[help] remote = "telebit remote v{version} Telebit Remote is the T-Rex long-arm of the Internet. UNSTOPPABLE! Using reliable HTTPS tunneling to establishing peer-to-peer connections, Telebit is empowering the next generation of tinkerers. Access your devices. Share your stuff. Be UNSTOPPABLE! (Join us at https://rootprojects.org) Usage: telebit [flags] [arguments] ex: telebit http ~/Public The flags are: --config specify config file (default is ~/.config/telebit/telebit.yml) --json output json instead of text, if available -h,--help display this menu (or sub-command menus) The commands are: status show status and configuration info http access files, folders, and local apps via https (secure) ssh enable remote access to this device with ssh-over-https ssh (client) access devices via ssh-over-https (telebit, stunnel, openssl, etc) tcp forward tcp locally enable turn on remote access and sharing disable turn off remote access and sharing activate start and register the telebit service disable stop and unregister the telebit service config (doc) config file format and settings client (doc) vpn, ftp, rsync, scp, ssh-proxy, sclient Use \"telebit help [command]\" for more information about a command, including flags. Additional help topics: daemon telebit daemon secure background service relay telebit secure relay, hosted, and self-hosting options Copyright 2015-2018 AJ ONeal https://telebit.cloud MPL-2.0 Licensed (RAWR!)" client = "telebit client v{version} ftp secure ftp file transfer between devices rsync rsync over https and proxy commands scp scp over https and proxy commands sclient use the sclient emebbed within telebit ssh-proxy ssh over https and proxy commands vpn (client) home network access and private web browsing via socks5 Use \"telebit help [command]\" for more information about a command, including flags. Copyright 2015-2018 AJ ONeal https://telebit.cloud MPL-2.0 Licensed (RAWR!)" status = "usage: telebit status 'telebit status' shows details about the current connections (or lack thereof). Example: Status: RAWR! (uptime: 45 minutes) Forwarding ssh+https://jon.telebit.io => localhost:22 Forwarding https://client.jon.telebit.io => localhost:3000 Serving https://public.jon.telebit.io from ~/Public Syncing ~/shared => home.jon.telebit.io:shared Relay: https://telebit.cloud Launcher: user Additional help topics: enable, disable" enable = "Enable Telebit - Re-enable and accept incoming connections usage: telebit enable enable Re-enable incoming connections for https, ssh, etc" disable = "Disable Telebit - Reject https, ssh, and tcp connections usage: telebit disable disable (Temporarily) reject incoming connections for https, ssh, etc without deleting the current configuration. Perists on restart, but can be re-enabled remotely (with your authorization only)." activate = "Activate Telebit - Start telebit (if not running) and register a launcher Usage: telebit activate [flags] ex: telebit activate --launcher none The flags may be exactly one of: --no-launcher uregister any launchers (start manually) --user-launcher (default) register an unprivileged launcher (start on login) --system-launcher register with the system launcher (start on boot) Note: telebit relies on the system launcher to recover from certain error conditions" deactivate = "Deactivate Telebit - Unregister userspace (or system) launcher and stop Usage: telebit deactivate [flags] ex: telebit deactivate --keep alive The flags are: --keep-launcher stop telebit without unregistering the launcher --keep-alive unregister launcher without stopping" http = "Telebit HTTP - The UNSTOPPABLE way to share files, folders, and local apps. usage: telebit http [subdomain] http [subdomain] serve a file, folder, or node express app ex: telebit http ~/Public pub ex: securely host ~/Public as pub.johndoe.telebit.io http [subdomain] forward all https traffic to a local app ex: telebit http 3000 app ex: publicize localhost:3000 as app.johndoe.telebit.io http none [subdomain] remove secure http access for (any or all) subdomain(s) ex: telebit http none ex: remove all https access Use cases: - Lazy man's AirDrop (works for lazy women too!) - Testing dev sites on a phone - Sharing indie music and movies with friends" ssh = "Telebit SSH - The UNSTOPPABLE way to remote into your devices. usage: telebit ssh All https traffic will be inspected to see if it looks like ssh Once enabled all traffic that looks ssh auto Make ssh Just Work™ (on port 22) ssh forward ssh traffic to non-standard port ex: telebit ssh 22 ex: explicitly forward ssh-looking packets to localhost:22 ssh none Disables ssh tunneling Telebit SSH Client usage: telebit ssh [ssh flags and options] This is just a shortcut for \"ssh\", with all ssh-over-https options turned on. ssh Make ssh Just Work™ (over https) ex: telebit ssh jon.telebit.io ex: \"telebit help ssh-proxy\" for more info Use cases: - Access your home computer from work. - Access your work computer from home. - Good ol' fashioned screen/tmux style pair programming" ssh-proxy = "Proxying SSH over HTTPS Wrapping SSH in HTTPS makes it accessible anywhere and also makes it routable. Whether inside a harsh network environment or even if hindered by a poorly configured firewall, once wrapped in tls, ssh becomes UNSTOPPABLE. Usage: telebit ssh [ssh flags and options] Example: telebit ssh jon.telebit.io It is NOT at all neccessary to use \"telebit ssh\", it's just a convenience. Wanna know why, and the alternatives? Keep reading! ## History When TLS sends an encrypted packet over the network it begins with a handshake which shows the things like the tls version and the host SERVERNAME unencrypted so that the remote server can respond with the correct certificate. SSH was created well before TLS and has a completely different header. The good news is that, unlike some other early internet protocols, it does have a header with its name and version, but it doesn't have anything to identify the server. ## Telebit + SSH Here's why: When you're running ssh through an https tunnel (as telebit does) you can't just use \"ssh me.example.com\" to get in. You have to tell ssh that you want to use an https tunnel. Using \"telebit ssh\" as a client will specify all of the correct ssh options. However, when you want to connect to ssh over https, you either have to pass the correct arguments or modify your ~/.ssh/config to use \"openssl s_client\". We explain the different configurations below: ## SSH + openssl The configuration that's most likely to work with what's already installed on your machine is this: Host jon.telebit.io ProxyCommand openssl s_client -quiet -connect %h:443 -servername %h Or you would call ssh directly, like this: ssh jon.telebit.io -o ProxyCommand=\"openssl s_client -quiet -connect %h:443 -servername %h\" It's rather simple, but it looks quite daunting. ## SSH + sclient Because that looks a little hairy, we created \"sclient\", so that the example could look a bit more digestible: Host jon.telebit.io ProxyCommand sclient %h Or ssh jon.telebit.io -o ProxyCommand=\"sclient %h\" ## Inverse SSH Tunnel (same as stunnel) The commands above instruct ssh to open a pipe into openssl or sclient. If we instead want to connect ssh to a local tunnel, it looks like this: Host jon.telebit.io Hostname localhost Port 3000 HostKeyAlias jon.telebit.io CheckHostIP no RequestTTY force Or ssh localhost -p 3000 -t -o CheckHostIP=no -o HostKeyAlias=jon.telebit.io ## See also telebit ftp telebit vpn" tcp = "Telebit TCP - Seemless connectivity to LEGACY apps. Use 'telebit http' instead, where possible (including for ssh). usage: telebit tcp tcp [remote] forward tcp to from ex: telebit tcp 5050 6565 ex: forward tcp port 6565 locally to port 5050 tcp [remote] show ftp-style directory listing ex: telebit tcp ~/Public ex: show listing of ~/Public tcp none [remote] disable tcp access for [remote] port ex: telebit tcp none 6565 ex: remove access to port 6565 Use cases: - Debugging plain TCP when troubleshooting a legacy app - You can't install a secure client (like telebit, sclient, openssl, or stunnel) See also sclient for connecting to legacy apps with telebit-upscaled secure https access." scp = "Telebit (Client) scp See \"telebit rsync\"." rsync = "Telebit (Client) rsync - Sync files to or from another computer Sync files and directories from one computer to another. Usage: telebit rsync [flags] [arguments] ex: telebit rsync -av home.jon.telebit.cloud:shared/ ~/shared/ --exclude=tmp This is not a full implementation of rsync, but rather a convenience wrapper around rsync which passes the correct options to ssh for https tunneling. Due to the way telebit wraps rsync, all flags which take an argumnt must go after the source and destination paths / addresses. See also: telebit help ssh-proxy" vpn = "Telebit (Client) vpn - Use with Firefox for UNSTOPPABLE web browsing This provides a very easy-to-use, lightweight VPN known as Socks5 that can be used directly by Firefox and Chrome without requiring administrator privileges. Usage: telebit vpn --socks5 ex: telebit vpn --socks5 6789 home.jon.telebit.io The flags are: --socks5 You MUST specify the socks5 port Firefox Configuration: Firefox -> Preferences Advanced -> Network Connection -> Settings Manual proxy configuration: SOCKS Host: