Skip to content

Instantly share code, notes, and snippets.

@jimdigriz

jimdigriz/Airgapped File Transfers.md

Last active May 2, 2024 12:49
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save jimdigriz/3746f55602630bd44b41206f39dcc5a9 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save jimdigriz/3746f55602630bd44b41206f39dcc5a9 to your computer and use it in GitHub Desktop.
Download ZIP
Airgapped File Transfers
Raw
Airgapped File Transfers.md

Notes on how to transfer files to airgapped systems.

AWS

ECS

Requirements:

Then to transfer files fom your workstation to the container, you can run:

socat EXEC:'sx --ymodem -b -k /path/to/file/one /path/to/file/two ...',pipes EXEC:"aws --profile $PROFILE ecs execute-command --cluster $CLUSTER --container $CONTAINER --interactive --task $TASK --command \'/usr/bin/rx --ymodem -b\'",nofork

Findings

  • observed roughly transfer speeds above 40kiB/s
  • ZMODEM initially stalls for about 30 seconds
    • handshake from rx looks to be chopped (smells like line buffering) after the \r, which on the sx side appears in the following read when the next handshake attempt is made, so they end up overlapping
    • tired setting raw mode (stty raw as well as other combinations) and could not find something that worked
    • XMODEM/YMODEM work fine though
  • SSM gets upset if you send larger than 1kB packets (so we use -k)
  • we pass pipes to socat otherwise at the end of the transfer we get a died with SIGPIPE

Kubenetes

socat EXEC:'sx --zmodem -b --start-8k /path/to/file/one /path/to/file/two ...',pipes EXEC:"kubectl -n $NAMESPACE exec -i $CONTAINER -- /usr/bin/rx --ymodem -b",nofork

Findings

  • observed roughly transfer speeds around 6MiB/s for AWS EKS
  • ...of course you could alternatively use kubectl cp ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment