ton - zero-configuration intranet file transfer program
ton push
[options] path ...
ton pull [options] destinationdir
ton is a program to transfer a file or set of files from one computer to another on the same network. The transfer is secured and authenticated with a shared passphrase. No addresses or hostnames need to be specified; provided both hosts are on the same network and using the same passphrase, they find each other automatically.
Details of command-line options for ton push and ton pull can be found in their respective man pages ton-push(1) and ton-pull(1).
ton stands for Transfer Over Network.
Generally, a ton file transfer is set up like this:
|
1. |
Run ton push filename on the sending host. It will generate a passphrase, tell you what it is, and start listening for announcements from ton pull. | ||
|
2. |
Run ton pull on the receiving host, or ton pull destdir if you want the received files to go somewhere other than the current working directory. It will prompt for a passphrase - enter the same passphrase as on the sending host. | ||
|
3. |
The two ton processes will find each other on the network, authenticate to each other with the passphrase, and transfer the file from the sending host to the receiving host. | ||
|
4. |
If you get the passphrase wrong, or the two hosts can’t see each other on the network, or communication is blocked by a firewall, it will look like nothing is happening and ton pull will complain every 10 seconds or so. Run both sides with -v for extra diagnostic output. |
Summary
The two hosts find each other by the pulling side sending
UDP multicast and broadcast packets and the pushing side
connects to the pulling side and shares the file.
Each stage is detailed below.
Announcement
ton pull opens a TCP port to listen for incoming
connections, and sends UDP packets announcing itself to the
network. These are sent to a specific private-address-range
multicast address, and on the network’s broadcast
address, on both IPv4 and IPv6.
Each announcement packet is encrypted with a key derived from the shared passphrase. It contains in its payload the TCP port number on which ton pull is listening for incoming connections. The payload also contains a magic number, some random bytes, a checksum and a timestamp, to reduce the chance of mistaking an invalid decryption for a valid one.
The hope is that at least one of these announcement packets will be received by ton push.
Discovery
When ton push receives a UDP announcement packet on
the expected port number, it attempts to decrypt it with the
passphrase it has. If this results in a valid decryption,
ton push attempts to make a TCP connection to the
port number named in the UDP announcement packet, then
complete a TLS handshake using a pre-shared key derived from
the passphrase.
If further valid announcement packets are received from different addresses, ton push tries to connect to each one. The first connection to complete a successful TLS handshake is the winner and all other pending connections are closed.
Transfer
Once there is an established TCP connection between the
pushing and pulling side, the pushing side sends the file or
files to the pulling side, which saves them to a local
directory.
ton is written and maintained by Graeme Cole <graeme@greem.co.uk>.
ton-push(1) ton-pull(1)