Alec Muffett alec.muffett@gmail.com writes:
Hi All,
Yesterday I pushed this out to the world:
https://github.com/alecmuffett/eotk - The Enterprise Onion Toolkit
- currently EOTK works on OSX and could probably be coerced to run on
various Linux but I have not documented nor tested that yet.
Cool stuff Alec :) I have no OSX boxes around here so I can't get past 000-setup-osx.sh unfortunately.
BTW, is this tool designed to be useful mainly for "enterprise" installations, or is it also useful to casual cases like "I just want a quick HTTP HS, no DNS names or SSL or anything".
Cheers!
The aim is that a site administrator can edit a very simple config file:
# default project hardmap secrets.d/s2kpvtwjbawr3mx3.key aclu.org hardmap secrets.d/77bytc6x3bqdf7s6.key liberty-human-rights.org.uk
# topical project set project digital-rights hardmap secrets.d/oh7b6dpvd3kgchfb.key openrightsgroup.org hardmap secrets.d/zbboaoeo6ruhqnu2.key eff.org hardmap secrets.d/m4x6zoaflrjez7dh.key accessnow.org hardmap secrets.d/wn74m5ts4r5xe4r4.key digitalrights.ie
...and run a couple of simple commands, and immediate get onion sites which do bidirectional rewriting of requests and responses between the given onion address and the given DNS domain.
SSL support is afforded by automatically-generated self-signed certificates
- an ugly hack, but it means that site owners can prototype an onion
offering, and (eventually) put it into production with an equivalent EV cert.
I am working on amendments to make EOTK very onionbalance-friendly; the eventual goal is to provide a filetree of NGINX + Tor configurations which can be rsync'd to a cloud of machines, and the onion-addresses thereby created get scraped for Onionbalance to publish.
This will offer linear scalability for Enterprise Tor Onions. More users? Add more machines! And less "heavy" deployments can just use a single config without Onionbalance.
There's a lot of work still to be done, but I thought I would mention it here in case folk would like to experiment and provide feedback so far.
-a-- http://dropsafe.crypticide.com/aboutalecm _______________________________________________ tor-onions mailing list tor-onions@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions