scs
| Crates.io | scs |
| lib.rs | scs |
| version | 0.1.5 |
| created_at | 2023-08-01 10:07:44.761279+00 |
| updated_at | 2023-08-22 17:09:34.751351+00 |
| description | Open source p2p share for devs to share anything with teammates across machines securely. |
| homepage | https://github.com/Onboardbase/secure-share |
| repository | https://github.com/Onboardbase/secure-share |
| max_upload_size | |
| id | 931646 |
| size | 170,918 |
Baasit (Lilit0x)
documentation
README
Secure share 
Share anything with teammates across machines via CLI. Share is a tool for secure peer-to-peer connections, enabling direct communication and efficient exchange of secrets, files, and messages between machines with or without direct access to the internet.
Contents
- Dependencies
- Install
- Usage
- Recipient Info
- Storage
- Update
- Roadmap
- Contributing
- License
- Technical Details
Dependencies
bash,curl,tar: install these utilities.
Install
To use scs,
yarn add @onboardbase/secure-share # npm i @onboardbase/secure-share
Or, if you have rust on your machine:
cargo install scs
Or, using curl:
curl https://onboardbase.github.io/secure-share-sh/ | bash
Notes:
- For Windows users, please use
Git Bashor any other CLI with the Bourne Shell. - For users with Rust on their machines, ensure that
$HOME/.cargo/bindirectory is in your$PATHif you installed Rust withrustup. If not, please find the corresponding directory and add it to your$PATH. and then,
scs --help
You should get a response displaying the utilities for scs
Share anything with teammates across machines via CLI.
Usage: scs [OPTIONS] <MODE>
Arguments:
<MODE> The mode (send secrets, or receive secrets). e,g `scs send` or `scs receive`
Options:
-s, --secret <SECRET>
Separated list of secrets to share. The key-Value pair is separated by a comma. "my_key,my_value"
-m, --message <MESSAGE>
List of messages or a message string to deliver to the receiver. e,g -m "Hi there" -m "See me"
-f, --file <FILE>
List of file paths of files to deliver to the receiver. e,g -f "/path/to/file1" -f "../path/to/file2"
-r, --remote-peer-id <REMOTE_PEER_ID>
Peer ID of the remote to send secrets to
-p, --port <PORT>
Port to establish a connection on
-d, --debug...
Turn debugging information on
-h, --help
Print help
-V, --version
Print version
Usage
scs enables the transmission of secrets or messages between teammates using different machines and behind different networks. To share a secret, the sender and receiver must get scs as described above and follow the instructions below.
The receiver:
Open a terminal or cd to where scs was installed, then:
scs receive
scs starts in listen mode and assigns you a PeerId, and picks a random port to start on. (An optional -p flag is available to specify a port). A response like the one below should be displayed:
INFO Your PeerId is: 12D3KooWA768LzHMatxkjD1f9DrYW375GZJr6MHPCNEdDtHeTNRt
INFO Listening on "/ip4/172.19.192.1/tcp/54654"
INFO Listening on "/ip4/192.168.0.197/tcp/54654"
INFO Listening on "/ip4/127.0.0.1/tcp/54654"
INFO Listening on "/ip4/157.245.40.97/tcp/4001/p2p/12D3KooWDpJ7As7BWAwRMfu1VU2WCqNjvq387JEYKDBj4kx6nXTN/p2p-circuit/p2p/12D3KooWA768LzHMatxkjD1f9DrYW375GZJr6MHPCNEdDtHeTNRt"
The sender:
Obtain the PeerId of the teammate you wish to send a secret to, then:
scs send -r 12D3KooWA768LzHMatxkjD1f9DrYW375GZJr6MHPCNEdDtHeTNRt -s "hello, world"
scs will print your IP address and your PeerId.
To verify that a connection was established and your machine can talk to your teammates, you should see a similar thing below in your terminal:
INFO Your PeerId is: 12D3KooWRpqX3QUvPNHXW5utkceLbx2b1LKfuAKa3iLdXXBGB2bY
INFO Listening on "/ip4/127.0.0.1/tcp/40479"
INFO Listening on "/ip4/192.168.212.254/tcp/40479"
INFO Established connection to 12D3KooWA768LzHMatxkjD1f9DrYW375GZJr6MHPCNEdDtHeTNRt via /ip4/157.245.40.97/tcp/4001/p2p/12D3KooWDpJ7As7BWAwRMfu1VU2WCqNjvq387JEYKDBj4kx6nXTN/p2p-circuit/p2p/12D3KooWA768LzHMatxkjD1f9DrYW375GZJr6MHPCNEdDtHeTNRt
The sender then attempts to send the secret, and if it is successful, scs relays messages to both parties, notifying them of the status and the progress of the secret sharing session.
