readme

1 files changed, 39 insertions, 0 deletions

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7580cdf
--- /dev/null
+++ b/README.md
@@ -0,0 +1,39 @@
+# Wut iz?
+
+OpenSSHd-based autopeering software for use with DN42.
+
+# Any quality?
+
+Don't use this. It's fine though.
+
+# How install?
+
+Set up your dn42 node on Debian with bird2, clone this repo, and then run install.sh.
+
+You probably want to configure sshd with `PasswordAuthentication no`. This doesn't do that for you. (The accounts it creates won't *work* with password auth, but people will still get prompted for a password if their key fails otherwise.)
+
+# How work?
+
+An `sshd_config.d` snippet is installed with AuthorizedKeysCommand and ForceCommand.
+
+`authorized_keys.sh` looks up the user's SSH key(s) in the registry and, if running as the `new` user account, creates a local user account for it (if it doesn't already exist). If the SSH key was found in the registry (for the current user, if not `new`) then SSHD is told to allow the login.
+
+If the user is `new` then the forced command is a short script telling the user to log back in with their username (mntner-name).
+
+Otherwise `autopeer_shell.py` is run as the forced command, which is a fairly simple Python [`cmd`](https://docs.python.org/3/library/cmd.html)-based shell that interacts with an SQLite database.
+
+Every 5 minutes a cronjob calls `cronjob.py` as root which loads the data from SQLite and creates (or deletes) configuration files.
+
+A cronjob is also installed for regular updates of: autopeer itself, ROA, and dn42-registry.
+
+# No worky!
+
+Sorry. Fix it yourself. (I might help a bit, but this is made for me, not for other people.)
+
+# License?
+
+AGPL v3. Very importantly, there is no warranty. Don't use this!
+
+# Where use?
+
+<https://steeri.ng>