IUS/once
IUS/once
8
0
Fork 0
Code Issues 6 Pull requests 1 Projects 1 Releases 6 Activity Actions
re-implementation of https://once.schlittermann.de/
328 commits 6 branches 77 tags 6.4 MiB
  • Go 83.8%
  • HTML 10.9%
  • Roff 5%
  • Makefile 0.3%
Find a file
Exact
Heiko Schlittermann dd73e99d11
Some checks failed
nagonag (Push) / nagonag (push) Failing after 3m48s
Details
Merge pull request 'Add curl-friendly file upload via PUT' (#66) from feat/43-curl-upload into master 
Reviewed-on: #66
2026-06-16 22:34:23 +02:00
.forgejo/workflows Add nagonag workflows 2026-05-24 13:34:59 +02:00
assets Add README hero and avatar assets 2026-05-24 14:22:55 +02:00
v2 Merge branch 'master' into feat/43-curl-upload 2026-06-05 18:03:22 +02:00
.gitignore Ignore vim swap files 2021-11-17 17:53:36 +01:00
.gogogo.conf go: use all lower for module name 2025-09-10 12:57:55 +02:00
.golangci.yaml go: linter wsl 2024-01-13 22:20:08 +01:00
go.sum Add README hero and avatar assets 2026-05-24 14:22:55 +02:00
LICENSE.txt Squashed commit of the following: 2025-09-10 12:20:10 +02:00
minor_patch_updates.json deps(master): update minor/patch dependencies 2026-05-24 15:38:00 +00:00
README.md Use v2 hero in top-level README 2026-05-24 15:26:51 +02:00
updates.json deps(master): update minor/patch dependencies 2026-05-24 15:38:00 +00:00
vuln_ids.txt deps(master): update minor/patch dependencies 2026-05-24 15:38:00 +00:00

README.md

Once hero

Once - download it once

Forwarding sensitive information (like account credentials) to a customer isn't always easy.

  1. Sharing the data via mail or chat as cleartext isn't secure.
  2. Sharing the data symmetrically encrypted (e.g. encrypted ZIP) needs the exchange of the shared secret in a secure manner.

In above scenarios we can't be even sure that the information wasn't accessed by an eavesdropper.

To be honest, the only perfect solution is sharing the data asymmetrically encrypted (GPG), but this is beyond the capabilities of most recipients.

How does Once work?

Via Once we share a (hard-to-guess) link with the recipient. The recipient can access that link exactly once (hence the name of the project). After accessing the link, the stored document gets deleted.

In case an eavesdropper was faster accessing the link, the real recipient can't use the link anymore and we can tell that the shared information should be considered as leaked.

Build and Install

For information about how to build and install it from the sources, please checkout the README document about the once-server.

A packaged version of the once-server is available for Debian GNU/Linux from our private Debian "sid" Repo:

wget -O - https://schlittermann.de/keys/gpg/apt.schlittermann.de/2F48BFA2AEB951E9370D3599F2E97DC20A805F65.asc | apt-keys add
echo deb http://apt.schlittermann.de/ sid main >> /etc/apt/sources.list.d/schlittermann.list
apt update
apt install once-server/sid

There are more instructions on how to proceed after install.