[HN Gopher] Devzat - Chat over SSH, with some nice quality-of-li...
___________________________________________________________________
Devzat - Chat over SSH, with some nice quality-of-life features
Author : humanperhaps
Score : 405 points
Date : 2024-07-18 17:58 UTC (1 days ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| rwmj wrote:
| I wonder if you could do something similar with an ssh account
| which is hard-wired to run 'ytalk'
| (https://en.wikipedia.org/wiki/Talk_(software)).
| codazoda wrote:
| Probably. See my comment (and example repo) elsewhere about
| running any old binary when someone connects.
| Borg3 wrote:
| Or you can just run IRC client on start. Just trap SIGINT and
| SIGTSTP, run simple or modified client that cannot do exec or
| escape to shell and you are done :)
| jagged-chisel wrote:
| Spoiler: set the user's shell to any old binary, like a chat
| app.
| semi-extrinsic wrote:
| Or in the authorized_keys file, prepend the public key with
| a specified command. This is then the only command that the
| user can execute when logging in with that particular key.
| To wit: command="/usr/bin/foo" ssh-ed25519
| AAAA....
| titaniumtown wrote:
| i had no idea about that, thank you!
| kijin wrote:
| I suppose this will also lock the user out of sftp and
| scp? Because otherwise they might be able to edit the
| authorized_keys file and run any command.
| gerdesj wrote:
| "I suppose this will also lock the user out of sftp and
| scp?"
|
| No it wont! The specified command might provide sftp,
| scp, telnet or stream a film.
| fragmede wrote:
| I stream a film at funky.nondeterministic.computer on
| port 22
| rovr138 wrote:
| hah
|
| made me laugh
| fragmede wrote:
| I'd recommend using https://github.com/gliderlabs/ssh
| instead, no chance of some shell escape that way.
| quackduck wrote:
| I use a fork of that!
| yu3zhou4 wrote:
| There was a beginner friendly machine to hack on HackTheBox where
| you had to hack a Devzat instance
| quackduck wrote:
| a devzat regular made that!
| styczen wrote:
| Normal talk in unices system can do that.
|
| Irc have exange data between server and minimalize data trafic.
|
| still irc is better, but meybe in future
| Joker_vD wrote:
| There was also `write` [0]. It would literally parse /etc/utmp
| [1] to find out which terminal the recepient user was logged
| on, then it would open that terminal and write(2) the message
| to it. Ah, wonderful user isolation.
|
| [0] https://man.cat-v.org/unix-6th/1/write
|
| [1] https://man.cat-v.org/unix-6th/5/utmp
| riedel wrote:
| I still use posix write [1] if there is an incident and i
| want to talk to the other admins that all try to fix sth.
| Quite funf AS the younger ones are always Quote puzzled and
| feel caught...
|
| [1] https://manpages.org/write
| codazoda wrote:
| I experimented with writing a shell replacement a while back.
| Turns out you can just run any old program. Here's and example
| "hello world" shell replacement written in Go.
|
| https://github.com/codazoda/goshell
| jagged-chisel wrote:
| > Turns out you can just run any old program.
|
| It's amazing how simple some things are. Similarly, an HTTP
| server can also run any old binary in response to an incoming
| request. As long as it produces output that looks like an HTTP
| response, the client will receive that response.
| steve1977 wrote:
| good old cgi
| mro_name wrote:
| but nginx or caddy can't run CGIs, they want scalability to
| the billions.
|
| Disclaimer: I build a personal social web server
| https://seppo.social like that on top of shared (apache)
| hosting requiring no root privileges to install and run.
|
| Or with a few lines of sh you can turn many cli tools to web
| services like https://qr.mro.name/
| languagehacker wrote:
| I'd be curious whether there's any security concerns on this one.
| Could an attacker craft a message that gets access to execute
| commands into a client terminal?
| freedomben wrote:
| Yeah, though SSH is already very mature at processing text, so
| it's a surprisingly good fit for a chat. I would also remember
| that any machine you SSH from is going to give the server some
| metadata like IP address, public keys (which aren't useful as
| creds but can be for tracking). Really fun little project
| though
| tjoff wrote:
| SSH might be, but maybe not your terminal. Which the very
| least can possibly trick you using escape codes. Also, unless
| my memory fails me 'cat'ing an untrusted file isn't
| recommended for security reasons.
