add a chunk of docs

lib/en-us.toml

@@ -3,7 +3,7 @@
 
 main = "telebit remote v{version}
 
-Telebit Remote - The T-Rex long-arm of the Internet.
+Telebit Remote is the T-Rex long-arm of the Internet. UNSTOPPABLE!
 
 Using reliable HTTPS tunneling to establishing peer-to-peer connections,
 Telebit is empowering the next generation of tinkerers. Access your devices.
@@ -17,35 +17,57 @@ Usage:
 The flags are:
 
         --config <path> specify config file (default is ~/.config/telebit/telebit.yml)
+        -h,--help display this menu (or sub-command menus)
+        --json output json instead of text, if available
 
 The commands are:
 
         status        show status and configuration info
-        enable        turn on remote access and sharing
-        disable       turn off remote access and sharing
 
         http          access files, folders, and local apps via https (secure)
-        ssh (local)   enable remote access to this device with ssh-over-https
+        ssh           enable remote access to this device with ssh-over-https
-        ssh (remote)  access devices via ssh-over-https (telebit, stunnel, openssl, etc)
+        ssh (client)  access devices via ssh-over-https (telebit, stunnel, openssl, etc)
         tcp           forward tcp locally
 
+        enable        turn on remote access and sharing
+        disable       turn off remote access and sharing
+
 Use \"telebit help [command]\" for more information about a command.
 
 Additional help topics:
 
         config        config file format and settings
-        ssh (proxy)   ssh over https and proxy commands
+        ssh-proxy     ssh over https and proxy commands
         ftp           secure ftp file transfer between devices
         rsync         rsync over https and proxy commands
         vpn           home network access and private web browsing via socks5
+        sclient       use the sclient emebbed within telebit
         daemon        telebit daemon secure background service
         relay         telebit secure relay, hosted, and self-hosting options
 
-Copyright 2015-2018 https://telebit.cloud MPL-2.0 Licensed"
+Copyright 2015-2018 AJ ONeal https://telebit.cloud MPL-2.0 Licensed (RAWR!)"
 
-http = "usage: telebit http <path/port/none> [subdomain]
+status = "usage: telebit status <path/port/none> [subdomain]
 
-'telebit http' is the fastest way to share files, folders, and local apps.
+'telebit status' shows details about the current connections (or lack thereof).
+
+Example:
+
+        Status: RAWR! (uptime: 45 minutes)
+
+        Forwarding ssh+https://jon.telebit.io => localhost:22
+        Forwarding https://client.jon.telebit.io => localhost:3000
+        Serving https://public.jon.telebit.io from ~/Public
+        Syncing ~/shared => home.jon.telebit.io:shared
+
+        Relay: https://telebit.cloud
+
+Additional help topics: enable, disable
+"
+
+http = "Telebit HTTP - The UNSTOPPABLE way to share files, folders, and local apps.
+
+usage: telebit http <path/port/none> [subdomain]
 
         http <DIR> [subdomain]          serve a file, folder, or node express app
         ex: telebit http ~/Public pub   ex: securely host ~/Public as pub.johndoe.telebit.io
@@ -55,12 +77,137 @@ http = "usage: telebit http <path/port/none> [subdomain]
 
         http none [subdomain]           remove secure http access for (any or all) subdomain(s)
         ex: telebit http none           ex: remove all https access
+
+Use cases:
+
+        Lazy man's AirDrop (works or lazy women too!)
+        Testing dev sites on a phone
+        Sharing indie music and movies with friends
 "
 
-tcp = "
+ssh = "Telebit SSH - The UNSTOPPABLE way to remote into your devices.
-usage: telebit tcp <path/port/none>
 
