diff --git a/2_generateServCert.sh b/2_generateServCert.sh index 705c079..8734e68 100755 --- a/2_generateServCert.sh +++ b/2_generateServCert.sh @@ -1,28 +1,28 @@ #!/bin/bash ## Server private key -echo -n "Where to save your server's key file? ($PWD/ding_server.key): " +echo -n "Where to save your server's key file? ($PWD/dingd.key): " read temp if [ -n "$temp" ] then save=$temp else - save="$PWD/ding_server.key" + save="$PWD/dingd.key" fi key=$save openssl genrsa -out $save 4096 ## CSR -echo -n "Where to save your Certificate Signing Request (CSR)? ($PWD/ding_server.csr): " +echo -n "Where to save your Certificate Signing Request (CSR)? ($PWD/dingd.csr): " read temp if [ -n "$temp" ] then save=$temp else - save="$PWD/ding_server.csr" + save="$PWD/dingd.csr" fi csr=$save echo -e "\033[01;33mPlease enter some information. THEY MUST BE DIFFERENT FROM THE CA's INFORMATION.\033[00m" @@ -50,14 +50,14 @@ else loadCAkey="$PWD/CA.key" fi -echo -n "Where to save your signed server certificate? ($PWD/ding_server.crt): " +echo -n "Where to save your signed server certificate? ($PWD/dingd.crt): " read temp if [ -n "$temp" ] then save=$temp else - save="$PWD/ding_server.crt" + save="$PWD/dingd.crt" fi echo -n "How many days should the certificate be valid? (365): " diff --git a/3_generateClientCert.sh b/3_generateClientCert.sh index 052ece6..91ef664 100755 --- a/3_generateClientCert.sh +++ b/3_generateClientCert.sh @@ -1,28 +1,28 @@ #!/bin/bash ## Server private key -echo -n "Where to save your client's key file? ($PWD/ding_client.key): " +echo -n "Where to save your client's key file? ($PWD/ding.key): " read temp if [ -n "$temp" ] then save=$temp else - save="$PWD/ding_client.key" + save="$PWD/ding.key" fi key=$save openssl genrsa -out $save 4096 ## CSR -echo -n "Where to save your Certificate Signing Request (CSR)? ($PWD/ding_client.csr): " +echo -n "Where to save your Certificate Signing Request (CSR)? ($PWD/ding.csr): " read temp if [ -n "$temp" ] then save=$temp else - save="$PWD/ding_client.csr" + save="$PWD/ding.csr" fi csr=$save echo -e "\033[01;33mPlease enter some information. THEY MUST BE DIFFERENT FROM THE CA's AND SERVER's INFORMATION.\033[00m" @@ -50,14 +50,14 @@ else loadCAkey="$PWD/CA.key" fi -echo -n "Where to save your signed client certificate? ($PWD/ding_client.crt): " +echo -n "Where to save your signed client certificate? ($PWD/ding.crt): " read temp if [ -n "$temp" ] then save=$temp else - save="$PWD/ding_client.crt" + save="$PWD/ding.crt" fi echo -n "How many days should the certificate be valid? (365): " diff --git a/README.md b/README.md index 12b4ff7..573d69c 100644 --- a/README.md +++ b/README.md @@ -28,12 +28,12 @@ Step 1 to 3 can only be run on UNIX or GNU/Linux. 1. Run `./1_generateCA.sh` to generate a CA. 2. Run `./2_generateServCert.sh` to generate a signed Server Certificate. 3. Run `./3_generateClientCert.sh` to generate a signed Client Certificate. -4. Move `ding_client`, `ding_client.cfg`, `ding_client.crt`, `ding_client.key` and `CA.crt` to the computer which should be able to send commands to the server. - * UNIX or GNU/Linux: Also move `ding_client.cfg` to that computer. - * Windows: Also move `ding_client.win.cfg` to that computer. -5. Do some configuration on the server and client (`ding_server.cfg`, `ding_client.cfg` or `ding_server.win.cfg`, `ding_client.win.cfg` on Windows). -6. Start the server using `./ding_server` or `python .\ding_server` on Windows. (You may want to put this in a tmux session. [Ctrl+B, D] ;) ). -7. Try out the client using `./ding_client ` òr `python .\ding_client ` on Windows. +4. Move `ding`, `ding.cfg`, `ding.crt`, `ding.key` and `CA.crt` to the computer which should be able to send commands to the server. + * UNIX or GNU/Linux: Also move `ding.cfg` to that computer. + * Windows: Also move `ding.win.cfg` to that computer. +5. Do some configuration on the server and client (`dingd.cfg`, `ding.cfg` or `dingd.win.cfg`, `ding.win.cfg` on Windows). +6. Start the server using `./dingd` or `python .\dingd` on Windows. (You may want to put this in a tmux session. [Ctrl+B, D] ;) ). +7. Try out the client using `./ding ` òr `python .\ding ` on Windows. ## Optional: Cleartext password with timeout @@ -45,9 +45,9 @@ You might want to do something like `$ history -c` after sending the password vi ### How to enable the password -1. Open your `ding_server.cfg` or `ding_server.win.cfg`. +1. Open your `dingd.cfg` or `dingd.win.cfg`. 2. Set `pw_on=true`. 3. Set a password, like `password=abc def`. 4. Set a password timeout: `pwtimeout=10` for 10 seconds. -If you have a password with special characters as in spaces and the like, you may want to use quotation marks around your password. `./ding_client "abc def"` or `python .