[PR #74] [MERGED] require aes key to connect in browser #79

New issue

Closed

opened 2026-03-03 01:21:31 +03:00 by kerem · 0 comments

kerem commented 2026-03-03 01:21:31 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/cs01/termpair/pull/74
Author: @cs01
Created: 8/7/2021
Status: ✅ Merged
Merged: 8/7/2021
Merged by: @cs01

Base: master ← Head: cs01/require-aes-key

---

📝 Commits (2)

• 60057cf use bootstrap key when connecting
• 89e248b allow user to enter encryption key via webpage

📊 Changes

9 files changed (+222 additions, -234 deletions)

View changed files

📝 CHANGELOG.md (+2 -2)
📝 README.md (+8 -6)
📝 docs/termpair_architecture.excalidraw (+30 -30)
📝 docs/termpair_architecture.png (+0 -0)
📝 termpair/encryption.py (+0 -1)
📝 termpair/frontend_src/src/App.tsx (+103 -70)
📝 termpair/frontend_src/src/encryption.tsx (+8 -58)
📝 termpair/frontend_src/src/events.tsx (+3 -10)
📝 termpair/share.py (+68 -57)

📄 Description

• I have added an entry to CHANGELOG.md

Summary of changes

In recent PR https://github.com/cs01/termpair/pull/70, termpair was changed so that the only info someone needed to connect via a browser was the terminal ID, not the AES key as before. It used public key encryption to securely obtain the AES keys. The terminal ID is 128 bits, so it would be extremely difficult for someone to guess a terminal id. While no plaintext data is exposed to the server, the id is known by the server, which makes for a trivial attack vector (log the terminal id being issued, and go to the corresponding url to obtain the keys). This scheme was never published to PyPI, only the master branch of this repo.

This PR removes the public key encryption and replaces it with a third AES key: a "bootstrap" key for the other two. This third key is provided via the url hash as before, so the terminal id is not sufficient to gain access to the session. Upon initial websocket connection, the broadcasting terminal encrypts the other two AES keys with the bootstrap key before sending over the wire.

In addition to embedding in the URL, users can also enter the base-64 encoded key via an input in the webpage.

Test plan

Tested by running

> nox -s broadcast 
nox > Running session broadcast
nox > Re-using existing virtual environment at .nox/broadcast.
Note: Frontend must be built for this to work
nox > python -m pip install -e .
nox > termpair share
--------------------------------------------------------------------------------
Connection established with end-to-end encryption 🔒

Shareable link: http://localhost:8000/?terminal_id=c5954a19358d629fd211fe89d6d40b29#S+lD9KRerCWbkc2YWy4bYA==

Terminal ID: c5954a19358d629fd211fe89d6d40b29
Secret encryption key: S+lD9KRerCWbkc2YWy4bYA==
TermPair Server URL: http://localhost:8000/

Type 'exit' or close terminal to stop sharing.
--------------------------------------------------------------------------------

(note the new Secret encryption key)

