transfer.sh
transfer.sh copied to clipboard
Add an option to password protect a file
I think it would be awesome if we could restrict unknown users from even downloading a file (not just encryption). I think the easiest way is that if the uploader wants, he can set a password, and if the downloader wants to have that file, he should enter that password.
The 'password' is part of the URL in form of the random key, isn't it?
I guess yes, but you can guess that (although nearly impossible). You can close this and thanks for taking the time to answer my question ;).
For me the 6 characters also feel a bit short. I run an own instance of transfer.sh and set random-token-length
to 20.
So 20 lenght is default for transfer.sh?
@CodeCubeNeo
it's one of the example on the frontend:
# Encrypt files with password using gpg
$ cat /tmp/hello.txt|gpg -ac -o-|curl -X PUT --upload-file "-" https://transfer.sh/test.txt
# Download and decrypt
$ curl https://transfer.sh/FPbp5w/test.txt|gpg -o- > /tmp/hello.txt
So 20 lenght is default for transfer.sh?
No, this is what I've set for my own installation. The default is 6.
maybe change deafult to 10 or more? Just an idea.
maybe change deafult to 10 or more? Just an idea.
I will do
Great. always better to change security for the better over 4 characters (possible combos rise from 36^6 to 36^10 (36 is the number of possible characters only alphanumeric) which is quite a lot). Math is probably not right, but I still threw it there.
fixed in #162 162