Better usage in hyp and hypd readme's
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
2af574fd18
commit
6b1bfb3a01
@ -20,13 +20,15 @@ Compared to most port knocking daemons, hyp is extremely fast, lightweight and h
|
|||||||
|
|
||||||
Port knocking clients have minimal requirements and can run on x86, ARM, MIPS, PowerPC, IBM390, or RISC-V. Currently only supported OS's are Linux and Windows, with support for Android planned to be added in the future.
|
Port knocking clients have minimal requirements and can run on x86, ARM, MIPS, PowerPC, IBM390, or RISC-V. Currently only supported OS's are Linux and Windows, with support for Android planned to be added in the future.
|
||||||
|
|
||||||
The port knocking daemon has more strict requirements and is only available for Linux. It requires the kernel be built with CONFIG_DEBUG_INFO_BTF, which most major distributions have out of the box.
|
The port knocking daemon has more strict requirements and is only available for Linux. It requires the kernel be built with CONFIG_DEBUG_INFO_BTF, which most major distributions have out of the box. Additionally, hypd has some network requirements. hypd is only expected to work on ethernet networks with IPv4.
|
||||||
|
|
||||||
|
Once you get the runtime requirements sorted, be sure to check out the hyp and hypd directories of the repository for README information for how to use hyp.
|
||||||
|
|
||||||
### Build Requirements
|
### Build Requirements
|
||||||
|
|
||||||
Pre-built binaries for configurations I've tested are available on the [releases page](https://deadbeef.codes/steven/hyp/releases). This will likely run in many CPU architectures I haven't tested yet though.
|
Pre-built binaries for configurations I've tested are available on the [releases page](https://deadbeef.codes/steven/hyp/releases). This will likely run in many CPU architectures I haven't tested yet though.
|
||||||
|
|
||||||
To build this yourself, you will need Linux with packages for: git, clang, linux-headers-<architecture> libbpf-dev and golang. Check out the [Dockerfile ](https://deadbeef.codes/steven/hyp/src/branch/main/Dockerfile) as a reference for how the build environment for official releases is configured. Once the environment is ready, you can clone the repo and build.
|
To build this yourself, you will need Linux with packages for: git, clang, linux-headers-<architecture> libbpf-dev and golang. Check out the [Dockerfile](https://deadbeef.codes/steven/hyp/src/branch/main/Dockerfile) as a reference for how the build environment for official releases is configured. Once the environment is ready, you can clone the repo and build.
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
# Clone repository
|
# Clone repository
|
||||||
|
@ -1,9 +1,34 @@
|
|||||||
# hyp-client
|
# hyp | Hide Your Ports Client
|
||||||
|
|
||||||
The client expects there to be a file named hyp.secret in the same directory. This file is generated by the hypd server using ./hypd generate secret.
|
The hyp client is used on machines to perform an authentic knock sequence.
|
||||||
|
|
||||||
|
### Usage
|
||||||
|
|
||||||
|
You can use -h to get help for hyp and all its commands. When figuring out how to do something, -h is your friend.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Example Usage
|
# Get general hyp help
|
||||||
# ./hyp knock <server>
|
./hyp -h
|
||||||
./hyp knock 192.168.50.5
|
|
||||||
```
|
# Get help specific to the hyp knock command
|
||||||
|
./hyp knock -h
|
||||||
|
```
|
||||||
|
|
||||||
|
In order to use the hyp client, it must have the secret. Secrets are generated by hypd, the knock daemon. See the hypd README.md file for more information about generating secrets.
|
||||||
|
|
||||||
|
Once you have the secret, you can then perform an authentic knock sequence to a server.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Assumes secret is in file named my-first-secret in same directory
|
||||||
|
./hyp knock 8.69.4.20 --secret my-first-secret
|
||||||
|
|
||||||
|
# If you omit --secret, hyp will look for a file named hyp.secret
|
||||||
|
./hyp knock 8.69.4.20
|
||||||
|
```
|
||||||
|
|
||||||
|
This will perform a single one-shot knock sequence and then hyp will exit. You can also run hyp in a persistent mode where it will perform an authentic knock sequence at a specified interval.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Performs an authentic knock sequence every 45 minutes
|
||||||
|
./hyp knock 8.69.4.20 --refreshtime=45
|
||||||
|
```
|
||||||
|
@ -1,9 +1,19 @@
|
|||||||
# hypd | Hide Your Ports Daemon
|
# hypd | Hide Your Ports Daemon
|
||||||
|
|
||||||
hypd is the pork knocking daemon which listens for incoming authentic knock sequences.
|
hypd is the pork knocking daemon which listens for incoming authentic knock sequences. When it sees an authentic knock sequence, it then performs an action.
|
||||||
|
|
||||||
### Usage
|
### Usage
|
||||||
|
|
||||||
|
You can use -h to get help for hypd and all its commands. When figuring out how to do something, -h is your friend.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Get general hypd help
|
||||||
|
./hypd -h
|
||||||
|
|
||||||
|
# Get help specific to the hypd generate command
|
||||||
|
./hypd generate -h
|
||||||
|
```
|
||||||
|
|
||||||
Running hypd requires generating secrets which are then shared with hyp clients. hypd is used to generate these secrets, and it's recommended you create a directory just for hyp secrets.
|
Running hypd requires generating secrets which are then shared with hyp clients. hypd is used to generate these secrets, and it's recommended you create a directory just for hyp secrets.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
@ -30,4 +40,6 @@ Once you have set your config file, you can finally run hypd.
|
|||||||
```bash
|
```bash
|
||||||
# As root or sudo, specify the configuration file
|
# As root or sudo, specify the configuration file
|
||||||
sudo ./hypd server hypd.conf
|
sudo ./hypd server hypd.conf
|
||||||
```
|
```
|
||||||
|
|
||||||
|
If you encounter any errors while trying to run, address those. If not, then you're now listening for incoming authentic knock sequences. Make sure you distribute the secret to the client.
|
Loading…
Reference in New Issue
Block a user