Show HN: I made Devzat – It's like Discord but in the terminal, over SSH

> It's like discord but in the terminal, over SSH

so it's IRC?

quackduck · 3 years ago

idk, i didn't exist when IRC was the hip thing

You might wanna check it out. Things like code quotes and expand/collapse would be cool to add to an IRC client. I think some clients already support emoji as it's just UTF8?

It's common for IRC users to use IRC from a terminal client on their desktop. If they have a remote server they'll ssh into a box and use their terminal client there. They'd also use a screen session to keep their IRC client running 24/7 so they can keep receiving messages. Or they'll keep an eggdrop bot on a server somewhere, which is basically a sorta IRC proxy that they connect to from any IRC client and can keep their user online in the background.

Here's some stuff on IRC: https://github.com/ircdocs/modern-irc | https://ircv3.net/ | https://wiki.wireshark.org/IRC

Looks like there's some discord<->IRC gateways: https://github.com/sjwhitak/discord-irc-matrix https://github.com/qaisjp/go-discord-irc https://discordrc.com/

Here's some IRC stuff in Go: https://github.com/khlieng/dispatch https://github.com/ergochat/ergo https://github.com/go-irc/irc https://github.com/search?q=go+irc

zozbot234 · 3 years ago

More like a BBS partyline. IRC requires a custom client, not just a terminal connection.

raspyberr · 3 years ago

You can do IRC just with nc.

0ld · 3 years ago

i had been using telnet for irc in the 90s a lot, it doesn’t really require any custom client

josephd79 · 3 years ago

IRC 4 Life...

willis936 · 3 years ago

IRC never used SSH.

walrus01 · 3 years ago

not directly, no, but one of the most common ways to maintain a persistent IRC session is to ssh to a server somewhere (typically not on a residential or dynamic internet connection) and then run your CLI irc client like ircII, bitchx or irssi inside of a gnu screen session, or inside of tmux.

Did you know you are exposing your identity for each "permission denied" error? SSH repeatedly tries all of your public keys to authenticate. Someone was able to harvest that and figure multiple github profiles of the client in past.

LinuxBender · 3 years ago

You are right. My personal method for testing such things is to ensure I do not have any of the default keys.

  mkdir --mode=00500 -p ~/.ssh_config_backup
  rsync -avH ~/.ssh/. ~/.ssh_config_backup/.
  rm ~/.ssh/id_*

Then I generate custom keys per-site and list them in ~/.ssh/config/

  ssh-keygen -q -t rsa -b 2048 -N "" -C "test" -f ~/.ssh/.id_devzat

Then in ~/.ssh/config

  IdentitiesOnly yes
  SendEnv LANG LC_ALL
  ForwardAgent no
  ForwardX11 no
  ForwardX11Trusted no
  # [snip]
  #
  Host devzat chat
    Hostname devzat.hackclub.com
    Port 22
    User test
    IdentityFile ~/.ssh/.id_devzat
    LogLevel VERBOSE

Verbose to see debug if you are having issues.

If one needed to temporarily use the old key for a site until it is changed to a site-unique key, then

  rsync -av ~/.ssh_config_backup/id_rsa ~/.ssh/.id_somesite

Then make a note to change the key on that site and generate a site unique key.

quackduck · 3 years ago

(assuming I am malicious (which isn't really a bad thing to assume))

OrderlyTiamat · 3 years ago

huh that's... really bad. Is there some way of turning that off? grepping through the man file didn't tell me about any options.

geoah · 3 years ago

Love the fact that there are currently more people on the server than likes on this post :D

You might wanna take a look at https://github.com/charmbracelet/bubbletea ad specifically https://github.com/charmbracelet/soft-serve for v2.

IRC style commands that are only sent to the sender would also be nice as current version is a bit spammy with help and user commands.

netizen-936824 · 3 years ago

+1 for charm bracelet, those libs are great. Plus the website is amazing

idk if i wanna make this a TUI tbh, i've seen those libs before. I don't think they support output to an io.Writer / term.Terminal though

boomskats · 3 years ago

I believe https://github.com/charmbracelet/wish is the repo you're looking for!

(and also the repo the person you replied to probably meant to post)

makeworld · 3 years ago

I just get "Permission denied (publickey)". The README says to just run ssh-keygen, but I already have an RSA key. Does this server only support ed25519 or something?

colbyhub · 3 years ago

Using the following helped me join: ssh devzat.hackclub.com -p 443

... to get around my firewall!

hinkley · 3 years ago

This is your week to learn about .ssh/config files.

this is mostly a certain crypto lib's fault (maybe stdlib, let me check)

kerblang · 3 years ago

I think you are correct. Was able to get in by first doing `ssh-keygen -t ed25519` to create new private/public keys (be careful not to overwrite ssh keys that you are already using for other things!). RSA support is being phased out in various places.

ThePinion · 3 years ago

Just confirming that I had to do this first and it started working. It was originally giving me the Permission Denied (publickey) error.

Devzat will be temporarily down while I figure out some good auto-moderation

deutschew · 3 years ago

yeah it was a matter of time before people starting spamming

I would have expected some self selection: these are people from HN who know how to use SSH. Not exactly a high bar but implies some proficiency with software.

Dead Comment

anfogoat · 3 years ago

Really like this, great work! For those who aren't aware, there are more of these: ssh-chat[0][1] and sshtalk[2].

[0]: https://news.ycombinator.com/item?id=8828543

[1]: https://news.ycombinator.com/item?id=8743374

[2]: https://news.ycombinator.com/item?id=15829206

rav · 3 years ago

After living through Google Chat going down while handling a server incident at work, I created an internal, encrypted chat system in order to have an alternative in case our regular communications channel is down.

However the actual chat part of it is very barebones with a simplistic JSON-based protocol and a simplistic IRC-like interface - quite unlike devzat.

I wonder how hard it would be to untangle the authentication and transport bits from devzat and plug in our own proprietary auth/transport.

I don't think it wouldn't be hard, since there isn't really much auth (just some key and IP stuff), so you'd mainly have to add your own. Feel free to email me (my email's on my github) with updates / questions if you do decide to try it out!

adhesive_wombat · 3 years ago

Would an internal Matrix homeserver meet that need?

dsr_ · 3 years ago

Or an internal IRC server.

Or a Zulip server.

Matrix is overkill if you're never going to federate it.

exabrial · 3 years ago

make sure one's ssh-agent forwarding is off when connecting to strange hosts :)

jart · 3 years ago

Are you telling me that everyone who clones a repo from GitHub via SSH is in fact authorizing GitHub to use their private key? Why hasn't anyone made a slick web page with a catchy name like AuthBleed or SecretAgent to describe that one yet?

The default OpenSSH settings are safe. You have to explicitly whitelist servers or domains in `.ssh/config`, but if you were to blatantly blast:

Host * ForwardAgent yes

The scenario you talk about is certainly possible, especially since OpenSSH does not require a "tap" for each authorization once the agent is unlocked. (Side note: this is one thing hardware u2f keys absolutely got correct).

arsome · 3 years ago

Also make sure you're not exposing an identifying public key to a service you intended to use anonymously.

leowoo91 · 3 years ago