Initial commit

Author: GH05TCREW

.github/workflows/release.yml

@@ -0,0 +1,76 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+permissions:
+  contents: write
+
+jobs:
+  build:
+    name: Build binaries
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        include:
+          - os: windows-latest
+            goos: windows
+            goarch: amd64
+            output: shellshare-windows-amd64.exe
+          - os: ubuntu-latest
+            goos: linux
+            goarch: amd64
+            output: shellshare-linux-amd64
+          - os: macos-latest
+            goos: darwin
+            goarch: amd64
+            output: shellshare-darwin-amd64
+          - os: macos-latest
+            goos: darwin
+            goarch: arm64
+            output: shellshare-darwin-arm64
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.21'
+
+      - name: Download dependencies
+        run: go mod download
+
+      - name: Build binary
+        env:
+          GOOS: ${{ matrix.goos }}
+          GOARCH: ${{ matrix.goarch }}
+        run: go build -o ${{ matrix.output }} ./cmd/shellshare
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ matrix.output }}
+          path: ${{ matrix.output }}
+
+  release:
+    name: Create release
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Download all artifacts
+        uses: actions/download-artifact@v4
+        with:
+          path: binaries
+
+      - name: Create release
+        uses: softprops/action-gh-release@v1
+        with:
+          files: binaries/**/*
+          draft: false
+          prerelease: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,38 @@
+# Binaries
+shellshare
+shellshare.exe
+bin/
+*.exe
+*.dll
+*.so
+*.dylib
+
+# Test binary
+*.test
+
+# Output of go coverage tool
+*.out
+
+# Go workspace file
+go.work
+
+# Build cache
+.gocache/
+
+# Session recordings
+*.log
+session.log
+
+# Config files (user-specific)
+config.toml
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# OS
+.DS_Store
+Thumbs.db

LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Masic
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,140 @@
+# ShellShare
+
+Terminal sharing with end-to-end encryption. Host a shell session, guests connect and view in real-time.
+
+## Features
+
+- End-to-end encryption (Curve25519 key exchange, AES-GCM)
+- Direct P2P connections with relay fallback
+- Read-only guests by default, host can grant write access
+- Session recording to file
+- Port forwarding through encrypted channel
+- Cross-platform: Windows (ConPTY), Linux, macOS (PTY)
+- Self-hosted signaling server
+- Single static binary
+
+## Installation
+
+```bash
+git clone https://github.com/GH05TCREW/shellshare
+cd shellshare
+go build -o shellshare cmd/shellshare/main.go
+```
+
+## Usage
+
+### Start signaling server
+
+```bash
+shellshare serve --addr :7777
+```
+
+### Host a session
+
+```bash
+shellshare host --server ws://localhost:7777/ws
+```
+
+Prints session ID and join command. Session is read-only by default.
+
+Options:
+- `--allow-write` - Allow guests to type
+- `--name <name>` - Set host name
+- `--record <file>` - Record session to file
+- `--forward-target <host:port>` - Expose local service to guests
+- `--session <id>` - Use custom session ID
+
+### Join a session
+
+```bash
+shellshare guest <session-id> --server ws://localhost:7777/ws
+```
+
+Options:
+- `--user <name>` - Set guest name
+- `--forward-listen <:port>` - Access host's forwarded service locally
+
+### List sessions
+
+```bash
+shellshare list --server ws://localhost:7777/ws
+```
+
+### Host commands
+
+Type these in the host terminal:
+- `/grant <user|*>` - Grant write access
+- `/revoke <user|*>` - Revoke write access
+- `/who` - List connected guests
+- `/quit` - End session
+
+## Configuration
+
+Optional `~/.shellshare/config.toml`:
+
+```toml
+[server]
+signaling_url = "ws://localhost:7777/ws"
+
+[security]
+auto_approve_guests = false
+fingerprint_verification = true
+session_timeout = 3600
+
+[display]
+show_join_notifications = true
+color_scheme = "auto"
+```
+
+Environment variables:
+- `SHELLSHARE_SIGNALING_URL`
+- `SHELLSHARE_NAME`
+- `SHELLSHARE_ALLOW_WRITE`
+- `SHELLSHARE_READ_ONLY`
+
+## How it works
+
+1. Host and guests connect to signaling server via WebSocket
+2. Curve25519 key exchange establishes shared secret per guest
+3. Host attempts direct TCP connection to each guest
+4. Falls back to relay through signaling server if direct fails
+5. Terminal data encrypted with AES-GCM before transmission
+6. Server cannot decrypt traffic (end-to-end encryption)
+
+## Port forwarding
+
+Host exposes a local service:
+```bash
+shellshare host --forward-target localhost:8080
+```
+
+Guest accesses it:
+```bash
+shellshare guest <session-id> --forward-listen :8080
+# Now localhost:8080 on guest connects to host's service
+```
+
+## Session recording
+
+Host records all output:
+```bash
+shellshare host --record session.log
+```
+
+Replay:
+```bash
+cat session.log
+```
+
+## Security
+
+- Each guest gets unique encryption key
+- Signaling server only routes encrypted envelopes
+- Fingerprint verification on connection
+- Host controls write permissions per guest
+- No plaintext transmission
+
+## License
+
+MIT
+