[HN Gopher] Transfer.sh - Easy file sharing from the command line
___________________________________________________________________
Transfer.sh - Easy file sharing from the command line
Author : thunderbong
Score : 101 points
Date : 2021-07-05 17:22 UTC (5 hours ago)
(HTM) web link (transfer.sh)
(TXT) w3m dump (transfer.sh)
| raybb wrote:
| I like transfer.sh and use it occasionally as an easy way to send
| things to friends that are on a remote server. However, I've
| realized that the upload speeds are pretty throttled to the point
| where it takes minutes for 100mb file. So I started using oshi.at
| which afaik is petty similar but faster uploads. Though, the one
| downside of oshi.at is that you can't watch mp4s in the browser
| it just starts download immediately.
|
| I look forward to seeing a CLI for wormhole.app though
| dashezup wrote:
| I used to self-host transfer.sh, but nowadays I just use WebDAV.
|
| 1. it's easy to get WebDAV running, most of HTTP server support
| it through modules. or you could run it with rclone, on non-
| standard port or behind a reverse proxy
|
| 2. I don't share upload access with others, it's only for my own
| use. and this way I don't need to deal with huge uploads or
| illegal contents.
|
| 3. I could also just curl it, the uploaded content will have
| proper mime types. It's convenient for me to share pictures and
| videos this way on Telegram because it generate previews for me,
| and it's easy to just copy-paste a link to send to more than one
| person. curl
| https://user:password@domain.tld:port/path/to/file.png -T
| file.png
|
| 4. I could use WebDAV for various other cases, such like keeweb
| instance, Orgzly (android) notes syncing, saving keepass database
| etc.
|
| Could write a simple shell script to include random characters in
| the URL, copy url to clipboard etc, such like this one I wrote
| [1]
|
| btw for plain text, I prefer to use fiche [2] a simple netcat
| based pastebin. I have a public fiche instance [3] which allow
| people to upload with bash/zsh/netcat and show webpage with
| syntax highlighting. Text usually consume very a few of storage
| and not that "sensitive" like some photos and videos could be, so
| it's less troublesome to provide a public service for that. I've
| also write a Telegram bot for easily upload to my pastebin.
|
| Lifespan of my WebDAV uploads and pastes are 1 month, it's very
| easy to clean them with crontab @daily find
| ~/webdav/tmp -mindepth 1 -maxdepth 1 -type f -ctime +30 -delete
|
| [1] https://ezup.dev/git/dotfiles/file/.local/bin/eztmp.html
|
| [2] https://github.com/solusipse/fiche
|
| [3] https://ezup.dev/p/
| jchw wrote:
| I'm a big fan of WebDAV. As a bonus, you can host tiddlywiki in
| WebDAV and it just works.
|
| The only downside as far as I can tell is WebDAV support in
| Windows Explorer has problems with modern TLS setups.
| dashezup wrote:
| Haven't use Windows for a while, on macOS I used to use NFS
| to access files on a LAN server but switched to WebDAV as
| well because it seems easier and cleaner to use WebDAV
| compare to SMB/NFS, since it does not require extra services
| or opened ports on server.
|
| Nowadays I mainly use linux distro, the main use case of
| accessing files from LAN server is watching movies or TV
| series. I just create m3u/m3u8 playlist on server and play it
| through HTTP (not necessarily use WebDAV in this case). this
| way could avoid potential troubles I could get from mounting
| a remote directory. # LAN server ls -1
| *.mp4 >playlist.m3u # computer, mpv with "save-
| position-on-quit" mpv
| http://raspberrypi.lan/path/to/playlist.m3u
| arthurcolle wrote:
| Magic Wormhole is also dank
| jimaek wrote:
| The service itself was broken for a very long time, did it become
| active again?
| somedude895 wrote:
| This looks great, but does it survive solely on donations? For me
| that's the one important piece of info missing from the page.
| bdcravens wrote:
| One of the easiest ways I've found to move a file into places
| like Heroku (think a task where you need to manually import a CSV
| using something like an app script or rake task)
| SoapSeller wrote:
| http://file.io
|
| Same, and IMO easier to remember (:
| thunderbong wrote:
| Github
|
| https://github.com/dutchcoders/transfer.sh/
| dmlittle wrote:
| From the repo:
|
| > Disclaimer
|
| > The service at https://transfersh.com is of unknown origin
| and reported as cloud malware.
