2018-09-23 05:35:13 +00:00
|
|
|
[help]
|
2018-09-12 09:33:38 +00:00
|
|
|
|
2018-09-23 05:35:13 +00:00
|
|
|
remote = "telebit remote v{version}
|
2018-09-12 09:33:38 +00:00
|
|
|
|
2018-09-23 02:56:08 +00:00
|
|
|
Telebit Remote is the T-Rex long-arm of the Internet. UNSTOPPABLE!
|
2018-09-22 21:09:00 +00:00
|
|
|
|
2018-09-22 21:09:05 +00:00
|
|
|
Using reliable HTTPS tunneling to establishing peer-to-peer connections,
|
|
|
|
Telebit is empowering the next generation of tinkerers. Access your devices.
|
|
|
|
Share your stuff. Be UNSTOPPABLE! (Join us at https://ppl.family)
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
Usage:
|
|
|
|
|
|
|
|
telebit [flags] <command> [arguments]
|
2018-09-22 21:09:00 +00:00
|
|
|
ex: telebit http ~/Public
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
The flags are:
|
|
|
|
|
|
|
|
--config <path> specify config file (default is ~/.config/telebit/telebit.yml)
|
2018-09-23 05:35:13 +00:00
|
|
|
--json output json instead of text, if available
|
|
|
|
-h,--help display this menu (or sub-command menus)
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
The commands are:
|
|
|
|
|
|
|
|
status show status and configuration info
|
|
|
|
|
|
|
|
http access files, folders, and local apps via https (secure)
|
2018-09-23 02:56:08 +00:00
|
|
|
ssh enable remote access to this device with ssh-over-https
|
|
|
|
ssh (client) access devices via ssh-over-https (telebit, stunnel, openssl, etc)
|
2018-09-12 09:33:38 +00:00
|
|
|
tcp forward tcp locally
|
|
|
|
|
2018-09-23 02:56:08 +00:00
|
|
|
enable turn on remote access and sharing
|
|
|
|
disable turn off remote access and sharing
|
|
|
|
|
2018-09-23 05:35:13 +00:00
|
|
|
activate start and register the telebit service
|
|
|
|
disable stop and unregister the telebit service
|
|
|
|
|
|
|
|
Use \"telebit help [command]\" for more information about a command, including flags.
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
Additional help topics:
|
|
|
|
|
|
|
|
config config file format and settings
|
2018-09-23 02:56:08 +00:00
|
|
|
ssh-proxy ssh over https and proxy commands
|
2018-09-12 09:33:38 +00:00
|
|
|
ftp secure ftp file transfer between devices
|
|
|
|
rsync rsync over https and proxy commands
|
|
|
|
vpn home network access and private web browsing via socks5
|
2018-09-23 02:56:08 +00:00
|
|
|
sclient use the sclient emebbed within telebit
|
2018-09-12 09:33:38 +00:00
|
|
|
daemon telebit daemon secure background service
|
|
|
|
relay telebit secure relay, hosted, and self-hosting options
|
|
|
|
|
2018-09-23 02:56:08 +00:00
|
|
|
Copyright 2015-2018 AJ ONeal https://telebit.cloud MPL-2.0 Licensed (RAWR!)"
|
|
|
|
|
|
|
|
status = "usage: telebit status <path/port/none> [subdomain]
|
|
|
|
|
|
|
|
'telebit status' shows details about the current connections (or lack thereof).
