Updates to README.md

This commit is contained in:
Russ Magee 2018-10-03 22:44:27 -07:00
parent cb7a79063e
commit 767ae7bd07

View file

@ -65,13 +65,10 @@ To build
To set accounts & passwords: To set accounts & passwords:
-- --
* $ echo "joebloggs:*:*:*" >hkexsh.passwd * $ sudo touch /etc/hkexsh.passwd
* $ sudo mv hkexsh.passwd /etc
* $ sudo hkexpasswd/hkexpasswd -u joebloggs * $ sudo hkexpasswd/hkexpasswd -u joebloggs
* $ <enter a password, enter again to confirm> * $ <enter a password, enter again to confirm>
WARNING WARNING WARNING: the -d debug flag will echo passwords to the log/console!
Running Clent and Server Running Clent and Server
-- --
In separate shells A and B: In separate shells A and B:
@ -83,25 +80,39 @@ Interactive shell
One-shot command One-shot command
* [B]$ cd hkexsh && ./hkexsh -x "ls /tmp" joebloggs@host-or-ip * [B]$ cd hkexsh && ./hkexsh -x "ls /tmp" joebloggs@host-or-ip
WARNING WARNING WARNING: the -d debug flag will echo passwords to the log/console!
NOTE if running client (hkexsh) with -d, one will likely need to run 'reset' afterwards NOTE if running client (hkexsh) with -d, one will likely need to run 'reset' afterwards
to fix up the shell tty afterwards as stty echo may not be restored if client crashes to fix up the shell tty afterwards, as stty echo may not be restored if client crashes
or is interrupted. or is interrupted.
File Copying using hkexcp (**EXPERIMENTAL** - See issue tracker) Setting up an 'authtoken' for scripted (password-free) logins
-- --
hkexcp is a symlink to hkexsh, and the binary checks its own filename to determine whether it is being invoked in 'shell' or 'copy' mode. Refer to the '-h' output for differences in accepted options. Use the -g option of hkexsh to request a token from the remote server, which will return a
hostname:token string. Place this string into $HOME/.hkexsh_id to allow logins without
entering a password (obviously, $HOME/.hkexsh_id on both server and client $HOME for the user
should *not* be world-readable.)
File Copying using hkexcp
--
hkexcp is a symlink to hkexsh, and the binary checks its own filename to determine whether
it is being invoked in 'shell' or 'copy' mode. Refer to the '-h' output for differences in
accepted options.
General remote syntax is: user@server:[/]src-or-dest-path General remote syntax is: user@server:[/]src-or-dest-path
If no leading / is specified in src-or-dest-path, it is assumed to be relative to $HOME of the remote user. If no leading / is specified in src-or-dest-path, it is assumed to be relative to $HOME of the
File operations are all performed as the remote user, so account permissions apply as expected. remote user. File operations are all performed as the remote user, so account permissions apply
as expected.
Local (client) to remote (server) copy: Local (client) to remote (server) copy:
* cd hkexsh && ./hkexcp fileA /some/where/fileB /some/where/else/dirC joebloggs@host-or-ip:/remoteDir * cd hkexsh && ./hkexcp fileA /some/where/fileB /some/where/else/dirC joebloggs@host-or-ip:remoteDir
Remote (server) to local (client) copy: Remote (server) to local (client) copy:
* cd hekxsh && ./hkexcp joebloggs@host-or-ip:/remoteDirOrFile /some/where/local/Dir * cd hekxsh && ./hkexcp joebloggs@host-or-ip:/remoteDirOrFile /some/where/local/Dir
NOTE: Renaming while copying is NOT supported (ie., like cp's 'cp /foo/bar/fileA ./fileB).
Put another way, the destination (whether local or remote) is ALWAYS a dir.
NOTE: Renaming while copying is NOT supported (ie., like cp's 'cp /foo/bar/fileA ./fileB). Put another way, the destination (whether local or remote) is ALWAYS a dir. hkexcp uses tar with gzip compression (ala a 'tarpipe') under the hood, sending tar data over
the hkex encrypted channel. Use the -d flag on client or server to see the generated tar
hkexcp uses tar with gzip compression (ala a 'tarpipe') under the hood, sending tar data over the hkex encrypted channel. Use the -d flag on client or server to see the generated tar commandlines if you're curious. commandlines if you're curious.