s83/privacy-guides
1
0
Fork 0
mirror of https://github.com/sunknudsen/privacy-guides.git synced 2025-02-22 16:53:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
privacy-guides/how-to-self-host-hardened-bitcoin-node/tor-client-auth.sh
Sun Knudsen c262ccd0e1
Saved .auth_private file securely
2022-03-22 08:20:13 -04:00

58 lines
1.3 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#! /bin/sh
# Depends on OpenSSL 1.1+ and basez (apt install -y basez openssl)
set -e
umask u=rw,go=
bold=$(tput bold)
normal=$(tput sgr0)
basedir=$(pwd)
if [ ! -d "$basedir/authorized_clients" ] || [ ! -f "$basedir/hostname" ]; then
printf '%s\n' 'Run script inside hidden service directory'
exit 1
fi
printf '%s\n' 'Enter key pair name and press enter'
read -r name
private_key="$(openssl genpkey -algorithm x25519)"
public=$(echo -n "$private_key" | \
openssl pkey -pubout | \
grep -v ' PUBLIC KEY' | \
base64pem -d | \
tail --bytes=32 | \
base32 | \
sed 's/=//g')
auth="descriptor:x25519:$(echo -n $public)"
echo $auth | sudo -u debian-tor tee "$basedir/authorized_clients/$name.auth"
private=$(echo -n "$private_key" | \
grep -v ' PRIVATE KEY' | \
base64pem -d | \
tail --bytes=32 | \
base32 | \
sed 's/=//g')
auth_private="$(cat $basedir/hostname | awk -F '.' '{print $1}'):descriptor:x25519:$private"
echo $auth_private | sudo -u debian-tor tee "$basedir/$name.auth_private"
client_command="$(echo "cat << EOF > ./$name.auth_private\n$auth_private\nEOF\nchmod 600 $name.auth_private")"
printf "%s\n" "Run following on client (within “auth” folder)"
echo "$bold$client_command$normal"
printf "%s $bold%s$normal %s\n" 'Dont forget to run' 'systemctl restart tor' 'on server'
printf '%s\n' 'Done'
Reference in New Issue View Git Blame Copy Permalink