\ding_client "abc def"` on Windows. +If you have a password with special characters as in spaces and the like, you may want to use quotation marks around your password. `./ding "abc def"` or `python .\ding "abc def"` on Windows. diff --git a/ding_client b/ding similarity index 91% rename from ding_client rename to ding index ee9d3b4..7c9b04e 100755 --- a/ding_client +++ b/ding @@ -13,9 +13,9 @@ exitcode = 1 def readConfig(): if(os.name == 'nt'): - CONFIG = "ding_client.win.cfg" + CONFIG = "ding.win.cfg" else: - CONFIG = "ding_client.cfg" + CONFIG = "ding.cfg" cfg = configparser.SafeConfigParser() try: @@ -30,7 +30,7 @@ def readConfig(): certfile = cfg.get("Client", "certfile") keyfile = cfg.get("Client", "keyfile") except configparser.NoSectionError: - print("No suitable config found. Expecting some config in", CONFIG) + print("No suitable config found. Expecting some config in", CONFIG, file=sys.stderr) quit(3) @@ -47,10 +47,10 @@ def send(conn, cmd): print("Error. Server said: The command isn't set on the server.", file=sys.stderr) exitcode = 1 elif(buf == b"ERR CMD_ERR"): - print("Error. Server said: The command doesn't work because the file doesn't exist on the server.") + print("Error. Server said: The command doesn't work because the file doesn't exist on the server.", file=sys.stderr) exitcode = 2 elif(buf == b"ERR PW"): - print("Error. Password required. The password was wrong.") + print("Error. Password required. The password was wrong.", file=sys.stderr) exitcode = 4 elif(b"OK PW" in buf): bufr=str(buf.decode('utf-8')) diff --git a/ding_client.cfg b/ding.cfg similarity index 66% rename from ding_client.cfg rename to ding.cfg index 04efb5b..252b487 100644 --- a/ding_client.cfg +++ b/ding.cfg @@ -5,6 +5,6 @@ port=13573 cafile=CA.crt #Client Certificate/key signed by the CA above -certfile=ding_client.crt -keyfile=ding_client.key +certfile=ding.crt +keyfile=ding.key diff --git a/ding_client.win.cfg b/ding.win.cfg similarity index 62% rename from ding_client.win.cfg rename to ding.win.cfg index 47f2552..aa57089 100644 --- a/ding_client.win.cfg +++ b/ding.win.cfg @@ -5,6 +5,6 @@ port=13573 cafile=CA.crt #Client Certificate/key signed by the CA above -certfile=ding_client.crt -keyfile=ding_client.key +certfile=ding.crt +keyfile=ding.key diff --git a/ding_server b/dingd similarity index 95% rename from ding_server rename to dingd index e977936..6db6dd1 100755 --- a/ding_server +++ b/dingd @@ -3,7 +3,7 @@ # Author: Bandie Canis # License: 2-Clause BSD license -import ssl, socket, subprocess, time, os +import ssl, socket, subprocess, time, os, sys import configparser @@ -104,9 +104,9 @@ def init(): global CONFIG, host, port, cafile, certfile, keyfile, pw_on, password, pwtimeout, tmppw_on, context, bindsocket if(os.name == 'nt'): - CONFIG = "ding_server.win.cfg" + CONFIG = "dingd.win.cfg" else: - CONFIG = "ding_server.cfg" + CONFIG = "dingd.cfg" cfg = configparser.SafeConfigParser() cfg.read(CONFIG) @@ -125,11 +125,10 @@ def init(): else: pw_on = False tmppw_on=pw_on - except configparser.NoOptionError as e: - print("Error in configuration file:", e) + except configparser.NoSectionError as e: + print("Error in configuration file:", e, file=sys.stderr) quit(1) - try: context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH, cafile=cafile) context.load_cert_chain(certfile=certfile, keyfile=keyfile) @@ -156,7 +155,7 @@ def init(): print("Error: Can't bind for port number ", port, ". Permission denied.", sep="") quit(1) - print("Running ding server on ", host, ":", port, + print("Running dingd on ", host, ":", port, "\nConfig: ", CONFIG, "\nCAFile: ", cafile, "\nCertfile: ", certfile, diff --git a/ding_server.cfg b/dingd.cfg similarity index 93% rename from ding_server.cfg rename to dingd.cfg index 24aa672..6c5beb4 100644 --- a/ding_server.cfg +++ b/dingd.cfg @@ -7,10 +7,10 @@ port=13573 cafile=CA.crt # Server's certificate [signed by the CA above] -certfile=ding_server.crt +certfile=dingd.crt # Server's private key -keyfile=ding_server.key +keyfile=dingd.key ## Optional cleartext password # To unlock the commands you need to send the password before sending the command. diff --git a/ding_server.win.cfg b/dingd.win.cfg similarity index 91% rename from ding_server.win.cfg rename to dingd.win.cfg index d343ca1..ea09f66 100644 --- a/ding_server.win.cfg +++ b/dingd.win.cfg @@ -7,10 +7,10 @@ port=13573 cafile=CA.crt # Server's certificate [signed by the CA above] -certfile=ding_server.crt +certfile=dingd.crt # Server's private key -keyfile=ding_server.key +keyfile=dingd.key ## Optional cleartext password # To unlock the commands you need to send the password before sending the command.