Files
scs also supports sending files:
scs send -r 12D3KooWLaLnHjKhQmB46jweVXCDKVy4AL58a4S4ZgHZGuJkzBf9 -f ../path/to/file1 -f path/to/file2
Messages
Ordinary messages can also be shared
scs send -r 12D3KooWLaLnHjKhQmB46jweVXCDKVy4AL58a4S4ZgHZGuJkzBf9 -m "hi there" -m "foo"
All three items can also be sent together.
Configuration
As of v0.0.12, scs allows a configuration file to be passed. Ports, whitelists, and items can all be configured directly instead of passing them as arguments. A sample configuration file can be found here. For example:
port: 5555 #An optional port defaults to 0 if not present
save_path: "default"
secret: # Optional during receive
- key: foo
value: bar
- key: baz
value: woo
message: # Optional during receive
- new message from me
- test message
file: # Optional during receive
- "./dev_build.sh"
debug: 1 # Compulsory. 0 is for off, and 1 and above for on
blacklists:
- 34.138.139.178
whitelists:
- 34.193.14.12
connection: trusted # or self
seed: "scsiscool"
scs receive -c ./config.yml
Or for senders:
scs send -r 12D3KooWLaLnHjKhQmB46jweVXCDKVy4AL58a4S4ZgHZGuJkzBf9 -c ./config.yml
Whitelists/Blacklists IP addresses
Whitelisting and blacklisting control traffic from specified IPs. To enable this feature, add the IP list to the config file. If no whitelist IPs are provided, all connections are allowed. However, if whitelist IPs are specified, only traffic from those addresses is permitted. Generic IPs like 127.0.0.1 (localhost) or 192.0.0.0 (firewall access points) won't work.
Signed Certificate
Receivers can configure scs to only allow connections from users using a signed certificate from the CA. or just self-signed certificates.
Add a connection: trusted or connection: self to the configuration file.
Seeds (Seed Key)
The backbone of scs is PeerId. A PeerId is a randomly generated key whenever a session is started for both the receiver and the sender. As of v0.1.3 of scs, PeerIds can now be deterministic; a single PeerId can be used for life. To do this, you need to set a "seed". The PeerId is generated concerning this seed. As long as the seed key remains the same, the PeerId will remain.
The "seed" key is a string of any length lesser than 32. But for ease and optimal configuration, we recommend 4 or 5 letter words as in the above configuration file.
Saving Peer Info
To make using scs easier after the initial setup, scs implements a simple mechanism for storing recipients' information.
After every session with a new peer, scs asks if you'll like to save the information of the connected peer. If you decide to send to that same peer, pass in the name of the peer to the -n argument like below
scs send -n dante -c config.yml
Note: For security reasons, we don't save the IP addresses of the connected peers on each machine.
To see all saved peers:
scs list
Items Storage Location
Items sent (secrets, files, and messages) are stored in the local folder on the machine. To find the saved items:
- Windows:
/c/Users/<name_of_user>/AppData/Local/onboardbase/secureshare/data - Linux:
/home/<name_of_user>/.local/share/secureshare - Mac:
/Users/<name_of_user>/Library/Application Support/com.onboardbase.secureshare
Contributing
Contributions of any kind are welcome! See the contributing guide.
Thanks goes to these contributors!
Roadmap
Protocols
- AutoNat: If you look closely,
scsassumes both peers are behind NATs, firewalls, or proxies. But sometimes, this might not be the case, and it is excessive to hole punch just for that. ImplementingAutoNatwill first check if the two peers can communicate directly. If not, it will then proceed to hole punch. With TCP, this might take about 3 to 10 seconds, and this is where QUIC comes in and improves uponscs's speed.
License
See LICENSE © Onboardbase
Technicals
The significant technical detail scs employs under the hood is P2P sharing. Below are excellent and detailed resources on P2P sharing and hole punching. Happy reading!!