Skip to main content

Shell over Reticulum

Project description

r n s h  Shell over Reticulum

CI  Release  PyPI version

rnsh is a utility written in Python that facilitates shell sessions over Reticulum networks. It is based on the rnx utility that ships with Reticulum and aims to provide a similar experience to SSH.

rnsh is still a little raw; there are some things that are implemented badly, and many other things that haven't been built at all (yet). Signals (i.e. Ctrl-C) need some work, so have another terminal handy to send a SIGTERM if things glitch out.

Anyway, there's a lot of room for improvement.

Quickstart

Tested (thus far) on Python 3.11 macOS 13.1 ARM64. Should run on Python 3.6+ on Linux or Unix. WSL probably works. Cygwin might work, too.

  • Activate a virtualenv
  • pip3 install rnsh
    • Or from a whl release, pip3 install /path/to/rnsh-0.0.1-py3-none-any.whl
  • Configure Reticulum interfaces, check with rnstatus
  • Ready to run rnsh. The options are shown below.

Example: Shell server

Setup

Before running the listener or initiator, you'll need to get the listener destination hash and the initiator identity hash.

# On listener
rnsh -l -p

# On initiator
rnsh -p

Note: if you are using a non-default identity or service name, be sure to supply these options with -p as the identity and destination hashes will change depending on these settings.

Listener

  • Listening for default service name ("default").
  • Using user's default Reticulum config dir (~/.reticulum).
  • Using default identity ($RNSCONFIGDIR/storage/identities/rnsh).
  • Allowing remote identity 6d47805065fa470852cf1b1ef417a1ac to connect.
  • Launching /bin/zsh on authorized connect.
rnsh -l -a 6d47805065fa470852cf1b1ef417a1ac -- /bin/zsh

Initiator

  • Connecting to default service name ("default").
  • Using user's default Reticulum config dir (~/.reticulum).
  • Using default identity ($RNSCONFIGDIR/storage/identities/rnsh).
  • Connecting to destination a5f72aefc2cb3cdba648f73f77c4e887
rnsh a5f72aefc2cb3cdba648f73f77c4e887

Options

Usage:
    rnsh [--config <configdir>] [-i <identityfile>] [-s <service_name>] [-l] -p
    rnsh -l [--config <configfile>] [-i <identityfile>] [-s <service_name>] 
         [-v... | -q...] [-b <period>] (-n | -a <identity_hash> [-a <identity_hash>] ...) 
         [--] <program> [<arg> ...]
    rnsh [--config <configfile>] [-i <identityfile>] [-s <service_name>] 
         [-v... | -q...] [-N] [-m] [-w <timeout>] <destination_hash>
    rnsh -h
    rnsh --version

Options:
    --config DIR             Alternate Reticulum config directory to use
    -i FILE --identity FILE  Specific identity file to use
    -s NAME --service NAME   Listen on/connect to specific service name if not default
    -p --print-identity      Print identity information and exit
    -l --listen              Listen (server) mode
    -b --announce PERIOD     Announce on startup and every PERIOD seconds
                             Specify 0 for PERIOD to announce on startup only.
    -a HASH --allowed HASH   Specify identities allowed to connect
    -n --no-auth             Disable authentication
    -N --no-id               Disable identify on connect
    -m --mirror              Client returns with code of remote process
    -w TIME --timeout TIME   Specify client connect and request timeout in seconds
    -q --quiet               Increase quietness (move level up), multiple increases effect
                                     DEFAULT LOGGING LEVEL
                                              CRITICAL (silent)
                                Initiator ->  ERROR
                                              WARNING
                                 Listener ->  INFO
                                              DEBUG    (insane)
    -v --verbose             Increase verbosity (move level down), multiple increases effect
    --version                Show version
    -h --help                Show this help

How it works

Listeners

Listener instances are the servers. Each listener is configured with an RNS identity, and a service name. Together, RNS makes these into a destination hash that can be used to connect to your listener.

Multiple listeners can use the same identity. As long as they are given different service names. They will have different destination hashes and not conflict.

Listeners must be configured with a command line to run (at least at this time). The identity hash string is set in the environment variable RNS_REMOTE_IDENTITY for use in child programs.

Listeners are set up using the -l flag.

Initiators

Initiators are the clients. Each initiator has an identity hash which is used as an authentication mechanism on Reticulum. You'll need this value to configure the listener to allow your connection. It is possible to run the server without authentication, but hopefully it's obvious that this is an advanced use case.

To get the identity hash, use the -p flag.

With the initiator identity set up in the listener command line, and with the listener identity copied (you'll need to do -p on the listener side, too), you can run the initiator.

I recommend staying pretty vanilla to start with and trying /bin/zsh or whatever your favorite shell is these days. The shell should start in login mode. Ideally it works just like an ssh shell session.

Protocol

The protocol is build on top of the Reticulum Request and Packet APIs.

  • After the initiator identifies on the connection, it enters a request loop.
  • When idle, the initiator will periodically poll the listener.
  • When the initiator has data available (i.e the user typed some characters), the initiator will send that data to the listener in a request, and the listener will respond with any data available from the listener.
  • When the listener has new data available, it notifies the initiator using a notification packet. The initiator then makes a request to the listener to fetch the data.

Roadmap

  1. Plan a better roadmap
  2. ?
  3. Keep my day job

TODO

  • Initial version
  • Pip package with command-line utility support
  • Publish to PyPI
  • Improve signal handling
  • Protocol improvements (throughput!)
  • Test on several *nixes
  • Make it scriptable (currently requires a tty)
  • Documentation improvements

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

rnsh-0.0.4.tar.gz (24.9 kB view details)

Uploaded Source

Built Distribution

rnsh-0.0.4-py3-none-any.whl (28.1 kB view details)

Uploaded Python 3

File details

Details for the file rnsh-0.0.4.tar.gz.

File metadata

  • Download URL: rnsh-0.0.4.tar.gz
  • Upload date:
  • Size: 24.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.3.2 CPython/3.9.16 Linux/5.15.0-58-generic

File hashes

Hashes for rnsh-0.0.4.tar.gz
Algorithm Hash digest
SHA256 8056acf3ba34996e89a58d7d8fde6e49b3821942a71ca4cef494f8ca14ac7ef7
MD5 32ae030932e8844bdb0ba54ff4330ec7
BLAKE2b-256 e16e17cb078e14133623fc3a226effefa78093a9ec3cd9df5515b906a4650b0e

See more details on using hashes here.

File details

Details for the file rnsh-0.0.4-py3-none-any.whl.

File metadata

  • Download URL: rnsh-0.0.4-py3-none-any.whl
  • Upload date:
  • Size: 28.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.3.2 CPython/3.9.16 Linux/5.15.0-58-generic

File hashes

Hashes for rnsh-0.0.4-py3-none-any.whl
Algorithm Hash digest
SHA256 8d3aea6a0c9d09942ae83672e608fe756131fe97aa5ef928943a8754aa620943
MD5 b8b5b6341de9feed4ade618c821b9945
BLAKE2b-256 3c5b76bc4cbd49521b90d5712274ea96799d3abd6838506d28b63a364b2e207d

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page