Add LICENSE and README

2024-09-18 22:25:24 -04:00
parent 21df5e97a4
commit 2c3203d9ca
3 changed files with 425 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,48 @@
+Simple tool to generate keypairs for onion service client auth (also known as
+restricted discovery).
+
+See [Tor project doc][0].
+
+### Usage
+
+```bash
+❯ go run go.balki.me/onion-auth-gen@latest
+private key       : KPNW2PPM4EZRNUWYDXRYBUB2D5G73RLVQTELWBT7RDYELTOSBESA
+public descriptor : descriptor:x25519:DBOQW4FQU6XFTELGIFTJCOK3S4NIV4H5LU64R2SJ3NF7VUEIOBHA
+```
+No go?
+
+```
+❯ docker run --rm golang go run go.balki.me/onion-auth-gen@latest
+go: downloading go.balki.me/onion-auth-gen v0.1.0
+private key       : 2R7T75LJ2KRVNAXFDXJN4CNKSMAEQ22MDXWFPRL2TR2XUCV5LFMQ
+public descriptor : descriptor:x25519:LXSR6HYCYJ7MDFY2AU2NQO4QQUSGJCHFEXZBIGYYZKPFMGZWPNVQ
+```
+
+Add public descriptor to the onion service server configuration and enter the
+private key when prompted in the tor browser
+
+### FAQ
+
+#### Why add client auth for onion service?
+
+When you have an onion service for private use, adding client auth makes it
+completely secure against DDOS even when the service's URL is leaked. Even if
+you don't explicitly share the onion address, it can leak via HTTP `Referrer`
+or `Origin` headers or accidental copy paste.
+
+#### Why this tool?
+
+The [official way][0] requires to install packages and run multiple long shell
+command lines. This is a zero dependency pure go mini tool that is quick and
+easy to use.
+
+
+### Related
+
+* [onionshare][1]
+
+---
+
+[0]: https://community.torproject.org/onion-services/advanced/client-auth/
+[1]: https://onionshare.org