-'telebit tcp' is provided for seemless connectivity to legacy apps
+usage: telebit ssh <auto|port>
+
+All https traffic will be inspected to see if it looks like ssh Once enabled all traffic that looks
+
+        ssh auto                        Make ssh Just Works™ (on port 22)
+
+        ssh <port>                      forward ssh traffic to non-standard port
+        ex: telebit ssh 22              ex: explicitly forward ssh-looking packets to localhost:22
+
+
+Telebit SSH Client
+
+usage: telebit ssh <remote>
+
+This is just a shortcut for \"ssh\", with all ssh-over-https options turned on.
+
+        ssh <remote>                    Make ssh Just Work™ (over https)
+        ex: telebit ssh jon.telebit.io  ex:
+
+\"telebit help ssh-proxy\" for more info
+
+Use cases:
+
+        Access your home computer from work.
+        Access your work computer from home.
+        Good ol' fashioned screen/tmux style pair programming
+        Watching your US Netflix account while traveling in the EU (telebit help vpn)
+"
+
+ssh-proxy = "Proxying SSH over HTTPS
+
+Wrapping SSH in HTTPS makes it accessible anywhere and also makes it routable.
+Whether inside a harsh network environment or even if hindered by a poorly
+configured firewall, once wrapped in tls, ssh becomes UNSTOPPABLE.
+
+Usage:
+        telebit ssh <remote>
+
+Example:
+
+        telebit ssh jon.telebit.io
+
+It is NOT at all neccessary to use \"telebit ssh\", it's just a convenience.
+Wanna know why, and the alternatives? Keep reading!
+
+## History
+
+When TLS sends an encrypted packet over the network it begins with a handshake
+which shows the things like the tls version and the host SERVERNAME unencrypted
+so that the remote server can respond with the correct certificate.
+
+SSH was created well before TLS and has a completely different header. The good
+news is that, unlike some other early internet protocols, it does have a header
+with its name and version, but it doesn't have anything to identify the server.
+
+##  Telebit + SSH
+
+Here's why:
+
+When you're running ssh through an https tunnel (as telebit does) you
+can't just use \"ssh me.example.com\" to get in. You have to tell ssh that you
+want to use an https tunnel. Using \"telebit ssh\" as a client will specify
+all of the correct ssh options.
+
+However, when you want to connect to ssh over https, you either have to pass
+the correct arguments or modify your ~/.ssh/config to use \"openssl s_client\".
+
+We explain the different configurations below:
+
+## SSH + openssl
+
+The configuration that's most likely to work with what's already installed on
+your machine is this:
+
+        Host jon.telebit.io
+          ProxyCommand openssl s_client -quiet -connect %h:443 -servername %h
+
+Or you would call ssh directly, like this:
+
+        ssh jon.telebit.io -o ProxyCommand=\"openssl s_client -quiet -connect %h:443 -servername %h\"
+
+It's rather simple, but it looks quite daunting.
+
+## SSH + sclient
+
+Because that looks a little hairy, we created \"sclient\", so that the example
+could look a bit more digestible:
+
+        Host jon.telebit.io
+          ProxyCommand sclient %h
+
+Or
+
+        ssh jon.telebit.io -o ProxyCommand=\"sclient %h\"
+
+## Inverse SSH Tunnel (same as stunnel)
+
+The commands above instruct ssh to open a pipe into openssl or sclient. If we
+instead want to connect ssh to a local tunnel, it looks like this:
+
+        Host jon.telebit.io
+          Hostname localhost
+          Port 3000
+          HostKeyAlias jon.telebit.io
+          CheckHostIP no
+          RequestTTY force
+
+Or
+
+        ssh localhost -p 3000 -t -o CheckHostIP=no -o HostKeyAlias=jon.telebit.io
+
+## See also
+
+    telebit ftp
+    telebit vpn
+"
+
+tcp = "Telebit TCP - Seemless connectivity to LEGACY apps.
+Use 'telebit http' instead, where possible (including for ssh).
+
+usage: telebit tcp <path/port/none>
 
         tcp <local> [remote]          forward tcp to <local> from <remote>
         ex: telebit tcp 5050 6565     ex: forward tcp port 6565 locally to port 5050
@@ -71,6 +218,11 @@ usage: telebit tcp <path/port/none>
         tcp none [remote]             disable tcp access for [remote] port
         ex: telebit tcp none 6565     ex: remove access to port 6565
 
+Use cases:
+
+        Debugging plain TCP when troubleshooting a legacy app
+        You can't install a secure client (like telebit, sclient, openssl, or stunnel)
+
 See also sclient <https://telebit.cloud/sclient> for connecting to legacy apps
 with telebit-upscaled secure https access.
 "