localhost Port: 6789 SOCKS v5 Just like a full vpn client, it routes your IP traffic places through the VPN server (which in this case is another one of your telebit devices), but only for traffic in the configured browser. You can still access school and office resources in the other browser (and other applications) the need to switch a full VPN on and off. As will all other telebit functionality, this use https tunneling and will not be disrupted by unfavorable network conditions. Use cases: - Watch your US Netflix using your home IP while traveling abroad. - Log into your router as if from inside your home network. - Disregard poorly configured web proxies at school or work. See also: telebit help ssh-proxy" ftp = "Telebit (Client) Secure FTP Alias of \"telebit rsync\" The original FTP was superseded by sftp and then rsync a few decades ago, however, sometimes we refer to its successors, generically, as \"FTP\" (just like you might say \"hang up\" the phone). ## History FTP is a legacy of the 1970s. It served its purpose well on local networks, but was extremely dangerous on the Internet due to its lack of security and various vulnerabilities. On some legacy systems it remains an easy target to steal passwords and load viruses onto computers. Although very few systems have ftp installed today (thank goodness), almost every computer comes with rsync already installed and ready to go. Use \"telebit rsync\" instead." daemon = "telebit daemon v{version} Usage: telebit daemon --config ex: telebit daemon --config ~/.config/telebit/telebitd.yml Additional help topics: config config file format and settings remote telebit cli remote control Copyright 2015-2018 https://telebit.cloud MPL-2.0 Licensed" config = "Telebit Config (docs) There are TWO config files: remote ~/.config/telebit/telebit.yml daemon ~/.config/telebit/telebitd.yml ### Remote Config This only specifies the ipc - socket path (dir), address, or pipe name. All other options are handled by the daemon. ipc: /Users/aj/.local/share/telebit/var/run/ ### Daemon Config relay: telebit.cloud the relay to use secret: null HMAC secret for self-hosted relay email: jon@example.com the email to authenticate agree_tos: true agree to Telebit, Greenlock, & Let's Encrypt, ToS community_member: true get rare but relevant community updates telemetry: true contribute to project telemetry servernames: example.com: don't reject https traffic for example.com wildcard: true allow assignment to subdomains handler: ~/Public whether to use a static server by path or app by port home.example.com: wildcard: true handler: 3000 ssh_auto: 22 forward ssh-ish traffic to port 22 See also: telebit help relay" sclient = "sclient Usage: sclient [flags] [local] ex: sclient whatever.com:443 localhost:3000 ex: sclient whatever.com - ex: printf \"GET / HTTP/1.1\\n\\n\" | sclient whatever.com sclient is a standalane tls unwrapper. For convenience it's bundled with telebit as the passthru subcommand \"telebit sclient\" and functions exactly the name. telebit sclient [flags] [local] ex: printf \"GET / HTTP/1.1\\n\\n\" | telebit sclient whatever.com See https://telebit.cloud/sclient/" relay = "Telebit Relay We envision a future with better routers capable of providing reliable Internet connectivity, and trusted peers bridging the gaps between unfavorable network conditions. We plan to always run telebit.cloud as a relay-as-a-service for convenience, but it is our hope that, if your network conditions permit, you will also run your own telebit relay for your friends, family, and yourself. See https://git.coolaj86.com/coolaj86/telebit-relay.js" in-n-out = "Telebit Secret Menu The secret flags are: --profile Use config files, sockets, and pipes with this name. For debugging and development. (default: telbit, telebitd) --set-profile Switch from the default profile --address Use explicit socket path (or address) or pipe name Overrides \"--profile\"" [remote] version = "telebit remote v{version}" code = " ============================================== Hey, Listen! ============================================== GO CHECK YOUR EMAIL! DEVICE PAIR CODE: 0000 ============================================== " waiting = "waiting for you to check your email..." success = "Success" next_steps = "Some fun things to try first: ~/telebit http ~/Public ~/telebit tcp 5050 ~/telebit ssh auto Press any key to continue... " [remote.setup] email = "Welcome! By using Telebit you agree to: [x] Accept the Telebit™ terms of service [x] Accept the Let's Encrypt™ terms of service Enter your email to agree and login/create your account: " [daemon] version = "telebit daemon v{version}"