||2 months ago|
|cmd||2 months ago|
|internal||2 months ago|
|.gitignore||2 months ago|
|LICENSE||2 months ago|
|Makefile||2 months ago|
|README.md||2 months ago|
|client.service||2 months ago|
|client.toml||2 months ago|
|go.mod||2 months ago|
|go.sum||2 months ago|
|lassoctl.toml||2 months ago|
|server.service||2 months ago|
|server.toml||2 months ago|
Lasso allows easily controlling multiple machines.
Lasso consists of three parts. The lasso server, client, and lassoctl. The server keeps track of all the clients' local IPs, the clients update the local IP on the server when it changes, and lassoctl does the actual control.
This program uses a self-signed certificate, and is thus vulnerable to a MitM attack. If this occurs, it will only give the attacker access to the nodes' local IPs. All control goes through ssh, so it will not make nodes more vulnerable.
The server should be installed on a centralized server that all the clients can access. To install the server, run:
sudo make install-server
The client should be installed on the computers which the server needs to keep track of. To install the server, run:
sudo make install-client
Lassoctl should be installed on the system from which commands will be issued. It can be installed like so:
sudo make install-lassoctl
The config for lasso is stored at
For the server, the listen address, port, and location of TLS certificates can be changed.
For the client, the address and port of the server can be changed, as well as the name of the node.
The config for lassoctl is stored at
The address and port of the server can be changed in the lassoctl config.
The default port for lasso is TCP 11312. All control goes through SSH, which uses TCP 22. Make sure these ports are available or change them.
Running the server or the client can be done like so:
sudo systemctl start lasso
To enable the service on boot, run the following:
sudo systemctl enable lasso