If you want to run a public OnionShare service that anyone can access and doesn't have a secret key, like if you're setting up an anonymous dropbox, then just check the "This is a public OnionShare service (disables private key)" box before starting the server, or use the -public flag on the command line. You can do that like this (in this case, running the command line version from the snap package): onionshare.cli -chat -title "retro gamerz only" Let's say you want to set up a secret chat room. The command line version, of course, works the same way. Once your friend copies and pastes the correct private key, they can access the onion site like normal and download the secret Nintendo ROM. However, it’s perfect for file-sharing as it uses end-to-end encryption and public-key cryptography to secure your files and make sure they remain private. KeyBase was originally created as a messenger app. If they don't have it then it's simply impossible to connect. KeyBase is an open-source app that you can use to transfer your files to someone for free. When your friend opens Tor Browser and pastes the address, Tor itself will pop up a little window asking for the private key. You open up an encrypted messaging app like Signal and then send both the OnionShare address and the private key. You open OnionShare, drag the file in, and start the server. For example, lets say you want to send a super secret Nintendo ROM to your friend. When you start an OnionShare service you get both, and you have to give both to the people who want to use your service. Today though, the passwords are gone! OnionShare 2.4 addresses look something like this: Īnd the private keys look something like this: K3N3N3U3BURJW46HZEZV2LZHBPKEFAGVN6DPC7TY6FHWXT7RLRAQ If you didn't have the password and guessed wrong enough times, OnionShare would detect a potential attack and shut down the service. Basically, if you load that address in Tor Browser without the username and password part, it would prompt the user to login. Check out the new version at !īefore today, OnionShare web addresses looked something like this: first part, onionshare:constrict-purity, is an HTTP basic authentication username (always 'onionshare') and random password. I'm excited to announce that OnionShare 2.4 is now out and the major change in this version is that we've completely gotten rid of passwords! Private OnionShare services are now protected using private keys (aka client authentication) on the Tor layer instead of instead of basic authentication on the HTTP layer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |