Mar 30, 2021
Nov 18, 20215 min read
Having a disuccsion with a friend about termbin and that the only
viable improvement to the system would most probably be in/out encryption,
(src hosted at github).
Enter me, a bored coder, who decided to take on the challenge of creating an SSL clone.
Install ncat which is usually a part of the nmap package, but sometimes standalone.
Then to use the code after the server is set up and working (there is one free to use and live
at spaste.online:8888) just add:
OR use the less elegant but more portable solution if unable to install ncat:
To your .bashrc. Then source it so it works in the current session:
Then you can just run commands and pipe their output to the sp, which will return a link to the pasted content in a terminal.
The terminal paste code
This requires a valid SSL certificate for both the HTTPS server (I used vanilla Apache) and for spaste.pl itself. I used letsencrypt to generate a valid root authority verifiable certificate,
because it’s free, secure, and the setup is pretty painless. I would also recommend creating an ssl group and a spaste user to run this under (not root), just in case there are unknown security vulnerabilities, which is entirely possible since I wrote this in about 35 minutes total.
I put put the spaste repo in /var/www/spaste/ and
gave spaste.pl group perission to read from my ssl certificate and private key, and permissions to
write to the /var/www/html webserver root directory to actually create the paste files.
I would also suggest adding the following to your /etc/apache2.conf so that mime types of files without extensions are handled correctly (ex.
files containing PHP aren’t rendered incorrectly in the browser, etc).
I’ve also written a systemd script that will restart the service after any
crashes and make it startable on boot.
Update: In addition to this, as suggested by a user on Freenode, I have made spaste more secure by running a find-based rm as a cronjob every morning at 8 am removing files older than a week. This can be accomplished by adding the following to root’s
In conclusion, I don’t know if this “service” will take off, but if it does, I’m hosting it at