Remember good ol' talkd/ntalk? sshtalk is our security-minded update to the same basic idea. Modern day instant messaging applications and services are nice and all, but most if not all lack a few key ingredients that we have covered with sshtalk:
- Hand-written in x86_64 assembly language
- Multiple party text user interface
- SSH2's native Perfect-Forward-Secrecy
- Ephemeral: No archiving of user's messages
- Watch (and laugh at) your remote party's typing skills
- Full terminal-based Unicode support
- Any modern ssh client can use it
A standalone executable binary of sshtalk can be downloaded from our Products page. Please note that you will have to
chmod +x it after download.
As with all our products, sshtalk is bundled with the HeavyThing library itself. The download link for our library is in the top right of every page on our site, along with the SHA256 sum of the download itself. If you have downloaded the same version and your SHA256 does not match, it has been modified by parties other than ourselves.
To see it in action, connect straight to 2ton.com.au:
$ ssh 2ton.com.au
Running it locally for yourself is also quite straightforward, but do yourself a favour and have a read on the Security section before you get started. Note that it will use your existing
/etc/ssh/* for its host keys, such that using a normal ssh client to connect to it will still correctly retain your actual host keys. The default port it listens on is 4001, changing it requires a simple modification to
sshtalk.asm and a recompile. It does not detach itself from its controlling terminal, so if you want to run it in the background, start it this way:
$ nohup ./sshtalk >/dev/null 2>&1 &
While 100% wire-level secure, sshtalk still manages its individual user's interface, existing messages, etc. in the process' memory. What this means is that no packet-level analysis is possible, and that sniffing/tracing at the protocol level will never reveal your chats. What it also means is that anyone with sufficient privileges on the server's memory (read: /proc/kcore, /proc/[pid]/mem, gcore, etc) can examine the sshtalk process' running heap, and with some obvious difficulty, recover active/current messages. It is therefore strongly advised that if you are using this for highly sensitive information, that your host machine be equally secure to prevent such recoveries.
Also note that its
sshtalk.userdb flat file is stored in the CWD when the process starts, so it must have write permission to its CWD. It makes use of the
scrypt function for its one-way password hashing, but stores usernames and their associated buddy lists in the cleartext in this file.
When you first connect to sshtalk, you will be presented with our signature
tui_splash functionality. Any keypress during its sequence immediately takes you to the
tui_simpleauth screen where you can either enter your login details or in our case create a new user. Focus between fields can be done with tab, or it will intuitively also make use of the enter key.
Create a new user
The New User button requires tabbing to it and then using the spacebar to "press it". Many users have reported that the spacebar isn't intuitive, but recalling the olden days of text user interfaces, we are sticking to the spacebar for the time being. From here, interacting with the New User form is intuitive and simple.
Once logged in, you will be presented with the primary chat screen, buddy list, and at the bottom a
tui_statusbar object. This section describes what the far right statusbar values mean.
- C: number of current connections
- U: users connected/users total
- up: the time this connection has been alive
The Add Buddy functionality, along with its counterpart removal operates under two different states. If the Buddy List has the active input focus, and C-a (ctrl-a) is pressed, then a modal dialog will open for you to enter your buddy's name. If however you have an active chat window open and focussed, then if the remote party to your chat is not presently in your Buddy List and C-a is pressed, then it will automatically add the buddy for you without opening a dialog. If the remote party to your chat is already in your list, then again you will be presented with a modal dialog. Similar functionality exists for the Remove Buddy functionality.
To open a chat, simply press the enter key on a Buddy List entry. The Buddy List when focussed will accept Up/Dn arrows to choose a buddy. Doing so will automatically focus the newly opened chat pane. Opening multiple chats will automatically tile in the chat area, and resizing your ssh terminal is supported and recommended for more than one chat. Chat text is input as normal, noting that pasting text that contains tabs is not recommended (for obvious reasons, along with other control characters).
By default, sshtalk keeps 100 lines of overall history for any given chat. Scrolling can be done with the Up/Dn arrow keys when a chat panel has the input focus.
To close a chat, make sure that the chat you wish to close has the input focus, and then press C-w to close it. Again, other chat panes will automatically be retiled.
It is often useful to have multiparty group chatting facilities, whether for a collection of staff and/or for support scenarios. sshtalk provides a directory-free implementation of this. Directory-free simply means that there is no "room listing" feature. All parties must know the arbitrarily-chosen room name and join it accordingly. Once in a room, normal chatting procedures apply including closing the room via C-w.