NAME

remotefs - Remote File System access tool for Windows and Unix

USAGE

remotefs [OPTIONS] <listen-address> <accept-ip-range>
remotefs -h
REMOTEFS.EXE [OPTIONS] <listen-address> <accept-ip-range>

DISCLAIMER

The information in this file is provided without warranty for its accuracy or completeness. Use of this file or its information is entirely at your own risk.

DESCRIPTION

This is a standalone executable to run on a remote machine that gives cooledit remote file-system access. The allowed operations are reading and writing of files, directory listing, reading of file permissions and ownership.

This means you can use cooledit to edit files on a remote machine, even a Windows machine. The advantage of this tool is low latency saving and loading files and the advantage that this can be done securely of the Internet.

You will notice in the bottom left of the cooledit file-browser is a new input to enter the IP of the remote machine or localhost for the local machine.

The executable REMOTEFS.EXE is provided in the distribution for running on Windows. You will need to open a command prompt.

OPTIONS

-h: Print help and exit.
--no-crypto: Disable crypto. All data is send in plain-text with no security or authentication. This effectively reverts remotefs to the version before encryption was supported. Mainly useful for debugging. Use the Disable crypto button if security is not required.
--force-crypto: Require encryption, or reject transaction. Normally host are allowed to hit the button Disable crypto when prompted for a password. This option disallows this.
-k <file>, --key-file <file>: Read AES key from <file>. Default: AESKEYFILE
If not specified, AESKEYFILE will be created and populated with a strong random key. If AESKEYFILE exists it will be read.
<listen-address>: The interface to bind to. Try running ifconfig on Unix or IPCONFIG.EXE on Windows to list available IP addresses.
<accept-ip-range>: The address ranges allowed to connect. Remote clients not in the range are dropped. Users ought to be cautious who is allowed to connect since remotefs gives full access to all files on the machine. Both IPv4 and IPv6 addresses are supported. Ranges of the form IP-IP and IP/MASK are supported. An example is 10.1.0.1-10.1.0.99,fe80::9df2:ea47:67b9:644f,fe80::c6f0:196e:0000:123a/64,192.168.1.16/30.

ENCRYPTION

The encryption algorithm is as follows.

Definitions


    P => plaintext


    M => ciphertext


    K1, k2 => key


    V => IV


    I => nonce


    V, S, s, A1, A2, I, Q are 128 bits


    P, C, D are n * 128 bits, n > 0


    D is discarded


    AES_CBC_ENC(key, IV, plaintext) => (newIV, ciphertext)


    SHA256(...) => (128bit, 128bit)
Encryption


    (C, Q) <= AES_CBC_ENC(K1, V, (I, P))


    (A1, A2) <= SHA256(V, C(firstblock), Q, AES_ECB_ENC(K2, V))


    (D, S) <= AES_CBC_ENC(K2, A1, C)


    (D, S) <= AES_CBC_ENC(K2, S, A2)


    M <= (V, C, S)
Decryption


    (V, C, s) <= M


    (A1, A2) <= SHA256(V, C(firstblock), C(lastblock), AES_ECB_ENC(K2, V))


    (D, S) <= AES_CBC_ENC(K2, A, C)


    (D, S) <= AES_CBC_ENC(K2, S, A2)


    S ?= s


    ((I, P), Q) <= AES_CBC_DEC(K1, V, C)

EXAMPLE

To enable a cooledit process running on any machine 192.168.1.2 through 192.168.1.254 to access the machine 192.168.1.1, login on 192.168.1.1 and run this:



  remotefs 192.168.1.1 192.168.1.2-192.168.1.254

Then copy the contents of the file AESKEYFILE:



  cat AESKEYFILE


  LUs7UPqmsocLHAdQMVmht4avPMvgSW4HtCybMGvKQoYn

Then run cooledit on, say 192.168.1.99. Then select the menu option File -> Open. Then select 192.168.1.1 in the IP: input in cooledit's file browser. The file browser will prompt you for an AES key. Hit Shit-Ins (or mouse middle button) to paste the key.

FILES

AESKEYFILE

: Contains the default AES key. This file is created when remotefs first starts up and will contain a strongly-random-generated key.

AVAILABILITY

The latest public release of this program can be found at
http://www.ibiblio.org/pub/Linux/apps/editors/X/cooledit/

AUTHORS

Paul Sheer