|
| Additionally you should disable SSH forwarding. Relevant
| thread from the startup selling coffee over SSH:
| https://news.ycombinator.com/item?id=40227624
| qudat wrote:
| This is not sshd, this is a golang binary that uses the stdlib
| ssh lib. You would have to either a) figure out how to escape
| out of a golang binary, or b) if the go code executes shell
| commands with some user provided text, trying to shell inject
| something in there.
| cwillu wrote:
| Or convince the ssh daemon to pass on terminal escape codes
| to another user.
|
| https://nvd.nist.gov/vuln/detail/CVE-2021-33477
| quackduck wrote:
| whoa
| raggi wrote:
| yup, not an extensive list, but further demonstrative:
| - terminal emulators are not security hardened clients
| against malicious actors - ssh lacks PKI and is
| inconvenient so users never do prekeying in practice, so
| it's TOFU / zero server assertion in most practical cases
| (i.e. easy to mitm) - ssh channel features are a
| constant concern, for server resources and for client
| features like agents, agents are easy to disable -
| most ssh implementations don't scale that well, it wasn't
| ever really a goal to do so - there are few tools for
| auditing and monitoring, unlike the common
| protocols/services/clients
|
| fun for toys, but i wouldn't put credit card details in
| there, unlike some streamers started doing lately.
| cwillu wrote:
| ssh definitely supports PKI, it's just not the standard
| workflow for individuals ssh-keygen
| (1): ssh-keygen supports signing of keys
| to produce certificates that may be used for user or host
| authentication. Certificates consist of a public
| key, some identity information, zero or more principal
| (user or host) names and a set of options that
| are signed by a Certification Authority (CA) key.
| Clients or servers may then trust only the CA
| key and verify its signature on a certificate rather than
| trusting many user/host keys. Note that OpenSSH
| certificates are a different, and much simpler, format to
| the X.509 certificates used in ssl(8)
| raggi wrote:
| I'm not talking about supporting public key cryptography,
| I'm talking about having a specific and usable deployment
| of a PKI. The closest thing SSH has is SSHFP, which
| depends on DNSSEC, which is according to many opinions,
| DOA.
| password4321 wrote:
| TIL about PKIX-SSH, OpenSSH + X.509.
|
| https://gitlab.com/secsh/pkixssh
|
| http://tech.ciges.net/blog/openssh-
| with-x509-certificates-ho...
|
| Right now I'd stick with something like Gravitational
| Teleport (overkill); Warpgate may become the perfect fit
| for this niche soon.
|
| https://github.com/warp-tech/warpgate
|
| It's also worth knowing about SSH clients that can use
| X.509 certificate keys as normal pre-shared keys with any
| SSH server, like PuttyCAC and built-in for macOS High
| Sierra and later.
|
| https://www.idmanagement.gov/implement/scl-ssh/
| zie wrote:
| OpenBAO and Hashicorp Vault also have built-in support
| for SSH certs:
| https://openbao.org/docs/secrets/ssh/signed-ssh-
| certificates...
| anilakar wrote:
| PKI, with I in bold quotation marks.
|
| While it supports serial numbers, expiration dates and
| key revocation lists, it does not allow certificate
| chaining. That means whoever signs keys for end users has
| implicit access to the master key.
| phoyd wrote:
| I'm also interested. Setting up a passwordless SSH account for
| some public service sounds like a good way to give your machine
| away to North Korean hackers, because you forgot to set
| someting in /etc/sshd to "no".
|
| Is there a usable description somewhere on how to do this
| safely?
| quackduck wrote:
| i'd be interested in seeing that. here its ok because it
| doesnt use sshd at all
| queuebert wrote:
| So it's using a new stack that hasn't been vetted like
| OpenSSH? I'd rather use OpenSSH + LibreSSL for this
| application.
| fragmede wrote:
| https://news.ycombinator.com/item?id=41002245
| Tepix wrote:
| You may not want the chat server owner to know which public ssh
| key you are using for privacy reasons.
|
| Workaround: Specify another ssh keypair
| codetrotter wrote:
| See also: ssh-chat by shazow from ~10 years ago written in Go
| ssh chat.shazow.net
|
| The most amazing part is perhaps the fact that this one is still
| around, 10 years later! Try it yourself and you'll see :)
|
| Discussion at the time:
|
| https://news.ycombinator.com/item?id=8743374
|
| Source code in GitHub repo here:
|
| https://github.com/shazow/ssh-chat
| quackduck wrote:
| ssh-chat sort of inspired devzat. here's the story: I used to
| live in dubai at the time and for some odd dns reasons I could
| never actually join ssh-chat, but it acted as proof that ssh
| chats are possible, and so I decided to make my own version of
| it. then I moved to the us and was actually able to use both
| ssh-chat and devzat.
