Show HN: Shhhbb, an SSH BBS (donuts-are-good.github.io)
see it: https://asciinema.org/a/Emg6SWrXMV6cehfQxrw1GRu75
try it:
ssh -p 2223 shhhbb.com
host it: https://github.com/donuts-are-good/shhhbb/releases/latestwhy?
Every year I challenge myself in some new way, this year it is to push one project per week. You might recognize my static site generator [0] or my releaser for go [1] from previous posts as one of these weekly projects. If you want to join me in doing this, it's been a blast and I highly recommend it! Maybe we can chat on the bbs about it :)
[0] - bearclaw tiny static generator - https://github.com/donuts-are-good/bearclaw
[1] - release.sh release builder for go - https://github.com/donuts-are-good/bearclaw
need:
I'd love a few co-conspirators, or even some new friends for the bbs software or the bbs itself. A lofty nice-to-have goal is meeting a few other similarly motivated people to conspire with on a weekly basis. If that's you, drop me a line!
goals:
I have about half of an admin interface endpoint pushed up, which I'd like to finish. I realized mid-commit that I'd lacked some other material in a previous commit, and in pushing it up, I ended up pushing half the admin feature. Stay tuned for that.
I'd also like to implement a feature where I surrender the socket to a new process so I can upgrade the binary without dropping all of the connected users. I'm not sure on the feasibility of this, but all the words fit together, so it'll be tried.
53 comments
[ 3.3 ms ] story [ 116 ms ] threadhttps://donuts-are-good.github.io/shhhbb/
> debug1: Connecting to shhhbb.com [2a01:4ff:1f0:8a78::] port 2223
If I connect with `ssh 5.78.86.154 -p 2223` instead I get in fine.
Maybe either have the server listen on v6 / adjust the packet filter or stop shhhbb.com resolving its AAAA address, which is currently taking priority for me.
edit: removed the AAAA for the moment, again thank you!
One of my toy projects is building a "desktop OS" in the CLI, with its own mini apps (python), and a drawille style GUI and windowing. And ANSI color.
There's no point at all, but it's fun.
It's a shame how complicated modern computers have made stuff like drawing directly to the screen in comparison.
We had a special custom hardened shell for this. Originally it was some script that ran from sh; but the campus network of the 90s was pretty adversarial system and it was too easy to bust out of the shell. Even with the hardened shell, we booted from a read only network drive.
When we shut it down for about a year it displayed my phone number. I had some interesting calls from old faculty and researchers.
Anyway, I would not give a full shell to randos from the Internet.
(Sorry, I replied at the wrong level, but this web view won’t let my copy this message)
It was originally titled anon-chat (no affiliation) because of the way the usernames are formatted (hashed and shortened with @ sign prepended, to prevent name struggles and squatting cool names). Before pushing the project I had a moment's reflection and then hesitation that maybe I might be barking up a different tree with that name.
I took "SSH" and "BBS" and tried the associated names, and eventually settled on this one. it doesn't have a lot of bang-pow to it, but it works and it's a short .com.
https://knowyourmeme.com/memes/shh-bby-is-ok
So if you want to try it, perhaps use a separate keypair just for this service.
The username is a shortened and hashed representation of your public key, also I don't see the private key or key password, only public key. You can also run with
for added surety.Can you please elaborate why this is not a good idea?
Since you are using SSH keys, why not looking into NOSTR integration?
You are already done the basics, and adopting that protocol would help to keep this project alive since anyone can participate there with their existing account and those posts can also be seen from the outside: https://usenostr.org/
https://github.com/ptt/bbs-sshd
Of course, nowadays you can also access PTT through websocket or a web interface.
Having said that it was 20 years ago :P
From your suggestions I've come up with a short unsorted list of things I should make for us that we need. I'm going to get a nap in to think about their implementations and I'll have something to push up shortly, likely tomorrow night Monday PM
from the list:
- /exit, /quit and /? :) if you've seen chat you get it
- public api for integrations (nostr, matrix, 3rd party clients)
- TUI for buffering chat input vs output, put chat in a separate window
- comprehensive documentation for usage
- /name for username changes
- pass the socket to the next upgrade binary to upgrade the server without kicking everyone, maybe make a proxy instead.
Again, thanks to you all that I got to meet tonight, I'm thankful to share this experience with you.
The server could collect SSH public keys and use GitHub to resolve them to GitHub users to deanonymize users.
To protect yourself against this kind of problems:
1. Put this block at the end of ~/.ssh/config:
2. Use a separate private SSH key for each organization you connect to. You must create a config entry to tell OpenSSH to use it. Ex: Disclaimer: I'm the author of https://github.com/dolmen/github-keygenAnd SSHFP RRs (along with DNSSEC) would be nice to have for a public SSH service.
Be advised that a lot of them use CP438, so you might want to get your hands on a BBS client that can handle it gracefully, like Netrunner.
[0] https://www.ipingthereforeiam.com/bbs/?step=software&all=0 [1] http://www.mysticbbs.com/downloads.html
Synchronet is the big player still in this space, but I have seen some folks running some of the oldschool options such as WWIV or Citadel (never mind the AmigaNet crowd who does everything to keep the old silicon in service). Cool to see some variety popping up to keep things fresh!