[tor-onions] Onion Enterprise Toolkit - ALPHA

Alec Muffett alec.muffett at gmail.com
Thu Feb 2 22:39:17 UTC 2017


Hi All,

Yesterday I pushed this out to the world:

  https://github.com/alecmuffett/eotk - The Enterprise Onion Toolkit

- currently EOTK works on OSX and could probably be coerced to run on
various Linux but I have not documented nor tested that yet.

The aim is that a site administrator can edit a very simple config file:

# default project
hardmap secrets.d/s2kpvtwjbawr3mx3.key aclu.org
hardmap secrets.d/77bytc6x3bqdf7s6.key liberty-human-rights.org.uk

# topical project
set project digital-rights
hardmap secrets.d/oh7b6dpvd3kgchfb.key openrightsgroup.org
hardmap secrets.d/zbboaoeo6ruhqnu2.key eff.org
hardmap secrets.d/m4x6zoaflrjez7dh.key accessnow.org
hardmap secrets.d/wn74m5ts4r5xe4r4.key digitalrights.ie


...and run a couple of simple commands, and immediate get onion sites which
do bidirectional rewriting of requests and responses between the given
onion address and the given DNS domain.

SSL support is afforded by automatically-generated self-signed certificates
- an ugly hack, but it means that site owners can prototype an onion
offering, and (eventually) put it into production with an equivalent EV
cert.

I am working on amendments to make EOTK very onionbalance-friendly; the
eventual goal is to provide a filetree of NGINX + Tor configurations which
can be rsync'd to a cloud of machines, and the onion-addresses thereby
created get scraped for Onionbalance to publish.

This will offer linear scalability for Enterprise Tor Onions.  More users?
Add more machines! And less "heavy" deployments can just use a single
config without Onionbalance.

There's a lot of work still to be done, but I thought I would mention it
here in case folk would like to experiment and provide feedback so far.

    -a

-- 
http://dropsafe.crypticide.com/aboutalecm
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-onions/attachments/20170202/45982be8/attachment.html>


More information about the tor-onions mailing list