After reading the readme I’m confused what the advantage is over just regular piping.
‘’’
command-on-server1 | ssh user@server2 'command-on-server2'
‘’’
Beam lets you do what you described even when both the machines are isolated and not reachable from one another. All you need is ssh clients on both the machines.
That’s not clear in the readme. It might be worth explicating stating that this uses the SSH protocol but is designed to work on hosts that either dont have OpenSSH enabled or environments where you don’t control the OpenSSH config.
Given the current readme, I was left wondering the same as the GP too.
But if you have ssh clients on both machines, you can use port forwarding to allow machine2 to connect to machine1 via ssh. Or you can connect both machines to the "SSH stun server" (which is something like the beam host if I understand correctly) and let them connect through that.
I mean, I'm not bashing beam, but it's mostly syntactic sugar, not something that provides some actual new functionality, is that right?
You can do this using a regular SSH server and some elbow grease. This is meant to be a simple setup and forget system that is relatively locked down and doesn't expose any more functionality than strictly necessary.
I think you can turn this (or any equivalent service like ssh-j.com) into an end-to-end encrypted option by relaying an SSH connection over which you send the data, instead of relaying the data.
Example:
# receiver
ssh top-secret@ssh-j.com -N -R ssh:22:localhost:22
socat UNIX-RECV:/tmp/foobar - | my command
# sender
my-command | ssh -J top-secret@ssh-j.com ssh socat - UNIX-SENDTO:/tmp/foobar
(log in with your creds to receiver host, enjoy end-to-end encryption)
On Receiving Server
And then on sending server