fyi @colmmacc @ignoramous

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/cs01/termpair/pull/74 **Author:** [@cs01](https://github.com/cs01) **Created:** 8/7/2021 **Status:** ✅ Merged **Merged:** 8/7/2021 **Merged by:** [@cs01](https://github.com/cs01) **Base:** `master` ← **Head:** `cs01/require-aes-key` --- ### 📝 Commits (2) - [`60057cf`](https://github.com/cs01/termpair/commit/60057cf433b6572b5dd213d4454eb5038672370b) use bootstrap key when connecting - [`89e248b`](https://github.com/cs01/termpair/commit/89e248bc5a01a9fbaf5455faee245771f4b1823e) allow user to enter encryption key via webpage ### 📊 Changes **9 files changed** (+222 additions, -234 deletions) <details> <summary>View changed files</summary> 📝 `CHANGELOG.md` (+2 -2) 📝 `README.md` (+8 -6) 📝 `docs/termpair_architecture.excalidraw` (+30 -30) 📝 `docs/termpair_architecture.png` (+0 -0) 📝 `termpair/encryption.py` (+0 -1) 📝 `termpair/frontend_src/src/App.tsx` (+103 -70) 📝 `termpair/frontend_src/src/encryption.tsx` (+8 -58) 📝 `termpair/frontend_src/src/events.tsx` (+3 -10) 📝 `termpair/share.py` (+68 -57) </details> ### 📄 Description <!-- add an 'x' in the brackets below --> * [x] I have added an entry to `CHANGELOG.md` ## Summary of changes In recent PR https://github.com/cs01/termpair/pull/70, termpair was changed so that the only info someone needed to connect via a browser was the terminal ID, not the AES key as before. It used public key encryption to securely obtain the AES keys. The terminal ID is 128 bits, so it would be extremely difficult for someone to guess a terminal id. While no plaintext data is exposed to the server, the id is known by the server, which makes for a trivial attack vector (log the terminal id being issued, and go to the corresponding url to obtain the keys). This scheme was never published to PyPI, only the master branch of this repo. This PR removes the public key encryption and replaces it with a third AES key: a "bootstrap" key for the other two. This third key is provided via the url hash as before, so the terminal id is not sufficient to gain access to the session. Upon initial websocket connection, the broadcasting terminal encrypts the other two AES keys with the bootstrap key before sending over the wire. In addition to embedding in the URL, users can also enter the base-64 encoded key via an input in the webpage. ## Test plan <!-- provide evidence of testing, preferably with command(s) that can be copy+pasted by others --> Tested by running ``` > nox -s broadcast nox > Running session broadcast nox > Re-using existing virtual environment at .nox/broadcast. Note: Frontend must be built for this to work nox > python -m pip install -e . nox > termpair share -------------------------------------------------------------------------------- Connection established with end-to-end encryption 🔒 Shareable link: http://localhost:8000/?terminal_id=c5954a19358d629fd211fe89d6d40b29#S+lD9KRerCWbkc2YWy4bYA== Terminal ID: c5954a19358d629fd211fe89d6d40b29 Secret encryption key: S+lD9KRerCWbkc2YWy4bYA== TermPair Server URL: http://localhost:8000/ Type 'exit' or close terminal to stop sharing. -------------------------------------------------------------------------------- ``` (note the new `Secret encryption key`) fyi @colmmacc @ignoramous --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-03-03 01:21:31 +03:00

• closed this issue
• added the
  pull-request
  label

kerem referenced this issue 2026-03-03 01:21:33 +03:00

[PR #79] [MERGED] add workflow to build executable #84

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

fix-landing-cmds

main

workspace-split

fix-sharemyclaude-url

mobile-ux-fixes

bump-v1.1.1

landing-page-refresh

readme-features

update-readme-images

bump-v1.1.0

install-script-polish

fix-s-path-routing

termpair-defaults

session-banner-text

fix-exit

session-ended-duration

status-bar

v1.0.0-bump

readme-crossref

fix-connect-info

security-fixes

banner-fixes

after-long-help

security-audit-v2

remove-skill-flag

security-hardening-audit

banner-colors-and-clean-exit

sharemyclaude-integration

fix-relative-paths-v2

public-sessions

add-static-dir

readme-diagram

v1.2.0

v1.1.1

v1.1.0

v1.0.0

v0.5.0-rc4

v0.5.0-rc3

v0.5.0-rc2

v0.5.0-rc1

v0.5.0-rc

v0.3.1.5

v0.3.1.4

v0.3.1.3

v0.3.1.2

v0.3.1.1

v0.3.1.0

v0.3.0.0

v0.2.0.0

v0.1.1.1

0.1.1.0

0.1.0.0b0

0.0.1.3

0.0.1.2

0.0.1.1

0.0.1.0

0.0.0.3

0.0.0.1

Labels

Clear labels   

good first issue

  

help wanted

  

pull-request

Mirrored from GitHub Pull Request

No labels

good first issue

help wanted

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/termpair#79

No description provided.