| codetrotter wrote:
| That's so cool and nice :D
|
| Any idea what we could do to allow all of the people still in
| Dubai to join chats over ssh too?
| nojs wrote:
| > odd dns reasons
|
| I would love to hear more about this
| freedomben wrote:
| Cool, the source code is amazingly readable. Also love the sense
| of humor :-D such as
| https://github.com/quackduck/devzat/blob/main/commands.go#L1...
| knodi wrote:
| When I read this comment, thought good readability it's got to
| be Go
| Aeolun wrote:
| The readability might be nice, but the way files are
| structured makes no sense to me.
|
| In PHP/Typescript there's always a direct correspondence
| between imports and file locations, but Go baffles me.
| cdelsolar wrote:
| why is this downvoted?
| danslo wrote:
| I appear to have crashed the server with "tic 999", sorry guys!
| quackduck wrote:
| that wasn't it but yeah lol
| ipsum2 wrote:
| Doesn't seem to be working, the chat is frozen and I can't type
| anything.
| evbogue wrote:
| Same here, seems to have crashed.
| quackduck wrote:
| working on bringing it back, hold on
| evbogue wrote:
| Cool. Hanging!
| nedpat wrote:
| This is actually cool!
|
| But unless I'm missing something, what's the difference between
| this and IRC?
| plussed_reader wrote:
| The in-network effect.
| quackduck wrote:
| hmm? whats that
| plussed_reader wrote:
| The market force that currently propels whatsapp.
| jasonjayr wrote:
| As a gentle reminder, if you are forwarding your ssh-agent by
| default, you should connect with: ssh -o
| 'ForwardAgent no' $host
|
| So your secure identities are not exposed to a random ssh server
| ...
| Aeolun wrote:
| Forwarding your agent by default (to all hosts!) sounds like a
| terrible idea.
| qudat wrote:
| Pretty neat! We implemented something similar with an IRC chat
| app (senpai) in our SSH app (pico.sh). After the user creates an
| account, it lets users connect to our public IRC bouncer with a
| single command (`ssh pico.sh -t chat`).
|
| ref: https://pico.sh/irc
| quackduck wrote:
| so sorry for it being down right now. hn hug of death is real
| xyst wrote:
| Guess it's only useful as a toy :)
| quackduck wrote:
| I just have a really shit server
| mro_name wrote:
| which is great for human scale! Don't serve billions and
| burn the planet doing so.
| bjoli wrote:
| Or the person never expected more than a couple of hundred
| concurrent users and dimensioned the container or whatever
| after that.
|
| I once wrote a similar chat, but much much worse in many
| ways, that could easily handle thousands of concurrent users,
| but hosted it on a 1mbit residential line. When Slashdot hit
| it I stood no chance.
| humanperhaps wrote:
| Didn't think about that when posting - my bad
| quackduck wrote:
| oh nonono thanks for posting lol
| humanperhaps wrote:
| Amazing project, by the way!
| xyst wrote:
| Is this working for anybody else?
|
| I created a throwaway ed25519 key, reconfigured ssh config, and
| tried to connect with 'ssh chat'
|
| Nothing loads. 'ssh -v chat' isn't helpful either. ping and nc
| (on both 22 and 443) show the server (or load balancer) is
| accessible for me.
|
| Maybe a "hnfp DoS" (hacker news front page DoS)?
| n2e wrote:
| Have you tried connecting with the actual hostname directly
| instead of an alias?
|
| Edit: nvm the author said it's down
| quackduck wrote:
| back up now!
| localfirst wrote:
| what sort of server resource usage is this like right now as you
| are getting a ton of traffic?
|
| also noticed that people were able to run commands but permission
| denied. that kinda freaked me out. eventually somebody is going
| to figure out how to escape the go binary
| quackduck wrote:
| im not worried at all :)
| tcsenpai wrote:
| If you want to use my server, it might be a little more powerful
| than the current one. I would self host but to be honest I'd
| prefer helping out with the main instance. In case, I am here
| tempestlxc wrote:
| Chatting via SSH has given me a lot of insights. Thank you.
