many times I find myself in situations where I’m on some computer which is totally isolated - friends computer, completely newly installed (VM), some corporate remote desktop where I can’t install anything — and I need to transfer some information to this computer.
Ideally what I would have is:
some sort of web chat
self hosted (so that I can spin it up only when I need it, and that I can “destroy” all the data after each session)
simple URL where you specify a room name edit it (eg.: domain.com/qck-321)
on open you specify username (no other authentication)
first person who joins needs to confirm all the others (so people can’t just “drop in”)
https://chitchatter.im/ - this one is quite promising but unfortunately it failed me on first windows remote machine (probably due to some firewall rule)
I’m more that prepared to develop something my self but first I would like to check if there is really nothing out there to solve this.
Bonus question- do you have any other approach - how do you transfer (potentially sensitive) information to a “isolated” machine?
Apart from the world of trouble you might get yourself into when doing such things on secured systems, why are you going at it in such a complicated way?
Why not simply use a self hosted file/document storage and sharing solution like Nextcloud or Pydio Cells or something like that? Reachable through standard HTTP(S), which is a lot easier to reach than most other protocols.
let’s just assume thatI know what security risks are.
now let’s follow you idea- so what would be first step? I need to keep running whole instance of nextcloud for a few minutes where I transfer data.
what would be the URL I need to access on remote machine? If it some domain with additional parameters in it - I’m trying it, and even if I do.., do I need to TYPE my username and password then? I don’t remember when I lost time type my password somewhere… not to mention that usually systems have some weird keyboard layout and I’m spending hours finding & sign on it :/ not ideal at all
I would probably use ntfy.sh for this purpose. It doesn’t quite meet all your requirements, but you could use a random channel name and get some amount of security…
You can self host it, or use the hosted version. (I know it’s technically not chat, but it works on a series of messages, it just happens to call them notifications.)
I don't understand the bonus question, and there are a lot of subtlties to multi-person secure chat. Does the user agent really have to be a web browser instead of, say, an ssh terminal? What do you expect to use instead of web sockets, in a browser?
On different occasions I've used irc or nextcloud chat, neither of whichis ideal. Plus ytalk but that is 2-person only. There used to be fairly busy discussion on the moderncrypto.org messaging forum but I think that is quiet now.
well - I connect to WIN machine every 5years … I really don’t know compatibility of SSH on it. And i’m not planning to learn - on the other hand - browser is always there
Might not tick all boxes, but etherpad may be a nice alternative for you. It's more like a collaborative note taking thing, but gets the job done if you're not too concerned about encryption and hide the server behind a simple HTTP authentication.
I don't have a concrete suggestion for your use case, but IM doesn't seem like the most intuitive tool for this? If you're going to transfer files or data from one computer to another that is physically in the same room, maybe try a local network transfer instead of opening up an advanced web server with all kinds of moving parts?
I'd look at something like Sharedrop and see if there are alternatives that will offer a browser-based interface.
Are you actually chatting with anyone or is that just your authentication?
Something like magic-wormhole (or webwormhole) seems better suited to file transfers, or onetimesecret for shorter chunks of text. Both of which are self hostable.
My solution for this type of situation is MicroBin running on my home network from a non-standard port, with a port knocker to open and close the port when needed.
My router handle DDNS so I can always contact my home network easily. I port-knock to trigger an iptables command on the router to forward traffic to the MicroBin host.
I also have my phone set up to connect via openvpn to my home network so that I can remotely do things like start and stop services, set port forwarding rules, etc.