Article

CentOS 7 uses Ngrok to build intranet penetration service

CentOS 7 uses Ngrok to build intranet penetration service Dependent installation Install go locale sudo yum install...
Install go locale
Install the latest version of git
Download the latest source code of ngrak
Generate self signed certificate
Generate client software
Running software
Running server software
Start client software
Optimize ngrok Service - set up startup
CentOS 7 uses Ngrok to build intranet penetration service Dependent installation

Install go locale

sudo yum install -y golang

Validate go locale

go env

Install the latest version of git

sudo yum remove git sudo yum install epel-release sudo yum install -y https://centos7.iuscommunity.org/ius-release.rpm sudo yum install git2u

Verify git version

git --version
Install Ngrok

Download the latest source code of ngrak

Ngrak gtihub address:
https://github.com/inconshreveable/ngrok/releases

Save Ngrok source code

cd /usr/local/ git clone https://github.com/inconshreveable/ngrok.git

Generate self signed certificate

Where xxx.com is replaced by its own domain name

cd /usr/local/ngrok/ openssl genrsa -out rootCA.key 2048 openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=xxx.com" -days 5000 -out rootCA.pem openssl genrsa -out server.key 2048 openssl req -new -key server.key -subj "/CN=xxx.com" -out server.csr openssl x509 -req -in server.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out server.crt -days 5000

After the certificate is generated, copy it and overwrite the original Ngrok certificate:
When copying, you will be prompted whether to overwrite the source file. Enter y

cp rootCA.pem assets/client/tls/ngrokroot.crt cp server.crt assets/server/tls/snakeoil.crt cp server.key assets/server/tls/snakeoil.key

Generate client software

Compile and generate the running software of the server

cd /usr/local/ngrok/ GOOS=linux GOARCH=amd64 make release-server

Generated software directory / usr/local/ngrok/bin
Server software file name: ngrokd

Compile build client running software:

# 32-bit linux client: GOOS=linux GOARCH=386 make release-client # 64 bit linux client: GOOS=linux GOARCH=amd64 make release-client #32-bit windows client: GOOS=windows GOARCH=386 make release-client #64 bit windows client: GOOS=windows GOARCH=amd64 make release-client #32-bit mac platform client: GOOS=darwin GOARCH=386 make release-client #64 bit mac platform client: GOOS=darwin GOARCH=amd64 make release-client #linux client of ARM platform: GOOS=linux GOARCH=arm make release-client

Generated software directory / usr/local/ngrok/bin/
Linux platform client software file name: ngrok
Windows 64 platform: windows? AMD64 / ngrok.exe
mac 64 platform: Darwin · AMD64 / ngrok

Running software

Firewall settings

Permanently open the Ngrok service port

firewall-cmd --add-port=6666/tcp --zone=public --permanent firewall-cmd --reload

Domain name resolution configuration

Resolution to configure:

Host record record value *Server public ip @Server public ip www server public ip

Running server software

Replace xxx.com with your own domain name

Direct operation

cd /usr/local/ngrok/bin/

ngrokd -domain="xxx.com" -httpAddr=":8864" -httpsAddr=":8865" -tunnelAddr=":6666" &

Start with certificate

cd /usr/local/ngrok/bin/

ngrokd -domain="xxx.com" -tlsKey="../assets/server/tls/snakeoil.key" -tlsCrt="../assets/server/tls/snakeoil.

Start client software

Before running the client software, you need to create the configuration file ngrok.yml under the same level folder of the software

server_addr: "xxx.com:6666" trust_host_root_certs: false

Run cmd in the client directory
Client

ngrok.exe -config ngrok.yml -subdomain api 8022

-subdomain: followed by secondary domain name

8022: local mapping port

Optimize ngrok Service - set up startup

1, Create a new startup script in the ngrok program directory, for example:

start.sh path=/software/git/ngrok $path ./bin/ngrokd -tlsKey=server.key -tlsCrt=server.crt

-Domain = "your domain name" - httpAddr=":80" -httpsAddr=":8082"

Path is the path of the current directory
To start a script, you need to write the script that starts in the background. The later start items are written according to your own needs

2, Making ngrok program into system service

Create a new service project (ngrok) in the directory / etc/rc.d/init.d, as follows:

#!/bin/sh #chkconfig:2345 70 30 #description:ngrok ngrok_path=/software/git/ngrok case "$1" in start) echo "start ngrok service.." sh $/start.sh ;; *) exit 1 ;; esac

Give the file permission 755

chmod 755 ngrok

3, Register ngrok service self start

chkconfig --add ngrok

Test whether the service can start successfully

service ngrok start

Check for self starting services

chkconfig
a1003930343 Published 3 original articles, won praise 0, visited 1358 Private letter follow

4 February 2020, 10:50 | Views: 4953

Add new comment

For adding a comment, please log in
or create account

0 comments