| IncRnd wrote:
| This stores files for two weeks on a third-party server.
|
| What advantages for the intended use cases does transfer.sh have
| over netcat invented 26 years ago? I know some people who have
| used nc for those entire 26 years to xfer files point-to-point
| from the command line.
| UI_at_80x24 wrote:
| Netcat is seriously awesome, and still exists very much under
| the radar of a lot of people. I've used to to copy files around
| the planet, the datacenter, and the lab.
|
| It excels at doing things "right now". If I have a terminal
| window open on a server in France and one in the US; then I can
| easily move that file. However, If I have to move my body to
| the target location before I can copy the file it doesn't work
| as well. (Need to jump through a few other hoops that make it
| more challenging.)
|
| Protip: ALWAYS grab the hash of the file before you send it,
| and compare.
|
| 2nd Protip: Encrypt your file(s) before you send them.
|
| Something like this is decent for moving a file at your
| leisure, or to give a copy to somebody else at their leisure.
| nick__m wrote:
| I would like to know if there are any advantages to use nc
| instead of scp ?
| UI_at_80x24 wrote:
| You don't need an account on the target system.
|
| Target PC opens a port and starts listening (outputting to
| file)
|
| Sending machine establishes a connection to the listening
| port, and starts copying the file.
|
| Example (hide a file transfer as DNS traffic)
|
| Listening computer: nc -l -u -p 53 >
| output.file
|
| Sending computer: cat original.file > nc -u
| [destination ip address] 53
|
| In this case you'd be dumb not to encrypt the file before
| transit. And as I mentioned already make sure you have a
| hash of the original.
|
| You can also use TCP. These are sneaky/simple ways to move
| files around. Downside: You need to poke a hole in a
| firewall, but options exist for that too.
|
| ssh/scp downside: You need an account on target PC to
| connect to. nc downside: you need an open port on the
| listening PC.
| yjftsjthsd-h wrote:
| Most obviously, the same things as its disadvantages:) With
| nc, you don't have encryption or authentication, which is
| good - faster, no keys to set up, no fingerprints to accept
| - and terrible - no transport encryption, no data integrity
| verification, no access control except for at the network
| layer. Also, slight difference in how you use them: scp
| operates on files, nc on streams. But you can just pipe
| over SSH, so that's not a big difference IMO.
| kokx wrote:
| I have literally done this once with a friend of mine, transfer
| a file over netcat. It cost us about 10 minutes of figuring out
| the exact commands, and we were at the same LAN party, and thus
| had a direct network path to each others systems. With most
| consumer routers and their NAT this would be much more
| complicated. And this was with a friend with high unix
| knowledge, so not just the "I know how to paste commands from
| askubuntu" knowledge.
|
| So yeah, just being able to copy curl commands from a website
| certainly has value over configuring complicated commands.
| capableweb wrote:
| Not sure if your comment is just a re-hash of the now famous HN
| comment on the Dropbox Show HN ("Why can't you just use
| rsync/scp"), but netcat which is a unix utility shares
| basically nothing with transfer.sh which is a web based file
| sharing application. Comparing them is really apples-to-houses.
|
| Netcat has it's uses, but one of them is not guiding your
| friends and/or family through a terminal in order for them to
| receive some photos you took last summer vacation.
| kim0 wrote:
| Guess mostly nat penetration and storage for a few days
| feross wrote:
| I'll throw Wormhole.app (https://wormhole.app) into the ring as
| well.
|
| - End-to-end encrypted
|
| - Send up to 10 GB and get a share link in 1 second
|
| - Files are hosted for 24 hours so you don't have to be online at
| the same time as the receiver
|
| - There's no need to wait for your files to finish uploading
| before you can copy the link and send it to your recipient. The
| recipient can start downloading even before the files have
| finished uploading.
|
| - Browser-based, nothing to install
|
| - Uses RFC 8188, same as Firefox Send. Open source here:
| https://github.com/SocketDev/wormhole-crypto
| ChrisArchitect wrote:
| anything new here?
