
2026-04-17 23:31:35 +09:00
hodu.go
enhanced to preserve the query string part when redirecting
2026-04-17 23:31:35 +09:00
hodu.pb.go
enhanced to store/load exit status over rxc
2026-03-20 13:47:20 +09:00
hodu.proto
enhanced to store/load exit status over rxc
2026-03-20 13:47:20 +09:00
jwt_test.go
added client token protection for rpty.
2026-04-17 00:58:05 +09:00
jwt-rsa-256.sh
updated usage text in utility files
2026-04-20 16:37:02 +09:00
jwt.go
added client token protection for rpty.
2026-04-17 00:58:05 +09:00
Makefile
added the cert-required action for http access control
2026-04-17 23:06:58 +09:00
package.json
bundled xterm stuffs into a single file.
2026-04-17 14:40:18 +09:00
packet_test.go
generated some unit test files
2026-02-26 04:12:45 +09:00
packet.go
enhanced to store/load exit status over rxc
2026-03-20 13:47:20 +09:00
pty.go
removed UNUSED from the proto file
2025-08-12 16:29:44 +09:00
README.md
added iat and exp to protected client token for rpx
2026-04-16 21:30:54 +09:00
rsa_aes_test.go
added iat and exp to protected client token for rpx
2026-04-16 21:30:54 +09:00
rsa-aes-256-gcm.php
updated usage text in utility files
2026-04-20 16:37:02 +09:00
rsa-aes-256-gcm.py
updated usage text in utility files
2026-04-20 16:37:02 +09:00
rsa-aes.go
added client token protection for rpty.
2026-04-17 00:58:05 +09:00
server-ctl.go
updated the /_ctl/token endpoint to support client-token encipherment
2026-04-21 11:19:41 +09:00
server-cts-rpty.go
adding rxc code for remote execuution - work in progress
2026-03-13 11:44:53 +09:00
server-cts-rpx.go
adding rxc code for remote execuution - work in progress
2026-03-13 11:44:53 +09:00
server-cts-rxc.go
enhanced to store/load exit status over rxc
2026-03-20 13:47:20 +09:00
server-metrics.go
adding rxc code for remote execuution - work in progress
2026-03-13 11:44:53 +09:00
server-peer.go
code touch-up for better maintainability
2025-08-29 10:44:05 +09:00
server-pty.go
fixed the formatting of the 'failed to authenticate' message
2026-04-19 23:13:19 +09:00
server-pxy.go
enhanced to preserve the query string part when redirecting
2026-04-17 23:31:35 +09:00
server-rpx.go
protected session-info endpoints.
2026-04-17 21:23:01 +09:00
server-rxc-job.go
removed job run traversal from server_Rxc_job_to_json by maintaining job level counters
2026-03-21 00:42:01 +09:00
server-rxc.go
fixed minor error condition check before setting O_NONBLOCK
2026-04-11 10:33:05 +09:00
server.go
updated the /_ctl/token endpoint to support client-token encipherment
2026-04-21 11:19:41 +09:00
system.go
enhanced for wpx response transformer
2024-12-27 14:43:44 +09:00
transform_test.go
generated some unit test files
2026-02-26 04:12:45 +09:00
transform.go
rpty at least working
2025-08-12 02:50:10 +09:00
vite.config.js
bundled xterm stuffs into a single file.
2026-04-17 14:40:18 +09:00
xterm-plain.html
bundled xterm stuffs into a single file.
2026-04-17 14:40:18 +09:00
xterm-plain.js
added the cert-required action for http access control
2026-04-17 23:06:58 +09:00
xterm.html
added the cert-required action for http access control
2026-04-17 23:06:58 +09:00

README.md

pty and rpty access

  • ./hodu server --rpc-on=0.0.0.0:9999 --ctl-on=[::1]:8888 --pty-shell=/bin/bash
  • ./hodu client --rpc-to=127.0.0.1:9999 --ctl-on=[::1]:1107 --client-token=test-client --pty-shell=/bin/bash

On the server-side:

  • Access http://[::1]:8888/_rpty/xterm.html?client-token=test-client using a web browser to access a pty session of a remote client.
  • Access http://[::1]:8888/_pty/xterm.html using a web browser to access a local pty session.

On the client-side:

  • Access http://[::1]:1107/_pty/xterm.html using a web browser to access a local pty session.

port based proxy service

  • ./hodu server --rpc-on=0.0.0.0:9999 --ctl-on=0.0.0.0:8888 --pxy-on=0.0.0.0:9998 --wpx-on=0.0.0.0:9997 --rpx-on=0.0.0.0:9996
  • ./hodu client --rpc-to=127.0.0.1:9999 --ctl-on=127.0.0.1:1107 --client-token=tratra --rpx-target-addr=127.0.0.1:1212 "127.0.0.2:22,0.0.0.0:12345,ssh,Access SSH Server" "127.0.0.2:1212,0.0.0.0:12346,http,Http server"

RPX

  • On the client side

    • python -m http.server 1212

  • On the server side

  • If you need to enable protection, you need a rsa key pair.

    • openssl genrsa -traditional -out private.pem 2048
    • openssl rsa -pubout -in private.pem -out public.pem

  • You should generate a encrypted client token and use it.

    • python rsa-aes-256-gcm.py encipher public.pem client-token-value
    • php rsa-aes-256-gcm.php encipher public.pem client-token-value

Given the following configuration snippet:

rpx:
  client-token:
    attr-name: X-Client-Token
    regex:
    submatch-index: 1
    protection: rsa-aes-256-gcm
    token-rsa-key-text:
    token-rsa-key-file: ./private.pem

The http/https caller can add the X-Client-Token header in the request as generated by the rsa-aes-256-gcm utility.

The format of the protected token is:

  • ciphertext = b64url(token)|iat|exp
  • encrypted-aes-key = randomly generated key encrypted with a rsa public key
  • protected-token = b64url(encrypted-aes-key).b64url(nonce).b64url(ciphertext)

WPX

  • On the client side
    • python -m http.server 1212
  • On the server side

Port forwarding to client

  • On the server side
    • ssh -p 12345 127.0.0.1
    • this should establish connection to 127.0.0.2:22 on the client side

SSH Terminal

  • On the server side
    • Access http://127.0.0.1:9998/_ssh/[server-id]/[conn-id]/xterm.html to have the terminal connecting to 127.0.0.2:22

server.json

{
    "server-addr": "127.0.0.1:9999",
    "peer-addrs": [
        "127.0.0.1:22",
        "127.0.0.1:80"
    ]
}

client control channel

Add a new route

clinet-route.json contains the following text:

{
    "id": 0,
    "client-peer-addr": "192.168.1.104:22",
    "client-peer-name": "Star gate",
    "server-peer-option": "tcp4 ssh",
    "server-peer-svc-addr": "0.0.0.0:0",
    "server-peer-svc-net": "",
    "lifetime": "0"
}

Run this command:

curl -X POST --data-binary @client-route.json http://127.0.0.1:1107/_ctl/client-conns/1/routes
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 7.3 MiB
Languages
Go 59.3%
HTML 37.8%
JavaScript 0.9%
PHP 0.9%
Python 0.6%
Other 0.4%