starred/termpair
1
0
Fork 0
mirror of https://github.com/cs01/termpair.git synced 2026-04-27 05:25:53 +03:00
Code Issues 1 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #71] Trying to run termpair on LAN with SSL #25

New issue
Closed
opened 2026-03-03 01:21:15 +03:00 by kerem · 2 comments
kerem commented 2026-03-03 01:21:15 +03:00
Owner
Copy link

Originally created by @OOOlledj on GitHub (Aug 1, 2021).
Original GitHub issue: https://github.com/cs01/termpair/issues/71

Describe the bug
Trying to launch termpair on on LAN (192.168.31.234 on my domestic network), not localhost (127.0.0.1) finishes with message on browser, that i can not use non-secure connection:

termpair serve -p 8000 --host 192.168.31.234

and on sharing window:

termpair share -p 8000 --host 192.168.31.234

When opening browser with link (which is HTTP) I get from sharing terminal I see next message:

image

I decided to run it on LAN, with --keyfile and --certificate options to make secure connection (it is going to set up "HTTPS", right?). So I created SSL certificate with openssl library. The key, certificate are located in /etc/httpd/httpscertificate/ folder . But when I try command:

termpair serve -p 8000 --host 192.168.31.234 --certfile /etc/httpd/httpscertificate/192.168.31.234.crt --keyfile /etc/httpd/httpscertificate/192.168.31.234.key

I receive an error:

TermPair encountered an error. If you think this is a bug, it can be reported at https://github.com/cs01/termpair/issues

Traceback (most recent call last): File "/home/ooolledj/.local/lib/python3.8/site-packages/termpair/main.py", line 140, in main run_command(args) File "/home/ooolledj/.local/lib/python3.8/site-packages/termpair/main.py", line 124, in run_command uvicorn.run( File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/main.py", line 393, in run server.run() File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/server.py", line 50, in run loop.run_until_complete(self.serve(sockets=sockets)) File "uvloop/loop.pyx", line 1494, in uvloop.loop.Loop.run_until_complete File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/server.py", line 57, in serve config.load() File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/config.py", line 284, in load self.ssl = create_ssl_context( File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/config.py", line 115, in create_ssl_context ctx.load_cert_chain(certfile, keyfile, get_password) PermissionError: [Errno 13] Permission denied

Sudo command does not help with it

sudo: termpair: command not found

I created RSA key and SSL certificate with this guide:
https://www.rosehosting.com/blog/how-to-generate-a-self-signed-ssl-certificate-on-linux/
Then I just set path to files them with --keyfile and --certfile options in termpair serve.

Expected behavior
It should accept my .key and .crt files and run termpair on LAN ip-address, which with I can use termpair share for example on my mobile phone and see and type commands

I FOUND THE SOLUTION. UPDATE:
I thought it happens because i can not input certificate password and it does not let me use It. Truly, while writing report I tried to change access to .key file:

sudo chmod a+r /etc/httpd/httpscertificate/192.168.31.234.key

After that all my termpair commands with serve, share and --keyfile, --certfile options run perfectly (you can see HTTPS connection is established):

bkm

Now the question: how can I protect my .key file from unauthorized access and still be available to run termpair on HTTPS without using chmod a+r on .key file?

Originally created by @OOOlledj on GitHub (Aug 1, 2021). Original GitHub issue: https://github.com/cs01/termpair/issues/71 <!-- Thank you for filing a bug! Please feel free to answer as much or as little of this template as you can. --> **Describe the bug** Trying to launch termpair on on LAN (192.168.31.234 on my domestic network), not localhost (127.0.0.1) finishes with message on browser, that i can not use non-secure connection: `termpair serve -p 8000 --host 192.168.31.234` and on sharing window: `termpair share -p 8000 --host 192.168.31.234` When opening **browser** with link (which is HTTP) I get from sharing terminal I see next message: ![image](https://user-images.githubusercontent.com/52776316/127775058-c0619133-b74f-4e71-aa0e-f8f0cc806fea.png) I decided to run it on LAN, with --keyfile and --certificate options to make secure connection (it is going to set up "HTTPS", right?). So I created SSL certificate with **openssl** library. The key, certificate are located in **/etc/httpd/httpscertificate/** folder . But when I try command: `termpair serve -p 8000 --host 192.168.31.234 --certfile /etc/httpd/httpscertificate/192.168.31.234.crt --keyfile /etc/httpd/httpscertificate/192.168.31.234.key` I receive an error: `TermPair encountered an error. If you think this is a bug, it can be reported at https://github.com/cs01/termpair/issues` `Traceback (most recent call last): File "/home/ooolledj/.local/lib/python3.8/site-packages/termpair/main.py", line 140, in main run_command(args) File "/home/ooolledj/.local/lib/python3.8/site-packages/termpair/main.py", line 124, in run_command uvicorn.run( File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/main.py", line 393, in run server.run() File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/server.py", line 50, in run loop.run_until_complete(self.serve(sockets=sockets)) File "uvloop/loop.pyx", line 1494, in uvloop.loop.Loop.run_until_complete File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/server.py", line 57, in serve config.load() File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/config.py", line 284, in load self.ssl = create_ssl_context( File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/config.py", line 115, in create_ssl_context ctx.load_cert_chain(certfile, keyfile, get_password) PermissionError: [Errno 13] Permission denied` Sudo command does not help with it `sudo: termpair: command not found` I created RSA key and SSL certificate with this guide: https://www.rosehosting.com/blog/how-to-generate-a-self-signed-ssl-certificate-on-linux/ Then I just set path to files them with --keyfile and --certfile options in `termpair serve`. **Expected behavior** It should accept my .key and .crt files and run termpair on LAN ip-address, which with I can use `termpair share` for example on my mobile phone and see and type commands **I FOUND THE SOLUTION. UPDATE:** I thought it happens because i can not input certificate password and it does not let me use It. Truly, while writing report I tried to change access to .key file: `sudo chmod a+r /etc/httpd/httpscertificate/192.168.31.234.key` After that all my termpair commands with **serve, share** and **--keyfile, --certfile** options run perfectly (you can see HTTPS connection is established): ![bkm](https://user-images.githubusercontent.com/52776316/127775751-839f7cc7-f317-48df-acd1-cc82480e2195.png) Now the question: how can I protect my .key file from unauthorized access and still be available to run termpair on HTTPS without using `chmod a+r` on .key file?
kerem closed this issue 2026-03-03 01:21:15 +03:00
kerem commented 2026-03-03 01:21:15 +03:00
Author
Owner
Copy link