|
| lots of previous drama with it being declared shut down in Nov
| 2018 and then resurrected and then complaints of it being down
| again etc etc
| sparkling wrote:
| Selfhosted alternative: https://github.com/kennell/curldrop
| tptacek wrote:
| This is exactly the use case for Magic Wormhole, which is what
| the cool kids use to transfer files:
|
| https://github.com/magic-wormhole/magic-wormhole
|
| Magic Wormhole uses an end-to-end PAKE to create an encrypted
| transport between two points in the Internet, using a rendezvous
| server.
|
| It doesn't store files, which is almost never what you want; it's
| not a way to send a file and have 10 or 100 people download it.
| But it's probably the best way to get a file through a bunch of
| arbitrary network controls, NATs, &c to a desired destination.
| There's a Go implementation as well:
|
| https://github.com/psanford/wormhole-william
|
| ... which is what I use most of the time. If you haven't played
| with it, I highly recommend it.
| JackGreyhat wrote:
| This and croc. Link: https://github.com/schollz/croc
| igorhvr wrote:
| Ha - so cool. I love that it can be easily used to send a
| stream (the only thing I missed in magic-wormhole).
| Basically, ls -lah | croc send
|
| works.
|
| Thanks for this link!
| aborsy wrote:
| Considering that a small deviation from a cryptographic
| protocol could fully turn cipher text to plaintext in a
| revered tool frequently recommended in HN:
|
| https://redrocket.club/posts/croc/
|
| I would hesitate a bit before rushing to use cool kids'
| software (until it's sufficiently proven).
| tptacek wrote:
| I don't know anything about croc, I haven't looked
| carefully at it, and don't recommend it (or have any
| opinion on it). Lots of smart people have looked at Magic
| Wormhole, which is one of the things that makes it neat.
| zikduruqe wrote:
| And Eureka: https://github.com/mimoo/eureka
| cemsbr wrote:
| No, it's not. Transfer.sh does not require anything to be
| installed in both sender and receiver ends. Only the browser is
| enough.
| tptacek wrote:
| Then it's not secure.
| BerSerKer wrote:
| You seem to be missing the point. If I wanted to send a
| funny webm in a room on Discord or IRC for example, if I
| didn't want to upload it directly to Discord that is, I
| could use this with ShareX to upload it and get a link
| that's easy to share. It's not supposed to be secure. It
| has its place alongside Magic Wormhole just fine.
| tptacek wrote:
| If you want to send a funny webm, use whatever you'd
| like. The comment to which I responded to said "no, this
| isn't the same use case, because Magic Wormhole makes you
| install something". If they'd said "this isn't the same,
| it's supposed to be OK for this to be grievously
| insecure", I'd have shrugged and moved on.
| iampims wrote:
| https://webwormhole.io/
| neolog wrote:
| That's not actually related to Magic Wormhole, it's
| "inspired by" it.
| tptacek wrote:
| It's a frustrating naming decision, to be sure.
| binwiederhier wrote:
| Since we're listing alternatives, here's the one I made:
| https://nopaste.net -- It's open source and available on
| https://github.com/binwiederhier/pcopy
|
| curl usage is available via: "curl nopaste.net".
| focusgroup0 wrote:
| See also:
|
| http://0x0.st/
| jtvjan wrote:
| If we're listing file uploaders, someone made a spider to find
| them automatically:
|
| https://pomfcrawl.pythonanywhere.com/
|
| Though it hasn't ran for a few months now, many of them are
| still up.
| hn_throwaway_99 wrote:
| How do services like this handle the copyright/malware/child porn
| problem? That is, I thought the whole reason send.firefox.com
| shut down was that it became a hub for sharing illegal content
| and there wasn't a good way to filter that out. If Mozilla
| couldn't solve that issue for a free service, how can anyone
| else?
| mritzmann wrote:
| > Files stored for 14 days
|
| I think that's the reason, why this service is not very
| interesting for illegal content.
| PUSH_AX wrote:
| Illegal content is generally ephemeral regardless of where
| you host it. I don't think this changes much, it could still
| provide a good home for some illegal things.
| kwitze wrote:
| I would very much like it for people to start calling it
| immoral content more than illegal content.
___________________________________________________________________
(page generated 2021-07-05 23:00 UTC)