|
|
|
|
|
|
|
|
Example:
|
2018-09-12 09:33:38 +00:00
|
|
|
|
2018-09-23 02:56:08 +00:00
|
|
|
Status: RAWR! (uptime: 45 minutes)
|
2018-09-12 09:33:38 +00:00
|
|
|
|
2018-09-23 02:56:08 +00:00
|
|
|
Forwarding ssh+https://jon.telebit.io => localhost:22
|
|
|
|
Forwarding https://client.jon.telebit.io => localhost:3000
|
|
|
|
Serving https://public.jon.telebit.io from ~/Public
|
|
|
|
Syncing ~/shared => home.jon.telebit.io:shared
|
|
|
|
|
|
|
|
Relay: https://telebit.cloud
|
2018-09-23 05:35:13 +00:00
|
|
|
Launcher: user
|
2018-09-23 02:56:08 +00:00
|
|
|
|
|
|
|
Additional help topics: enable, disable
|
|
|
|
"
|
|
|
|
|
2018-09-23 05:35:13 +00:00
|
|
|
enable = "Enable Telebit - Re-enable and accept incoming connections
|
|
|
|
|
|
|
|
usage: telebit enable
|
|
|
|
|
|
|
|
enable Re-enable incoming connections for https, ssh, etc
|
|
|
|
"
|
|
|
|
|
|
|
|
disable = "Disable Telebit - Reject https, ssh, and tcp connections
|
|
|
|
|
|
|
|
usage: telebit disable
|
|
|
|
|
|
|
|
disable (Temporarily) reject incoming connections for https,
|
|
|
|
ssh, etc without deleting the current configuration.
|
|
|
|
|
|
|
|
Perists on restart, but can be re-enabled remotely
|
|
|
|
(with your authorization only).
|
|
|
|
"
|
|
|
|
|
|
|
|
activate = "Activate Telebit - Start telebit (if not running) and register a launcher
|
|
|
|
|
|
|
|
Usage:
|
|
|
|
|
|
|
|
telebit activate [flags]
|
|
|
|
ex: telebit activate --launcher none
|
|
|
|
|
|
|
|
The flags may be exactly one of:
|
|
|
|
|
|
|
|
--no-launcher uregister any launchers (start manually)
|
|
|
|
--user-launcher (default) register an unprivileged launcher (start on login)
|
|
|
|
--system-launcher register with the system launcher (start on boot)
|
|
|
|
|
|
|
|
Note: telebit relies on the system launcher to recover from certain error conditions
|
|
|
|
"
|
|
|
|
|
|
|
|
deactivate = "Deactivate Telebit - Unregister userspace (or system) launcher and stop
|
|
|
|
|
|
|
|
Usage:
|
|
|
|
|
|
|
|
telebit deactivate [flags]
|
|
|
|
ex: telebit deactivate --keep alive
|
|
|
|
|
|
|
|
The flags are:
|
|
|
|
|
|
|
|
--keep-launcher stop telebit without unregistering the launcher
|
|
|
|
--keep-alive unregister launcher without stopping
|
|
|
|
"
|
|
|
|
|
2018-09-23 02:56:08 +00:00
|
|
|
http = "Telebit HTTP - The UNSTOPPABLE way to share files, folders, and local apps.
|
|
|
|
|
|
|
|
usage: telebit http <path/port/none> [subdomain]
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
http <DIR> [subdomain] serve a file, folder, or node express app
|
2018-09-22 21:09:00 +00:00
|
|
|
ex: telebit http ~/Public pub ex: securely host ~/Public as pub.johndoe.telebit.io
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
http <PORT> [subdomain] forward all https traffic to a local app
|
2018-09-22 21:09:00 +00:00
|
|
|
ex: telebit http 3000 app ex: publicize localhost:3000 as app.johndoe.telebit.io
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
http none [subdomain] remove secure http access for (any or all) subdomain(s)
|
2018-09-22 21:09:00 +00:00
|
|
|
ex: telebit http none ex: remove all https access
|
2018-09-23 02:56:08 +00:00
|
|
|
|
|
|
|
Use cases:
|
|
|
|
|
|
|
|
Lazy man's AirDrop (works or lazy women too!)
|
|
|
|
Testing dev sites on a phone
|
|
|
|
Sharing indie music and movies with friends
|
2018-09-12 09:33:38 +00:00
|
|
|
"
|
|
|
|
|
2018-09-23 02:56:08 +00:00
|
|
|
ssh = "Telebit SSH - The UNSTOPPABLE way to remote into your devices.
