Disable SELINUX First
1. vim /etc/selinux/config
2. Set SELINUX=disabled
3. reboot
Make directories for future use
4. mkdir -p /etc/stenographer/
5. adduser -M -U stenographer
6. mkdir -p /data/stenographer/
7. chown -R stenographer:stenographer /data/stenographer
Download Stenographer
8. dnf groupinstall "Development Tools"
9. dnf --enablerepo=powertools install snappy-devel snappy.x86_64 libseccomp-devel.x86_64 libseccomp.x86_64 libaio.x86_64 libaio-devel.x86_64 leveldb leveldb-devel.x86_64 jq rsyslog tcpdump
10. cd /usr/local/src/
11. git clone https://github.com/google/stenographer.git
Build Stenographer from Source (Install go if not installed before)
12. cd /usr/local/src/stenographer/
13. go mod init stenographer
14. go mod tidy
15. go build
16. cp stenographer /usr/bin/
17. cp stenoread /usr/bin/
18. cp stenocurl /usr/bin/
Install Stenotype
19. cd stenotype
20. make
21. cp stenotype /bin/
22. cp stenotype /usr/sbin/
23. setcap 'CAP_NET_RAW+ep CAP_NET_ADMIN+ep CAP_IPC_LOCK+ep' /bin/stenotype
24. setcap 'CAP_NET_RAW+ep CAP_NET_ADMIN+ep CAP_IPC_LOCK+ep' /usr/sbin/stenotype
Create system unit file and stenographer configuration files
25. cd ../configs/
cp systemd.conf /etc/systemd/system/stenographer.service
26. cp steno.conf /etc/stenographer/config
27. vim /etc/stenographer/config
{
"Threads": [
{ "PacketsDirectory": "/data/stenographer/thread0/packets/directory"
, "IndexDirectory": "/data/stenographer/thread0/index/directory"
, "MaxDirectoryFiles": 30000
, "DiskFreePercentage": 70
}
]
, "StenotypePath": "/usr/bin/stenotype"
, "Interface": "enp0s3"
, "Port": 4321
, "Host": "192.168.0.147"
, "Flags": ["-vv", "--seccomp=none"]
, "CertPath": "/etc/stenographer/certs"
}
Create SSL keys for stenographer
cd /usr/local/src/stenographer
./stenokeys.sh
not its time to start the Service
systemctl start stenographer
systemctl status stenographer
make test, if the stenographer is working or not
stenoread 'port 22 and after 1m ago'
Enjoy ;)
