netsec-ethz · matzf · Apr 14, 2020 · Apr 7, 2020 · Apr 7, 2020 · Apr 7, 2020
diff --git a/_examples/helloworld/README.md b/_examples/helloworld/README.md
@@ -1,15 +1,18 @@
 # Hello World
 
-A simple application using SCION that sends one packet.
+A simple application using SCION that sends one packet from a client to a server.
 
-You must call it with a local AS address, and a remote one. For instance:
+Server:
+```
+go run helloworld.go -port 1234
+```
 
+Client:
 ```
-go run helloworld.go -local 17-ffaa:1:a,[127.0.0.1] -remote 17-ffaa:1:a,[127.0.0.1]:1234
+go run helloworld.go -remote 17-ffaa:1:a,[127.0.0.1]:1234
 ```
 
-Replace `17-ffaa:1:a` with your local AS address. You can use `17-ffaa:1:a` or
-replace it with any existing AS address, including your local one's.
+Replace `17-ffaa:1:a` with your local AS address printed by the server.
 
 ## Walkthrough:
 

diff --git a/_examples/shttp/README.md b/_examples/shttp/README.md
diff --git a/bwtester/bwtestclient/bwtestclient.go b/bwtester/bwtestclient/bwtestclient.go
@@ -62,26 +62,20 @@ func prepareAESKey() []byte {
 }
 
 func printUsage() {
-	fmt.Println("bwtestclient -c ClientSCIONAddress -s ServerSCIONAddress -cs t,size,num,bw -sc t,size,num,bw -i")
-	fmt.Println("A SCION address is specified as ISD-AS,[IP Address]:Port")
-	fmt.Println("Example SCION address 1-1011,[192.33.93.166]:42002")
-	fmt.Println("ClientSCIONAddress can be omitted, the application then binds to localhost")
-	fmt.Println("-cs specifies time duration (seconds), packet size (bytes), number of packets, target bandwidth " +
-		"of client->server test")
+	fmt.Println("Usage of bwtestclient:")
+	flag.PrintDefaults()
+
+	fmt.Println("")
+	fmt.Println("Test parameters:")
+	fmt.Println("\t-cs and -sc specify time duration (seconds), packet size (bytes), number of packets, and target bandwidth.")
 	fmt.Println("\tThe question mark character ? can be used as wildcard when setting the test parameters " +
 		"and its value is computed according to the other parameters. When more than one wilcard is used, " +
 		"all but the last one are set to the default values, e.g. ?,1000,?,5Mbps will run the test for the " +
 		"default duration and send as many packets as required to reach a bandwidth of 5 Mbps with the given " +
 		"packet size.")
 	fmt.Println("\tSupported bandwidth unit prefixes are: none (e.g. 1500bps for 1.5kbps), k, M, G, T.")
 	fmt.Println("\tYou can also only set the target bandwidth, e.g. -cs 1Mbps")
-	fmt.Println("-sc specifies time duration, packet size, number of packets, target bandwidth of server->client " +
-		"test")
-	fmt.Println("\tYou can also only set the target bandwidth, e.g. -sc 1500kbps")
 	fmt.Println("\tWhen only the cs or sc flag is set, the other flag is set to the same value.")
-	fmt.Println("-i specifies if the client is used in interactive mode, " +
-		"when true the user is prompted for a path choice")
-	fmt.Println("Default test parameters are: ", DefaultBwtestParameters)
 }
 
 // Input format (time duration,packet size,number of packets,target bandwidth), no spaces, question mark ? is wildcard
@@ -276,10 +270,11 @@ func main() {
 		receiveDone sync.Mutex // used to signal when the HandleDCConnReceive goroutine has completed
 	)
 
+	flag.Usage = printUsage
 	flag.StringVar(&serverCCAddrStr, "s", "", "Server SCION Address")
 	flag.StringVar(&serverBwpStr, "sc", DefaultBwtestParameters, "Server->Client test parameter")
 	flag.StringVar(&clientBwpStr, "cs", DefaultBwtestParameters, "Client->Server test parameter")
-	flag.BoolVar(&interactive, "i", false, "Interactive mode")
+	flag.BoolVar(&interactive, "i", false, "Interactive path selection, prompt to choose path")
 	flag.StringVar(&pathAlgo, "pathAlgo", "", "Path selection algorithm / metric (\"shortest\", \"mtu\")")
 
 	flag.Parse()

diff --git a/netcat/README.md b/netcat/README.md
@@ -4,14 +4,8 @@ A SCION port of the netcat process.
 
 ## Usage
 ```
-./netcat <host> <port>
+./netcat <host>:<port>
 ./netcat -l <port>
 ```
 
-Remember to generate a TLS certificate first (this will generate them in the current working directory):
-```
-openssl req -newkey rsa:2048 -nodes -keyout ./key.pem -x509 -days 365 -out ./certificate.pem
-```
-
 See `./netcat -h` for more.
-
diff --git a/netcat/main.go b/netcat/main.go
@@ -31,9 +31,6 @@ import (
 )
 
 var (
-	quicTLSKeyPath         string
-	quicTLSCertificatePath string
-
 	extraByte bool
 	listen    bool
 
