secure-chat

secure-chat.txt

1. Create a user for your friend

	sudo mkdir -p /home/your-friend
	sudo touch /home/your-friend/log
	sudo tee /home/your-friend/chat > /dev/null <<-'EOF'
		trap exit SIGINT
		tail -f /home/your-friend/log &
		while IFS=$'\n' read -r line; do
			[[ -n "$line" ]] && echo "$USER: $line" >> /home/your-friend/log
		done
		kill %1 # kill background job
		exit	# close ssh connection
	EOF
	sudo ln /home/your-friend/{chat,.bash_profile}
	sudo useradd your-friend --shell /bin/bash --home-dir /home/your-friend --no-create-home
	sudo passwd your-friend
	sudo chown your-friend:your-friend /home/your-friend/{log,chat,.bash_profile}
	sudo chmod 666 /home/your-friend/log
	sudo chmod 555 /home/your-friend/{chat,.bash_profile}

2. Allow them to log into your machine w/ ssh

	sudo tee /etc/ssh/sshd_config.d/999-your-friend.conf > /dev/null <<-EOF
		Match User your-friend
		PasswordAuthentication yes
		DisableForwarding yes
	EOF
	sudo systemctl restart sshd

3. Talk to one another

	For them:

		ssh your-friend@your-hostname

	For you:

		/home/your-friend/chat

	Terminate with Ctrl-D

3. Ensure no tomfoolery's afoot

	Monitor ongoing sessions:

		watch -d -n.1 w

	Possibly terminate a session:

		sudo killall --user your-friend

	Simply lock/unlock a user between sessions:

		sudo usermod --lock your-friend
		sudo usermod --unlock your-friend

	See what's been happening:

		sudo journalctl _COMM=sshd

4. Clean up after yourself

	sudo rm /etc/ssh/sshd_config.d/999-your-friend.conf
	sudo systemctl restart sshd
	sudo killall --user your-friend
	sudo rm -rf /home/your-friend
	sudo userdel your-friend