Show HN: SecretShare – 简单、安全的阅后即焚秘密分享命令行工具
1 分•作者: scosman•9 个月前
我构建了一个易于使用的命令行工具,用于分享密钥。最近我不得不分享大量的 API 密钥,而且看起来很奇怪,竟然没有一个简单又适合黑客的方式来完成这项工作。
整个过程大约需要 15 秒:
1. 接收者运行 `secret_share`,它会生成一个一次性公钥,接收者可以将其发送给发送者。
2. 发送者运行 `secret_share`,粘贴接收者的公钥,输入密钥,然后得到一个加密的响应,发送者可以将其发回。
3. 接收者粘贴加密的响应,即可看到密钥。
没有服务器。它使用非常标准/无聊/安全的加密方式(RSA-OAEP 和 AES-GCM)。私钥永远不会写入磁盘,并在有效载荷被解码后立即从内存中清除(每次都使用新密钥)。对于命令行工具来说,它很用户友好(清晰的消息,剪贴板集成)。你可以使用任何聊天工具,因为通信通道永远不会看到私钥。唯一的依赖是 Google 的 Go 软件包。
[https://github.com/scosman/secret_share](https://github.com/scosman/secret_share)
查看原文
I built a easy to use CLI for sharing secrets. I’ve had to share a ton of API keys lately, and it seems wild there isn’t a simple hacker friendly way to do this.<p>The whole process takes about 15 seconds:<p>1 The receiver runs secret_share and it generates a one-time public key they can send to the sender<p>2 The sender runs secret_share, pastes in the public key from the receiver, types the secret, and gets an encrypted response they can send back<p>3 The receiver pastes in the encrypted response and sees the secret<p>There’s no servers. It’s using very standard/boring/secure crypto (RSA-OAEP and AES-GCM). The private key is never written to disk and is evicted from memory as soon as the payload is decoded (new keys every time). It’s user friendly for a CLI (clear messages, clipboard integration). You can use any chat tool as the communication channel never sees the private key. Only dependencies are Google’s go packages.<p><a href="https://github.com/scosman/secret_share" rel="nofollow">https://github.com/scosman/secret_share</a>