|
|
|
|
|
|
|
|
usage: telebit ssh <auto|port>
|
|
|
|
|
|
|
|
All https traffic will be inspected to see if it looks like ssh Once enabled all traffic that looks
|
|
|
|
|
|
|
|
ssh auto Make ssh Just Works™ (on port 22)
|
|
|
|
|
|
|
|
ssh <port> forward ssh traffic to non-standard port
|
|
|
|
ex: telebit ssh 22 ex: explicitly forward ssh-looking packets to localhost:22
|
|
|
|
|
|
|
|
|
|
|
|
Telebit SSH Client
|
|
|
|
|
2018-09-23 05:35:13 +00:00
|
|
|
usage: telebit ssh <remote> [ssh flags and options]
|
2018-09-23 02:56:08 +00:00
|
|
|
|
|
|
|
This is just a shortcut for \"ssh\", with all ssh-over-https options turned on.
|
|
|
|
|
|
|
|
ssh <remote> Make ssh Just Work™ (over https)
|
|
|
|
ex: telebit ssh jon.telebit.io ex:
|
|
|
|
|
|
|
|
\"telebit help ssh-proxy\" for more info
|
|
|
|
|
|
|
|
Use cases:
|
|
|
|
|
|
|
|
Access your home computer from work.
|
|
|
|
Access your work computer from home.
|
|
|
|
Good ol' fashioned screen/tmux style pair programming
|
|
|
|
Watching your US Netflix account while traveling in the EU (telebit help vpn)
|
|
|
|
"
|
|
|
|
|
|
|
|
ssh-proxy = "Proxying SSH over HTTPS
|
|
|
|
|
|
|
|
Wrapping SSH in HTTPS makes it accessible anywhere and also makes it routable.
|
|
|
|
Whether inside a harsh network environment or even if hindered by a poorly
|
|
|
|
configured firewall, once wrapped in tls, ssh becomes UNSTOPPABLE.
|
|
|
|
|
|
|
|
Usage:
|
2018-09-23 05:35:13 +00:00
|
|
|
telebit ssh <remote> [ssh flags and options]
|
2018-09-12 09:33:38 +00:00
|
|
|
|
2018-09-23 02:56:08 +00:00
|
|
|
Example:
|
|
|
|
|
|
|
|
telebit ssh jon.telebit.io
|
|
|
|
|
|
|
|
It is NOT at all neccessary to use \"telebit ssh\", it's just a convenience.
|
|
|
|
Wanna know why, and the alternatives? Keep reading!
|
|
|
|
|
|
|
|
## History
|
|
|
|
|
|
|
|
When TLS sends an encrypted packet over the network it begins with a handshake
|
|
|
|
which shows the things like the tls version and the host SERVERNAME unencrypted
|
|
|
|
so that the remote server can respond with the correct certificate.
|
|
|
|
|
|
|
|
SSH was created well before TLS and has a completely different header. The good
|
|
|
|
news is that, unlike some other early internet protocols, it does have a header
|
|
|
|
with its name and version, but it doesn't have anything to identify the server.
|
|
|
|
|
|
|
|
## Telebit + SSH
|
|
|
|
|
|
|
|
Here's why:
|
|
|
|
|
|
|
|
When you're running ssh through an https tunnel (as telebit does) you
|
|
|
|
can't just use \"ssh me.example.com\" to get in. You have to tell ssh that you
|
|
|
|
want to use an https tunnel. Using \"telebit ssh\" as a client will specify
|
|
|
|
all of the correct ssh options.
|
|
|
|
|
|
|
|
However, when you want to connect to ssh over https, you either have to pass
|
|
|
|
the correct arguments or modify your ~/.ssh/config to use \"openssl s_client\".
|
|
|
|
|
|
|
|
We explain the different configurations below:
|
|
|
|
|
|
|
|
## SSH + openssl
|
|
|
|
|
|
|
|
The configuration that's most likely to work with what's already installed on
|
|
|
|
your machine is this:
|
|
|
|
|
|
|
|
Host jon.telebit.io
|
|
|
|
ProxyCommand openssl s_client -quiet -connect %h:443 -servername %h
|
|
|
|
|
|
|
|
Or you would call ssh directly, like this:
|
|
|
|
|
|
|
|
ssh jon.telebit.io -o ProxyCommand=\"openssl s_client -quiet -connect %h:443 -servername %h\"
|
|
|
|
|
|
|
|
It's rather simple, but it looks quite daunting.