@@ -51,29 +48,26 @@ var (
 func printUsage() {
 	fmt.Println("netcat [flags] host-address:port")
 	fmt.Println("netcat [flags] -l port")
+	fmt.Println("")
 	fmt.Println("The host address is specified as ISD-AS,[IP Address]")
 	fmt.Println("Example SCION address: 17-ffaa:1:bfd,[127.0.0.1]")
 	fmt.Println("Note that due to the nature of the UDP/QUIC protocols, the server will only notice incoming clients once data has been sent. You can use the -b argument (on both sides) to force clients to send an extra byte which will then be ignored by the server")
+	fmt.Println("")
 	fmt.Println("Available flags:")
 	fmt.Println("  -h: Show help")
 	fmt.Println("  -l: Listen mode")
 	fmt.Println("  -k: After the connection ended, accept new connections. Requires -l flag. If -u flag is present, requires -c flag. Incompatible with -K flag")
 	fmt.Println("  -K: After the connection has been established, accept new connections. Requires -l and -c flags. Incompatible with -k flag")
 	fmt.Println("  -c: Instead of piping the connection to stdin/stdout, run the given command using /bin/sh")
 	fmt.Println("  -u: UDP mode")
-	fmt.Println("  -local: Local SCION address (default localhost)")
 	fmt.Println("  -b: Send or expect an extra (throw-away) byte before the actual data")
-	fmt.Println("  -tlsKey: TLS key path. Requires -l flag (default: ./key.pem)")
-	fmt.Println("  -tlsCert: TLS certificate path. Requires -l flag (default: ./certificate.pem)")
 	fmt.Println("  -v: Enable verbose mode")
 	fmt.Println("  -vv: Enable very verbose mode")
 }
 
 func main() {
 
 	flag.Usage = printUsage
-	flag.StringVar(&quicTLSKeyPath, "tlsKey", "./key.pem", "TLS key path")
-	flag.StringVar(&quicTLSCertificatePath, "tlsCert", "./certificate.pem", "TLS certificate path")
 	flag.BoolVar(&extraByte, "b", false, "Expect extra byte")
 	flag.BoolVar(&listen, "l", false, "Listen mode")
 	flag.BoolVar(&udpMode, "u", false, "UDP mode")

diff --git a/ssh/README.md b/ssh/README.md
@@ -2,60 +2,49 @@
 
 SSH client and server running over SCION network.
 
-# Installation
+### Dependencies
 
-## Prerequisite
+Building the SSH client and server applications requires `libpam0g-dev`:
 
-SCION infrastructure has to be installed and running. Instructions can be found [here](https://netsec-ethz.github.io/scion-tutorials/)
-
-Additional development library for PAM is needed:
-```
-sudo apt-get install libpam0g-dev
+```shell
+sudo apt-get install -y libpam0g-dev
 ```
 
-# Running
 
-To generate TLS connection certificates:
-```
-# These are valid for 365 days, so you'll have to renew them periodically
-# Client
-cd ~/.ssh
-openssl req -newkey rsa:2048 -nodes -keyout quic-conn-key.pem -x509 -days 365 -out quic-conn-certificate.pem
--# Server
-cd /etc/ssh
-sudo openssl req -newkey rsa:2048 -nodes -keyout quic-conn-key.pem -x509 -days 365 -out quic-conn-certificate.pem
-```
+### Usage
+
+SCION infrastructure has to be installed and running. Instructions can be found [here](https://netsec-ethz.github.io/scion-tutorials/)
 
-You'll also need to create a client key (if you don't have one yet):
+You'll need to create a client key (if you don't have one yet):
 ```
 cd ~/.ssh
 ssh-keygen -t rsa -f id_rsa
 ```
 
 And create an authorized key file for the server with the public key (note that you'd usually place this in `/home/<user>/.ssh/authorized_keys` whereas `<user>` is the user on the server you want to gain access to, but make sure not to overwrite an existing file):
 ```
-cd $GOPATH/src/github.com/netsec-ethz/scion-apps/ssh/server
+cd scion-apps/ssh/server
 cp ~/.ssh/id_rsa.pub ./authorized_keys
 ```
 
 Running the server:
 ```
-cd $GOPATH/src/github.com/netsec-ethz/scion-apps/ssh/server
-# If you are not root, you need to use sudo. You might also need the -E flag to preserve environment variables (like $SC)
+cd scion-apps/ssh/server
+# If you are not root, you need to use sudo. You might also need the -E flag to preserve environment variables.
 sudo -E ./server -oPort=2200 -oAuthorizedKeysFile=./authorized_keys
 # You might also want to disable password authentication for security reasons with -oPasswordAuthentication=no
 ```
 
 
 Running the client:
 ```
-cd $GOPATH/src/github.com/netsec-ethz/scion-apps/ssh/client
-./client -p 2200 1-11,[127.0.0.1] -oUser=username
+cd scion-apps/ssh/client
+./client -p 2200 1-ffaa:1:abc,[127.0.0.1] -oUser=username
 ```
 
-Using SCP (make sure you've done `chmod +x ./scp.sh` first):
+Using SCP:
 ```
-cd $GOPATH/src/github.com/netsec-ethz/scion-apps/ssh/scp
-./scp.sh -P 2200 localFileToCopy.txt [1-11,[127.0.0.1]]:remoteTarget.txt
+cd scion-apps/ssh/scp
+./scp.sh -P 2200 localFileToCopy.txt [1-ffaa:1:abc,[127.0.0.1]]:remoteTarget.txt
 ```