How to keep the fingerprint same as last start
welyss opened this issue · comments
Hi, situation is:
region A(server reverse):
chisel server --port 1234 --keepalive=0s --tls-cert=xxx.crt --tls-key=yyy.key --reverse
region B(client):
nohup chisel client -v --fingerprint '31LOQeYl2uQqwvMEKBUk9/M2z2h2w5pMRs/+qrDWAlY=' --tls-skip-verify https://a.b.c.d:1234 R::12000:10.xxx.xxx.xxx:3306 >/var/log/chisel.log 2>&1 &
region C(client):
nohup chisel client -v --fingerprint '31LOQeYl2uQqwvMEKBUk9/M2z2h2w5pMRs/+qrDWAlY=' --tls-skip-verify https://a.b.c.d:1234 R::12001:10.xxx.xxx.xxx:3306 >/var/log/chisel.log 2>&1 &
region D,E...
it works very well, but if there is something wrong on region A, server restart, then fingerprint will be changed, so we have to restart all of client and reset a new fingerprint to connect with server. is there any way to keep the fingerprint unchanged,thanks
Maybe the --keygen
and --key
argument will help you out. Haven't tried it but maybe something like this might be helpful:
chisel --keygen /path/to/keyfile.key --key -
This will generate a private key and write it to a file. It also outputs the fingerprint to stdout.
If using docker the generated key file should probably be stored in a volume or mounted somewhere safe in order to make it persistent.
@Servostar Thanks for help!
chisel server --keygen /path/to/keyfile.key
chisel server --keyfile /path/to/keyfile.key
Works very well