展示HN:SecretShare – 简单、安全的一次性秘密分享命令行工具
我开发了一个易于使用的命令行工具,用于共享秘密。最近我需要分享大量的API密钥,感觉没有一个简单且适合黑客的方式来做到这一点实在太疯狂了。
整个过程大约需要15秒钟:
1. 接收方运行`secret_share`,生成一个一次性公钥,可以发送给发送方。
2. 发送方运行`secret_share`,粘贴接收方的公钥,输入秘密,然后获得一个可以发送回去的加密响应。
3. 接收方粘贴加密响应,查看秘密。
这个过程不需要服务器。它使用非常标准/普通/安全的加密技术(RSA-OAEP和AES-GCM)。私钥从未写入磁盘,并在有效负载解码后立即从内存中移除(每次都生成新密钥)。对于命令行工具来说,它非常用户友好(信息清晰,支持剪贴板集成)。你可以使用任何聊天工具作为通信渠道,因为私钥从未被传输。唯一的依赖是谷歌的Go语言包。
<a href="https://github.com/scosman/secret_share" rel="nofollow">https://github.com/scosman/secret_share</a>
查看原文
I built a easy to use CLI for sharing secrets. I’ve had to share a ton of API keys lately, and it seems wild there isn’t a simple hacker friendly way to do this.<p>The whole process takes about 15 seconds:<p>1 The receiver runs secret_share and it generates a one-time public key they can send to the sender<p>2 The sender runs secret_share, pastes in the public key from the receiver, types the secret, and gets an encrypted response they can send back<p>3 The receiver pastes in the encrypted response and sees the secret<p>There’s no servers. It’s using very standard/boring/secure crypto (RSA-OAEP and AES-GCM). The private key is never written to disk and is evicted from memory as soon as the payload is decoded (new keys every time). It’s user friendly for a CLI (clear messages, clipboard integration). You can use any chat tool as the communication channel never sees the private key. Only dependencies are Google’s go packages.<p><a href="https://github.com/scosman/secret_share" rel="nofollow">https://github.com/scosman/secret_share</a>