| callwhendone wrote:
| ssh: connect to host devzat.hackclub.com port 22: Connection
| refused
|
| PORT STATE SERVICE
|
| 22/tcp closed ssh
|
| Nmap done: 1 IP address (1 host up) scanned in 1.18 seconds
|
| ----
|
| overloaded?
| 1vuio0pswjnm7 wrote:
| https://man.netbsd.org/authpf.8
|
| https://man.openbsd.org/authpf
| lynx23 wrote:
| Related: Does anyone by chance know how to configure an
| "anonymous" ssh account that always runs the same program? This
| would be great for making text mode games available to everyone
| without needing to support different platforms, now that windows
| actually ships with ssh.
| fragmede wrote:
| customize https://github.com/gliderlabs/ssh
|
| I use it for funky.nondeterministic.computer
| lynx23 wrote:
| Thanks for the link! However, I will not touch the Google
| programming language.
| fragmede wrote:
| your loss. fwiw, It's not run by Google any more
| cdelsolar wrote:
| lol
| quackduck wrote:
| you can configure sshd to run any random executable when a user
| connects
| SushiHippie wrote:
| Wouldn't it be possible to just change the shell via 'chsh' or
| editing /etc/passwd to point to the text mode game for a
| particular user
| hiAndrewQuinn wrote:
| I have a Raspberry Pi running a read-only server where some
| friends and I have a "poor man's IRC" chat, in that we all log in
| from Termux and post messages to one another using `wall`. It's
| absolutely ridiculous and I love it.
| thejosh wrote:
| It's one of those things that if you need to ask why, you'll
| never understand :-)
| _joel wrote:
| Yea, came here to say, what about wall! :)
| complaintdept wrote:
| Install `finger` and you've practically got a social media
| platform.
| kouru225 wrote:
| I'm trying to google finger and all I get is fingerprint
| software
| LawnGnome wrote:
| https://en.wikipedia.org/wiki/Finger_(protocol)
|
| An old, old Internet protocol that was used to get
| information on a user, and could be used by users to post
| updates from their .plan files. Essentially plaintext
| social media for people with Internet connections in the
| 80s and (early-ish) 90s.
| mercutio2 wrote:
| I had that "oh crap, I'm old" moment when my initial
| reaction was "what? You've never heard of finger?!" and
| then I remembered I last used it in the late 90s.
|
| I'm glad your reaction was to assist the young folks. :)
| whartung wrote:
| Famous for enabling one of the very early Internet Worms.
|
| https://en.m.wikipedia.org/wiki/Morris_worm
| queuebert wrote:
| .plan was the original status update.
| complaintdept wrote:
| Indeed, I wish there was something like it today with a
| modern design. Like a DHT with your public key fingerprint
| as a lookup. Anyone who 'follows' your .plan also hosts it
| as a torrent. You 'approve' followers by signing your .plan
| file with their pubkey, or for a fully public .plan, just
| sign with your private. Blah blah blah decentralized
| cypherpunk social media utopia.
| rakoo wrote:
| That's basically what ssb or dat are
| complaintdept wrote:
| Thank you! I hadn't heard of either of these.
| anacrolix wrote:
| Oh man, I've been working on this stuff for years. End
| users just don't care. Devs just reinvent the wheel in
| dumbass languages. The tech for this stuff has existed
| for 15 years, there's nothing to invent. It's ready now.
|
| https://github.com/anacrolix/btlink
| https://github.com/anacrolix/dht
| aa-jv wrote:
| This is great, now we just need a way to host it on our mobile
| phones.
| Tepix wrote:
| Looks like ascii colors aren't being filtered correctly.. which
| is a pretty big issue. White on white isn't very readable... :-)
| quackduck wrote:
| this sounds like a terminal thing. what terminal are you on.
| ingen0s wrote:
| This makes my list for top of the year, nice work.
| sdsd wrote:
| I love stuff like this. I made a widget for MacOS where you can
| see incoming |hi messages sent to your Urbit, as a kind of poor
| man's p2p chat. But I didn't add a feature to _send_ hi messages,
| so you still need a CLI for that.
|
| You can see what it looks like here:
| https://www.youtube.com/watch?v=_bAx4Jx39jE&t=384s
|
| (it's the widget in the bottom right of the screen)
___________________________________________________________________
(page generated 2024-07-19 23:08 UTC)