Create a template service file at /etc/systemd/system/secure-tunnel@.service
. The template parameter will correspond to the name
of target host:
[Unit]
Description=Setup a secure tunnel to %I
After=network.target
def sign_data(private_key_loc, data): | |
''' | |
param: private_key_loc Path to your private key | |
param: package Data to be signed | |
return: base64 encoded signature | |
''' | |
from Crypto.PublicKey import RSA | |
from Crypto.Signature import PKCS1_v1_5 | |
from Crypto.Hash import SHA256 | |
from base64 import b64encode, b64decode |
def verify_sign(public_key_loc, signature, data): | |
''' | |
Verifies with a public key from whom the data came that it was indeed | |
signed by their private key | |
param: public_key_loc Path to public key | |
param: signature String signature to be verified | |
return: Boolean. True if the signature is valid; False otherwise. | |
''' | |
from Crypto.PublicKey import RSA | |
from Crypto.Signature import PKCS1_v1_5 |
#!/usr/bin/env bash | |
# Generate RSA private key | |
openssl genrsa -out private_key.pem 1024 |
There are several ways you can find inbound liquidity on LN.
If your node is up 24x7 and you have some outgoing channels, the network will connect to you if you simply wait.
However, it might take a couple of weeks to get a significant amount of incoming liquidity, and ideally you want your outgoing liquidity to match too.
Nginx can be configured to route to a backend, based on the server's domain name, which is included in the SSL/TLS handshake (Server Name Indication, SNI).
This works for http upstream servers, but also for other protocols, that can be secured with TLS.
nginx -V
for the following:
...
TLS SNI support enabled