An encrypted, authenticated, bidirectional pipe over WebSockets.
Suppose you want to create a bidirectional pipe between prog1
and prog2
, cross-linking STDIN
and STDOUT
:
$ mkfifo fifo
$ prog1 < fifo | prog2 > fifo
But prog1
and prog2
are on two separate hosts.
On the first host (192.168.1.35
):
$ mkfifo fifo
$ prog1 < fifo | nc -l -p 3333 > fifo
On the second host (192.168.1.58
):
$ mkfifo fifo
$ nc 192.168.1.35 3333 < fifo | prog2 > fifo
This works okay locally, but does not encrypt data or authenticate endpoints.
On the first host (192.168.1.35
):
$ mkfifo fifo
$ prog1 < fifo | cw > fifo
[cw] Local wss://192.168.1.35:33207/ listening
[cw] Waiting for connection...
On the second host (192.168.1.58
):
$ mkfifo fifo
$ cw -d 192.168.1.35:33207 < fifo | prog2 > fifo
[cw] Waiting for connection...
[cw] Remote wss://192.168.1.35:33207/ opened
The first host confirms the connection:
[cw] Remote wss://192.168.1.58:43400/ connected
All data is encrypted and endpoints are authenticated using certificates.
(Note: One host must first run ./configure
and then externally share the certificates with the other host. This only needs to be done once, however.)