steven/hyp
1
1
Fork 0
Code Issues 6 Pull Requests Packages Projects 1 Releases 1 Wiki Activity

Close Ports When Done #6

New Issue
Closed
opened 2024-04-10 03:49:55 +00:00 by steven · 3 comments
steven commented 2024-04-10 03:49:55 +00:00
Owner
Copy Link

There is no mechanism to close the port, only to open the port when the authentic knock sequence is received.

I'm thinking one approach is to make the hyp client as a continuously running process/daemon instead of a oneshot and exit. If left running, this would then enable your ports to open up and follow you whereever you connect from.

The hypd-server would require tracking clients that have successfully knocked, as well as the last time they succeeded. There also needs to be a timeout value, with a reasonable default (1 hour?)

The client would need to perform periodic refreshes in the background, maybe just under 1/3 of the server timeout value?

There is no mechanism to close the port, only to open the port when the authentic knock sequence is received. I'm thinking one approach is to make the hyp client as a continuously running process/daemon instead of a oneshot and exit. If left running, this would then enable your ports to open up and follow you whereever you connect from. The hypd-server would require tracking clients that have successfully knocked, as well as the last time they succeeded. There also needs to be a timeout value, with a reasonable default (1 hour?) The client would need to perform periodic refreshes in the background, maybe just under 1/3 of the server timeout value?
steven added the
enhancement
hypd / Server
hyp / Client
 labels 2024-04-10 03:49:55 +00:00
steven self-assigned this 2024-04-10 03:49:55 +00:00
steven commented 2024-04-10 03:52:47 +00:00
Author
Owner
Copy Link

I also need to work out how much information about the key is leaked during each knock sequence transmission to ensure this frequency is sane. Only 64 bits of the sha1hmac are used for the authentic knock sequence, which shouldn't be reavealing much about the key?

I also need to work out how much information about the key is leaked during each knock sequence transmission to ensure this frequency is sane. Only 64 bits of the sha1hmac are used for the authentic knock sequence, which shouldn't be reavealing much about the key?
steven removed the
hyp / Client
 label 2024-04-18 17:28:35 +00:00
steven commented 2024-04-18 17:52:03 +00:00
Author
Owner
Copy Link

Going to move client refresh into its own issue: https://deadbeef.codes/steven/hyp/issues/11

Going to move client refresh into its own issue: https://deadbeef.codes/steven/hyp/issues/11
steven commented 2024-04-20 22:12:09 +00:00
Author
Owner
Copy Link

Added in: d1239867ae

Added in: d1239867ae7da185a3380f3b81d050c17f547b72
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
Something is not working
duplicate
This issue or pull request already exists
enhancement
New feature
help wanted
Need some help
hyp / Client
hypd / Server
invalid
Something is wrong
question
More information is needed
wontfix
This won't be fixed
No Label
enhancement
hypd / Server
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees steven
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: steven/hyp#6
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?