Compare commits

..

No commits in common. "b1634b4afe9ecc158ec473c4543e52ec0ce072cb" and "5f14fd11d05fae31e11de8f594e77f8b53072d13" have entirely different histories.

2 changed files with 18 additions and 15 deletions

View File

@ -1,35 +1,37 @@
# GoSmartKeyboard
Copyright [Kevin Froman](https://chaoswebs.net/) [Licensed under GPLv3](LICENSE.md)
Copyright 2022 [Kevin Froman](https://chaoswebs.net/) [Licensed under GPLv3](LICENSE.md)
Work in progress
# Introduction
GoSmartKeyboard is a daemon that allows you to have a more powerful keyboarding experience. It can be used with a secondary device, such as an Android phone or a raspberry pi, or it can run locally. A seperate client binary is provided that reads from a FIFO (named pipe) and sends the data to the server. This allows you to use any program that can write to a FIFO as a source of keyboard input.
GoSmartKeyboard is a daemon that allows you to have a more powerful keyboarding experience. It is meant to be used with a secondary device, such as an Android phone or a raspberry pi.
This is done with a simple websocket server meant to accept a single connection, authenticate it, and stream UTF16 characters and send them as key strokes into the window manager. **With a simple daemon like this we can enhance keyboarding with inteligent features.**
Be careful with online games, as they may interpret the keystrokes as cheating. I assume if you don't send keystrokes or more accurately than a human you should be fine, but don't blame the software if you get banned.
The goal of this particular daemon is not to perfectly emulate a HID, so it may trip up on Windows UAC or game anticheat systems.
A client is included that simply connects and authenticates. It is meant to be used with unix philosophy modules, for example a password manager wrapper. A UI could then wrap the client and said modules.
**See [Building.md](Building.md) for instructions on how to build this [literate](https://en.wikipedia.org/wiki/Literate_programming) project.**
## What can you do with it?
## Why a smart keyboard?
Examples of what you can do:
Keyboards have been an essential element of computing since the beginning, however they have not evolved much. Everything has a smart variant, so why not keyboards?
A smart keyboard could, for example, be used for the following:
* Run dictation software on a separate device
* Typical macros
* Buffer typed text before sending it to the server, preventing invalid commands or input.
* Buffer typed text before sending it to the client, preventing invalid commands or input. (This would also save some CPU on low power machines, this is how many early teletype systems worked)
* Clever CLI tricks, think `vim` or `cowsay` on your keyboard!
* Isolated password manager
* One Time Passwords
* Virtual keyboard switch (keyboard multiplexer)
* Typing things into VMS, or transfering text based files to VMs/servers.
* Virtual keyboard switch or communicating with multiple daemons at once
* Easily attach to VMs
* Text storage, such as configuration or SSH pubkeys
* On-the-fly spell checking or translation
* On-the-fly encryption (ex: PGP sign every message you type), isolated from the perhaps untrusted computer
@ -42,11 +44,11 @@ Some points about the design of this project:
* Written in go with the [literate](https://en.wikipedia.org/wiki/Literate_programming) tool [srcweave](https://github.com/justinmeiners/srcweave), so this
markdown book is actually the source code
* The project is test-driven
* KISS principle above All
* Small and light core
* No dependencies for the core and most features
* Features (such as described in above section) are implementend as seperate programs, unix style
* Simple [threat model](ThreatModel.md)
* Advanced features provided via plugins
* Well defined [threat model](ThreatModel.md)
# Running
@ -56,7 +58,7 @@ markdown book is actually the source code
`sudo KEYBOARD_TCP_BIND_ADDRESS=0.0 KEYBOARD_TCP_BIND_PORT=8080 ./keyboard`
# Server Entrypoint
# Entrypoint

View File

@ -1,6 +1,7 @@
# GoSmartKeyboard Threat Model
GoSmartKeyboard assumes that it is running behind a reverse proxy that provides TLS termination. This is a common setup for web applications, and is the default configuration for the [Caddy](https://caddyserver.com/) web server. Alternatively you could use SSH port forwarding to tunnel the traffic to the server.
GoSmartKeyboard assumes that it is running behind a reverse proxy that provides TLS termination. This is a common setup for web applications, and is the default configuration for the [Caddy](https://caddyserver.com/) web server.
The server daemon is intended to be used on a single-user system. The goal is to prevent against well funded attackers without physical access to the machine from authenticating to the service. To prevent this, a 256 bit random token is generated and stored in a file. The token is then displayed to the user, and they are expected to copy it to store it safely. The token cannot be recovered because only a sha256 hash of the token is stored on disk.
The daemon is intended to be used by a single user, with the client used by the same person.
It is not recommended to use this over the internet, as it is intended for the user to be able to physically see the screen.