many times I find myself in situations where I’m on some computer which is totally isolated - friends computer, completely newly installed (VM), some corporate remote desktop where I can’t install anything — and I need to transfer some information to this computer.
Ideally what I would have is:
some sort of web chat
self hosted (so that I can spin it up only when I need it, and that I can “destroy” all the data after each session)
simple URL where you specify a room name edit it (eg.: domain.com/qck-321)
on open you specify username (no other authentication)
first person who joins needs to confirm all the others (so people can’t just “drop in”)
https://chitchatter.im/ - this one is quite promising but unfortunately it failed me on first windows remote machine (probably due to some firewall rule)
I’m more that prepared to develop something my self but first I would like to check if there is really nothing out there to solve this.
Bonus question- do you have any other approach - how do you transfer (potentially sensitive) information to a “isolated” machine?
My solution for this type of situation is MicroBin running on my home network from a non-standard port, with a port knocker to open and close the port when needed.
My router handle DDNS so I can always contact my home network easily. I port-knock to trigger an iptables command on the router to forward traffic to the MicroBin host.
I also have my phone set up to connect via openvpn to my home network so that I can remotely do things like start and stop services, set port forwarding rules, etc.
Are you actually chatting with anyone or is that just your authentication?
Something like magic-wormhole (or webwormhole) seems better suited to file transfers, or onetimesecret for shorter chunks of text. Both of which are self hostable.
I don’t understand the bonus question, and there are a lot of subtlties to multi-person secure chat. Does the user agent really have to be a web browser instead of, say, an ssh terminal? What do you expect to use instead of web sockets, in a browser?
On different occasions I’ve used irc or nextcloud chat, neither of whichis ideal. Plus ytalk but that is 2-person only. There used to be fairly busy discussion on the moderncrypto.org messaging forum but I think that is quiet now.
/u/positive_intentions@lemmy.ml might be interested too.
well - I connect to WIN machine every 5years … I really don’t know compatibility of SSH on it. And i’m not planning to learn - on the other hand - browser is always there
Apart from the world of trouble you might get yourself into when doing such things on secured systems, why are you going at it in such a complicated way?
Why not simply use a self hosted file/document storage and sharing solution like Nextcloud or Pydio Cells or something like that? Reachable through standard HTTP(S), which is a lot easier to reach than most other protocols.
let’s just assume thatI know what security risks are.
now let’s follow you idea- so what would be first step? I need to keep running whole instance of nextcloud for a few minutes where I transfer data.
what would be the URL I need to access on remote machine? If it some domain with additional parameters in it - I’m trying it, and even if I do…, do I need to TYPE my username and password then? I don’t remember when I lost time type my password somewhere… not to mention that usually systems have some weird keyboard layout and I’m spending hours finding & sign on it :/ not ideal at all
I would probably use ntfy.sh for this purpose. It doesn’t quite meet all your requirements, but you could use a random channel name and get some amount of security…
You can self host it, or use the hosted version. (I know it’s technically not chat, but it works on a series of messages, it just happens to call them notifications.)
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
My solution for this type of situation is MicroBin running on my home network from a non-standard port, with a port knocker to open and close the port when needed.
My router handle DDNS so I can always contact my home network easily. I port-knock to trigger an iptables command on the router to forward traffic to the MicroBin host.
I also have my phone set up to connect via openvpn to my home network so that I can remotely do things like start and stop services, set port forwarding rules, etc.
Are you actually chatting with anyone or is that just your authentication?
Something like magic-wormhole (or webwormhole) seems better suited to file transfers, or onetimesecret for shorter chunks of text. Both of which are self hostable.
wooow nice - first relevant answer! thx
I don’t understand the bonus question, and there are a lot of subtlties to multi-person secure chat. Does the user agent really have to be a web browser instead of, say, an ssh terminal? What do you expect to use instead of web sockets, in a browser?
On different occasions I’ve used irc or nextcloud chat, neither of whichis ideal. Plus ytalk but that is 2-person only. There used to be fairly busy discussion on the moderncrypto.org messaging forum but I think that is quiet now.
/u/positive_intentions@lemmy.ml might be interested too.
well - I connect to WIN machine every 5years … I really don’t know compatibility of SSH on it. And i’m not planning to learn - on the other hand - browser is always there
Apart from the world of trouble you might get yourself into when doing such things on secured systems, why are you going at it in such a complicated way?
Why not simply use a self hosted file/document storage and sharing solution like Nextcloud or Pydio Cells or something like that? Reachable through standard HTTP(S), which is a lot easier to reach than most other protocols.
let’s just assume thatI know what security risks are.
now let’s follow you idea- so what would be first step? I need to keep running whole instance of nextcloud for a few minutes where I transfer data. what would be the URL I need to access on remote machine? If it some domain with additional parameters in it - I’m trying it, and even if I do…, do I need to TYPE my username and password then? I don’t remember when I lost time type my password somewhere… not to mention that usually systems have some weird keyboard layout and I’m spending hours finding & sign on it :/ not ideal at all
I would probably use ntfy.sh for this purpose. It doesn’t quite meet all your requirements, but you could use a random channel name and get some amount of security…
You can self host it, or use the hosted version. (I know it’s technically not chat, but it works on a series of messages, it just happens to call them notifications.)