@cs01 commented on GitHub (Aug 2, 2021):

I generated the cert and key with openssl req -newkey rsa:2048 -nodes -keyout host.key -x509 -days 365 -out host.crt. I then have permissions of

-rw-rw-r--  1  1245 Jun  2 03:03 host.crt
-rw-------  1   1704 Jun  2 03:03 host.key

where the key is only readable by me, and it works fine with TermPair. Does this setup work for you? Do you know what permissions the key had before you added a+r? It might have something to do with the directory it's in (/etc/httpd). Maybe try moving it to your home dir and trying again.

<!-- gh-comment-id:890703426 --> @cs01 commented on GitHub (Aug 2, 2021): I generated the cert and key with `openssl req -newkey rsa:2048 -nodes -keyout host.key -x509 -days 365 -out host.crt`. I then have permissions of ``` -rw-rw-r-- 1 1245 Jun 2 03:03 host.crt -rw------- 1 1704 Jun 2 03:03 host.key ``` where the key is only readable by me, and it works fine with TermPair. Does this setup work for you? Do you know what permissions the key had before you added `a+r`? It might have something to do with the directory it's in (`/etc/httpd`). Maybe try moving it to your home dir and trying again.
kerem commented 2026-03-03 01:21:16 +03:00
Author
Owner
Copy link

@OOOlledj commented on GitHub (Aug 2, 2021):

Everything works fine without any modifications on files with chmod. Certificate and keypair, created with command which you point out, were accepted without any notifications or warnings, Thank you.

Probably, there was problem with access rights on /etc/httpd folder. Permissions are the same as yours:

-rw------- 1 2484 авг 2 11:52 keypair.key
-rw-rw-r-- 1 1789 авг 2 11:53 host.crt

<!-- gh-comment-id:890861011 --> @OOOlledj commented on GitHub (Aug 2, 2021): Everything works fine without any modifications on files with `chmod`. Certificate and keypair, created with command which you point out, were accepted without any notifications or warnings, Thank you. Probably, there was problem with access rights on **/etc/httpd** folder. Permissions are the same as yours: `-rw------- 1 2484 авг 2 11:52 keypair.key` `-rw-rw-r-- 1 1789 авг 2 11:53 host.crt`
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
fix-landing-cmds
main
workspace-split
fix-sharemyclaude-url
mobile-ux-fixes
bump-v1.1.1
landing-page-refresh
readme-features
update-readme-images
bump-v1.1.0
install-script-polish
fix-s-path-routing
termpair-defaults
session-banner-text
fix-exit
session-ended-duration
status-bar
v1.0.0-bump
readme-crossref
fix-connect-info
security-fixes
banner-fixes
after-long-help
security-audit-v2
remove-skill-flag
security-hardening-audit
banner-colors-and-clean-exit
sharemyclaude-integration
fix-relative-paths-v2
public-sessions
add-static-dir
readme-diagram
v1.2.0
v1.1.1
v1.1.0
v1.0.0
v0.5.0-rc4
v0.5.0-rc3
v0.5.0-rc2
v0.5.0-rc1
v0.5.0-rc
v0.3.1.5
v0.3.1.4
v0.3.1.3
v0.3.1.2
v0.3.1.1
v0.3.1.0
v0.3.0.0
v0.2.0.0
v0.1.1.1
0.1.1.0
0.1.0.0b0
0.0.1.3
0.0.1.2
0.0.1.1
0.0.1.0
0.0.0.3
0.0.0.1
Labels
Clear labels   
good first issue

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

No labels
good first issue
help wanted
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/termpair#25
No description provided.