CryptBoard – The tool for sharing encrypted files and text for crypto-serious
To all the crypto anarchists reading this, here is a free project that you can host on your own server, which will allow you to do some “craziness”. This tool is called CryptBoard and is nothing less than an encrypted clipboard that allows you to securely copy and paste text and files and share them between different machines.
Designed to allow for excellent anonymity, CryptBoard uses RSA + AES hybrid encryption on the client side. Thus, the client makes an anonymous authorization request to the server, and obtains a random UID from the server, and each message is encrypted in AES with a random 256-bit key.
This random AES key is then encrypted by the user’s RSA public key and sent to the server. Once the recipient receives the message from the server, they decrypt the AES key with their RSA private key, and then decode the AES-encoded message.
Users must share their UID and RSA public key via a link or QR code in order to be able to write and read, but the private key is not shared with the server or other clients.
In addition, the integrity of the public key and UID can be visually verified by inspecting the avatar generated from the hash of the public key and UID.
It may seem a bit complex when described like this (lol) but this approach solves certain problems related to file or text sharing between certain machines and VMs, or machines controlled remotely, without ever compromising on security. And since CryptoBoard comes in the form of a website, there is no need to install a tool to share secrets such as passwords.
If you want more information on encryption, click here. Its code is available on Github, so you can audit or improve it if you wish.
To install it on your machine, you will need to have Docker and follow the following procedure:
First, clone the code like this:
git clone https://github.com/MihanEntalpo/cryptboard.io.gitInstall Docker and Docker Compose if not already done. As well as Nginx.
Then create the config file like this:
cp web-app/.env.docker.example web-app/.env.dockerAnd generate the necessary private and public keys like this:
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
Do not put a passphrase
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub2 files will then be created: jwtRS256.key and jwtRS256.key.pub
Add the contents of these files to the JWT_PUBLIC_KEY and JWT_PRIVATE_KEY variables in the .env.docker file using the following commands:
LINE=$(cat ./web-app/jwtRS256.key | tr '\n' '$' | sed 's|$|\n|g;s|^|JWT_PRIVATE_KEY=|g'); sed -i "s|^JWT_PRIVATE_KEY.|$LINE|g" -i ./web-app/.env.docker LINE=$(cat ./web-app/jwtRS256.key.pub | tr '\n' '$' | sed 's|$|\n|g;s|^|JWT_PUBLIC_KEY=|g'); sed -i "s|^JWT_PUBLIC_KEY.|$LINE|g" -i ./web-app/.env.dockerSet the SERVER_HOST and SERVER_PORT variables in the .env.docker file to point to your Nginx, then create the Docker image like this:
./build-docker-images.shAnd launch the Docker Compose like this:
./docker-compose.sh up -dThen go to the URL http://127.0.0.1:PORT/ to see if everything is working properly. Next, configure Nginx as a reverse proxy for this local server and enable SSL if necessary using the conf/nginx/docker-proxypass.conf file as a template for your Docker configuration.
Make sure to set the correct hostname, proxy_pass port, location of log files, and LetsEncrypt key and certificate files.
And if you’re feeling lazy to do all of that, you can still use the tool here: https://cryptboard.io
Hello, Neat post. There is a problem with your
site in internet explorer, would test this?
IE still is the market chief and a good component to folks will leave out your excellent writing due to this problem.
My family always say that I am wasting my time here at web,
except I know I am getting knowledge daily by reading thes good posts.