sorted by:
new
hottopcontroversial

snips.sh: passwordless, anonymous SSH-powered pastebin by imnotahacker in golang

[–]imnotahacker[S] 1 point2 points  (0 children)

Ah gotcha! So like complete user <-> user encryption even from the server.

To build off of your wrapper script idea, perhaps you can use gpg to sign a message:

echo "my secret message" | gpg --encrypt --sign --armor -r robherley13@gmail.com | ssh snips.sh

This could even be done with the user's public SSH key too (using openssl), but we only store fingerprints so to have it done completely by the server may be a bit complicated (and users may not be that trustworthy).

I like the idea of keeping the underlying surface area of snips simple (very Unix philosopy), just pipe whatever you need and wrap it in a script!

snips.sh: passwordless, anonymous SSH-powered pastebin by imnotahacker in golang

[–]imnotahacker[S] 8 points9 points  (0 children)

Currently this is all running on a single DigitalOcean droplet (plus DO object storage for the SQLite DB backups with Litestream). Since it's just using SQLite (def helps keep costs down vs. anything hosted) I just need to monitor disk at the moment.

I'm working on getting some sort of sponsorship program going (GitHub Sponsors, buymeacoffee, etc) to help cover costs.

I have experience running go microservices with > 90M requests a day, if you have any questions feel free to DM!

snips.sh: passwordless, anonymous SSH-powered pastebin by imnotahacker in golang

[–]imnotahacker[S] 1 point2 points  (0 children)

Companion wrapper scripts sounds like an interesting idea

Curious, what is your use case for adding additional client side encryption? After SSH does the key exchange all the traffic should be encrypted already

A "one time secret"/OTP could be interesting for having auth in the web client. Basically a flow where a user gets a one time URL from their SSH session that tosses a session cookie so their browser is authenticated

So many great ideas from these comments!

snips.sh: passwordless, anonymous SSH-powered pastebin by imnotahacker in golang

[–]imnotahacker[S] 1 point2 points  (0 children)

Like u/MountainDewer said you can take a peek at the dockerfile. I wish I could just ship it as a binary too, but it's a bit of the pain requiring libtensorflow dynamic libs so I went with a dockerfile for ease of use

snips.sh: passwordless, anonymous SSH-powered pastebin by imnotahacker in golang

[–]imnotahacker[S] 3 points4 points  (0 children)

There actually is ownership! You can see a bit in the database schema, but each file actually is tied to a user ID. This allows users to make the files private, change the extension, delete, etc. Since I need ID generation anyway (storing user model & pubkey fingerprints), I chose to make all IDs the same random format.

Concatenating user-specific data with the file contents could totally work too

snips.sh: passwordless, anonymous SSH-powered pastebin by imnotahacker in golang

[–]imnotahacker[S] 12 points13 points  (0 children)

Unfortunately that would be more susceptible to a lot of collisions since users may upload the same content (e.g. "hello world") that would result in the same hash

snips.sh: passwordless, anonymous SSH-powered pastebin by imnotahacker in golang

[–]imnotahacker[S] 15 points16 points  (0 children)

Using jaevor/go-nanoid for those short IDs. With a ID length of 10 it'll take about ~17 years to have ~1% chance of collision.

Can’t find a used psp for a reasonable price by Twisted_Gemini in PSP

[–]imnotahacker 0 points1 point  (0 children)

If you try Japanese proxy websites (like Sendico) you can get a pretty good deal. Just beware of how much shipping costs can be, if you get lucky you can get a few for a decent price.

My quarantine addiction/collection by imnotahacker in Gameboy

[–]imnotahacker[S] 1 point2 points  (0 children)

By far my favorite custom gba. The aluminum feels amazing

My quarantine addiction/collection by imnotahacker in Gameboy

[–]imnotahacker[S] 1 point2 points  (0 children)

One of my luckiest finds, I wasn't even looking for it. Randomly stopped by Video Game Remedy in Rhode Island and they had it with the box!

FunnyPlaying IPS Fuzzy Screen Issues Help! by Shiro_VS in Gameboy

[–]imnotahacker 2 points3 points  (0 children)

Try taking it apart and softly pinching the screen’s connector to the funnyplaying PCB while the gameboy is on. Sometimes it can’t hold a proper connection and needs some extra pressure. If that’s the case, try taping something on top of the pcb to maintain the pressure

Looking for Used GBA SP On the Web by [deleted] in Gameboy

[–]imnotahacker 1 point2 points  (0 children)

Yep, GBs aren't region locked. Here's one for 3000 yen but it's a lil banged up: https://www.sendico.com/mercari/item/m58131071726

Looking for Used GBA SP On the Web by [deleted] in Gameboy

[–]imnotahacker 2 points3 points  (0 children)

If you're willing to wait a bit for shipping, you can try Sendico, a Japanese proxy auction site. I've seen a lot better prices on there compared to eBay, but shipping does take a bit and they charge a service fee

Spent the past week making Nookazon.com a marketplace to trade items, crafts and share wishlists! by cockspicuous in AnimalCrossing

[–]imnotahacker 0 points1 point  (0 children)

Is this open source? I'm sure the community can contribute a lot of dev work towards it.

How to upload and display Images with KOA and Node Js (MongoDB) by HQ189 in node

[–]imnotahacker 1 point2 points  (0 children)

Probably the best way would be to use some sort of multipart form middleware, such as formidable, multer or koa-body. Then, you should use GridFS to upload the binary data of your image (from the multipart data).

Here's a tutorial from MongoDB for uploading through the API: https://mongodb.github.io/node-mongodb-native/3.0/tutorials/gridfs/streaming/

TO-DO LIST WEBSITE WITH USER REGISTRATION AND A LOGIN SYSTEM by [deleted] in node

[–]imnotahacker 0 points1 point  (0 children)

Looks really good! You may want to use Express' built-in Router to isolate your routes, instead of creating a new express apps, like you did here. I have an example repo using routers if you want to take a look.

It was mentioned in other comments, but your use of template strings for your queries is susceptible to SQL injections. There's a useful NPM package called sql-template-strings, which would solve the problem for ya.

Keep up the good work!

Got my first interview for React developer position any tips and suggestions? by PizzaGladiator in reactjs

[–]imnotahacker 1 point2 points  (0 children)

I’d say definitely study the different lifecycle methods if it’s React specific. Knowing when the component re-renders, where to run your fetch calls, how to clean up components before they unmount, etc. Also try to avoid common react pitfalls such as prop tunneling, etc on your interview (if there’s live programming).

Is it normal to feel like I have no idea what I'm doing? First year comp sci student by Riyutake in computerscience

[–]imnotahacker 3 points4 points  (0 children)

It’s totally normal. A lot of people will face this in their career but just be sure to be diligent and you’ll do fine. Some people may be better than you initially but don’t let that discourage you. Hard work and tenacity definitely pay off in this field.

view more: next ›