|
|
|
|
|
|
|
|
## SSH + sclient
|
|
|
|
|
|
|
|
Because that looks a little hairy, we created \"sclient\", so that the example
|
|
|
|
could look a bit more digestible:
|
|
|
|
|
|
|
|
Host jon.telebit.io
|
|
|
|
ProxyCommand sclient %h
|
|
|
|
|
|
|
|
Or
|
|
|
|
|
|
|
|
ssh jon.telebit.io -o ProxyCommand=\"sclient %h\"
|
|
|
|
|
|
|
|
## Inverse SSH Tunnel (same as stunnel)
|
|
|
|
|
|
|
|
The commands above instruct ssh to open a pipe into openssl or sclient. If we
|
|
|
|
instead want to connect ssh to a local tunnel, it looks like this:
|
|
|
|
|
|
|
|
Host jon.telebit.io
|
|
|
|
Hostname localhost
|
|
|
|
Port 3000
|
|
|
|
HostKeyAlias jon.telebit.io
|
|
|
|
CheckHostIP no
|
|
|
|
RequestTTY force
|
|
|
|
|
|
|
|
Or
|
|
|
|
|
|
|
|
ssh localhost -p 3000 -t -o CheckHostIP=no -o HostKeyAlias=jon.telebit.io
|
|
|
|
|
|
|
|
## See also
|
|
|
|
|
|
|
|
telebit ftp
|
|
|
|
telebit vpn
|
|
|
|
"
|
|
|
|
|
|
|
|
tcp = "Telebit TCP - Seemless connectivity to LEGACY apps.
|
|
|
|
Use 'telebit http' instead, where possible (including for ssh).
|
|
|
|
|
|
|
|
usage: telebit tcp <path/port/none>
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
tcp <local> [remote] forward tcp to <local> from <remote>
|
2018-09-22 21:09:00 +00:00
|
|
|
ex: telebit tcp 5050 6565 ex: forward tcp port 6565 locally to port 5050
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
tcp <path> [remote] show ftp-style directory listing
|
2018-09-22 21:09:00 +00:00
|
|
|
ex: telebit tcp ~/Public ex: show listing of ~/Public
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
tcp none [remote] disable tcp access for [remote] port
|
2018-09-22 21:09:00 +00:00
|
|
|
ex: telebit tcp none 6565 ex: remove access to port 6565
|
2018-09-12 09:33:38 +00:00
|
|
|
|
2018-09-23 02:56:08 +00:00
|
|
|
Use cases:
|
|
|
|
|
|
|
|
Debugging plain TCP when troubleshooting a legacy app
|
|
|
|
You can't install a secure client (like telebit, sclient, openssl, or stunnel)
|
|
|
|
|
2018-09-12 09:33:38 +00:00
|
|
|
See also sclient <https://telebit.cloud/sclient> for connecting to legacy apps
|
|
|
|
with telebit-upscaled secure https access.
|
|
|
|
"
|
|
|
|
|
2018-09-23 05:35:13 +00:00
|
|
|
daemon = "telebit daemon v{version}
|
2018-09-12 09:33:38 +00:00
|
|
|
|
|
|
|
Usage:
|
|
|
|
|
|
|
|
telebit daemon --config <path>
|
|
|
|
ex: telebit daemon --config ~/.config/telebit/telebitd.yml
|
|
|
|
|
|
|
|
Additional help topics:
|
|
|
|
|
|
|
|
config config file format and settings
|
|
|
|
remote telebit cli remote control
|
|
|
|
|
2018-09-23 05:35:13 +00:00
|
|
|
Copyright 2015-2018 https://telebit.cloud MPL-2.0 Licensed
|
|
|
|
"
|
|
|
|
|
|
|
|
[remote]
|
|
|
|
version = "telebit remote v{version}"
|
|
|
|
|
|
|
|
[daemon]
|
|
|
|
version = "telebit daemon v{version}"
|