Table of Contents
http://www.tarsnap.com/spiped.html
spiped
is a brilliant utility for symmetrically encrypting a link between two sockets.
1 How to create a RH/systemd service for for spiped
Generate a shared secret like so:
dd if=/dev/urandom of=/etc/spiped/service.key bs=32 count=1
+---------------- source ---------------------+ +------------------ destination ---------------+ | | | | | +-----------+ | | +-----------+ | | [ unencrypted traffic ] --> | spiped -e | --+--> [ encrypted traffic ] --+--> | spiped -d | --> [ unencrypted traffic ] | | +-----------+ | | +-----------+ | | | | | +---------------------------------------------+ +----------------------------------------------+
SOURCE=[0.0.0.0]:18082 TARGET=[127.0.0.1]:8082 MODE=d
[Unit] Description = Spiped secure spipe daemon Wants = network-online.target [Service] Type = forking EnvironmentFile = /etc/default/spiped.%i PIDFile = /run/spiped/spiped.%i.pid ExecStartPre = /usr/bin/ls /etc/default/spiped.%i /etc/spiped/%i.key ExecStart = /usr/local/bin/spiped -${MODE} -s "${SOURCE}" -t "${TARGET}" -k /etc/spiped/%i.key -p /run/spiped/spiped.%i.pid RuntimeDirectory = spiped RuntimeDirectoryMode = 0770 User = nobody Group = nobody Restart = always [Install] WantedBy = default.target
WIP