Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Okay.

Step 1. Open ports on your router. It's your job to figure out which ports those may be.

Step 2. Redirect said ports to the box in question, hopefully you'll know the ip address that was assigned by your home router's DHCP

Step 3. Make sure rssh is installed.

Step 4. If rssh is not installed, please simply follow the simple instructions to get it installed for your system.

Step 4a. If it's a mac, use brew. Type brew install rssh

Step 4b. If it'a a redhat system, type yum install rssh

Step 4c. If it's an ubuntu system, type apt-get install rssh

Step 4d. If step 4b and step 4c fail, use sudo.

Step 5. Get the external facing ip address, and give it to your friend. Note that this is different than the internal address that you used in step 2.

Step 6. Create an account on your system, using rssh, and allowing sftp

Step 7. Give him the username/password

Step 8. Copy the file into his account

Step 8a. Don't forget to chmod it so he can read it.

Step 9. Tell him to get the file

Step 10. Remove the account from /etc/passwd and /etc/shadow and remove him from /etc/groups. Also delete his home directory

Step 11. Rejoice in the simplicity.



Instead you get to pip install. But pip isn't installed. easy-install pip? What's easy-install - it's not there? (brew|yum|apt-get) disttools. Forget this... download get_pip.py, run python get_pip.py... Some error about libsodium now? Where do I get gcc for Windows 10 again?

Python's greatest weakness is its packaging and distribution, and this project makes no effort to make it simple.


On the mac, you can:

brew install magic-wormhole [1]

And that covers 90% of the people that care. Granted I think you're right that software packaging and distribution is still generally broken in 2017, but that's a problem across the board. It's a problem with java, node.js, python, etc.

[1] https://github.com/warner/magic-wormhole


And that covers 90% of the people that care

Disagree. I don't know a single non-programmer with brew installed on their Mac, and non-programmers make up 90% of the people who have the most trouble copying files between two computers.


sysadmin here in MAD world using homebrew since Lion. First thing I did when I got in this morning was to pull out my personal MBP and install magic-wormhole.


And for those people there is dropbox, google drive, etc.


So, this tool is intended for users of macs who are comfortable using a shell and use `brew`, but are not comfortable with `ssh`?

I'm not even sure I see how this is much easier than ssh if you know the basics.


So... 'brew install rssh' is bad and kludgy, but 'brew install magic-wormhole' is easy and light? And hey, if you're not on a mac, you have to also install a bunch of other deps too.

You probably shouldn't have tried to pad out your steps by taking a detour into package management.


Honestly, even if I have both rssh and magic-wormhole installed already, just creating a new user that can read (some of) the filesystem is already orders of magnitudes more hassle.


Seems like you get to skip a lot of network configuration pain with magic-wormhole.


I'm not gonna argue against that. Using pip-install certainly limits our current audience to people who are comfortable with python packaging tools, which basically means python developers.

I'm hoping to get beyond that, once I get the protocol and feature set stabilized. Using something like PyInstaller or py2app to get a single-file executable will be the first step. Porting it to other languages (I've started on SPAKE2 in Rust) might help too.

FWIW, "apt install magic-wormhole" now works on Debian (stretch) and Ubuntu (zesty). Also homebrew, as mentioned before.

Quick survey: what packaged form would be most useful to you (for desktop usage.. having some kind of iOS/Android app is a whole other beast). PPA? .dmg? .exe? .msi?


A stand alone static binary that does not depend on system libraries.

Specifically, one that 'just works' on windows, and doesn't require that you open powershell and need to change into an obscure directory to use it, or have the binary sit in a folder full of DLLs to run.

In fact, ideally one you don't have to even type anything in; for example, if you can just say; grab this one file from some safe known url (eg. github), and rename it from 'magic.exe' to 'zesty-fruit-324234.exe' and run it.


FWIW, that's what the Go tools produce by default.


But pip isn't installed.

It's been bundled with Python for years now, and even if you don't have it, it's easy to get:

https://pip.pypa.io/en/latest/installing/


This is true but not completely. You will only get pip when you install the binary downloaded from python.org. On osx, people use brew, on Debian, they use apt. It is most likely only Windows people will download those binaries but actually they use Anaconda, WinPython instead


It's still very easy to install. And as of Python 3.4 it's even easier since you can 'python -m ensurepip'.


Why are the packages removing pip?


Anaconda provides its own separate package-management world, so it makes sense that it doesn't include pip. But you can always still install it.


I'm actually getting tired of package managers reinventing the wheel (literally) every time they want to install something.

In production when I deploy a django app, now I might have two libraries in different places in my system. One from the OS, and one from the pip dependency.


if only to address the dependency issue, one can rewrite the magic wormhole in go, then do cross-platform compilation and distribute the standalone binaries


UPnP could have helped with the router bits and dynamic DNS could help with the internal/external bits. https://upnp-portmapper.sourceforge.io is fun but UPnP isn't enabled everywhere reliably, and explaining how to do that + ensure it's working is probably only going to work for someone who would know what homebrew is.

AirDrop is cool in theory but works about 20% of the time for me. In 2017, the best way to send someone a large file is still to upload it somewhere then give them the link to it. https://getdropsha.re and similar stuff makes that easy enough that your non-technical relatives can use it successfully.


Okay.

The equivalents to steps 1-11 were done by the Wormhole authors when they created the rendezvous server. So yes, if you use Wormhole in SaaS mode, it's simpler, but you have to trust the rendezvous server.

Operating scp with a working ssh server is as simple as working with wormhole:

To push:

scp foobar.txt tmp@www.example.com: #equivalent to wormhole send

To pull:

scp tmp@www.example.com:foobar.txt . #equivalent to wormhole receive

To revoke access, you simply change the password, instead of deleting the user account. In fact, the steps you mention are what I already have by default on most of my machines, so there's 0% extra effort. I got rssh working in five minutes.

Steps 10/11 are my responsibility, and the only remaining step for the other developer is step 7.

Compare explaining the above two commands to explaining virtualenv and pip. On a busy public IRC channel, I'm not going to do that, I'll use scp, since it's also preinstalled on their system.

So yes, I do rejoice in the simplicity.

I commented for the benefit of those already running ssh, and who wondered how to create a similar setup to wormhole with what they have. rssh will work fine.


> but you have to trust the rendezvous server.

Do you? It seems that magic-wormhole does end-to-end encryption, and the rendezvous server acts only as a relay if one or both parties are behind NAT. So yes, you leak the two parties' IP addresses, but not the files you transfer.


You have no way to verify that the rendezvous server you're connecting to isn't playing the role of the client or server.


That doesn't make sense. The client needs the passcode to read the file, and that passcode is sent out of band. The Relay server can't simply "play the role of the client" and steal the file.


Of course, you're right. I was thinking the rendezvous server generated the key. Thanks for the correction.


You forgot "Step 4a.1" Go to brew.sh and follow the instructions to install brew.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: