npaste – a simple paste bin

At work, I often need to share secrets and other important information with my colleagues. We use Slack to communicate with each other, and that’s good enough for the most part. Now and then, we share secret stuff. Like, top secret. There are many paste bins on the internet that we could use, but I don’t really trust them for these things. So I created my own: npaste.

npaste is a very simple paste bin that supports both images and text. It uses GPG to encrypt pastes before they are uploaded to the server. The encryption key is appended to the URL after a hashbang on the client uploading the paste, so the server never knows about the key. In the browser, the paste is decrypted using OpenGPG.

The npaste cli client supports downloading pastes, both encrypted and non-encrypted. I haven’t spent much time perfecting the project, so contributions to it are very welcome. Let’s have a look at how it works!

Uploading text

Let’s say you have some super secret text that you’d like to share with your colleague. You store it in a file named super-secret.txt and then run the following command:

npaste --encrypt --no-archive=1 -age=1h super-secret.txt

The npaste client will do all the dirty work and return a URL (it’s also copied to the clipboard automatically):

https://paste.yourdomain.com/68678632939f75e9bbd0a4f8#e61ac5c997098e59337b653a27fcff27

By specifying the --no-archive=1 flag, you tell the server to physically delete this paste after it expires, as opposed to just archiving it. The --age=1h flag tells the server to set the expiration of the paste to one hour in the future.

Uploading images

There’s really nothing else you’d have to do if you wanted to upload an image instead. The CLI script will take care of all the dirty work, so the command is exactly the same:

npaste --encrypt --no-archive=1 -age=1h super-secret.jpg

Behind the scenes, the image will be Base64 encoded before being encrypted, and in the browser it will be decoded after being decrypted.

Downloading a paste

If someone sends you an npaste link and you’d like to download it to your computer, it’s as simple as this:

npaste --get https://paste.yourdomain.com/68678632939f75e9bbd0a4f8#e61ac5c997098e59337b653a27fcff27

The CLI script will figure out that this paste needs to be decrypted and it will store it in a file with the same name as the paste ID. You can then open it in your editor of choice to edit it.

Contributions are welcome

If you’re interested in contributing to the project, feel free to do so. It lives over on my private Gitea server:

https://src.grytoyr.io/kim/npaste/