Secure Pastebin application – Zerobin

Zerobin - LogoIf you are a programmer or simply want to share some code/text, you may already be using Pastebin or similar application. Although it is very convenient to do so, you may share some confidential information or data you don’t want anyone to have access except you. This is where ZeroBin enter!

ZeroBin is a minimalist, opensource online pastebin application where the server has zero knowledge of hosted data. Data is encrypted/decrypted in the browser using 256 bits AES before sending to the server making it secure and ensure a certain confidentiality.

Easy to install with no SQL database need, Zerobin is fast and dead easy to use (Paste/send/share the URL). On top of ensuring the server have no knowledge of the data being stored (Useful in case of server breach or seizure), you can also set up expiration time (5 minutes, 10 minutes, 1 hour, 1 day, etc…) and even “burn after reading” to destroy the paste when read.

Zerobin - Screenshot

ZeroBin also includes a discussion feature, if you want to collaborate, discuss around your text.

Interested? Give it a try with their demo.

 

Installation

You will simply need Apache (Or other web server) with PHP 5.2.6 or above. If you don’t have them, please following my tutorial on how to install a LAMP server.

You will also need php5-gd

1) Clone their git repository in your /var/www (Or simply download their master zip)

cd /var/www
git clone git://github.com/sebsauvage/ZeroBin.git

2) Install php5-gd

In root type:

apt-get install php5-gd

3) Change ZeroBin folder’s owner to web server user (www-data)

Still in root:

chown -R www-data:www-data /var/www/ZeroBin

And that’s all!! You should now have access to your ZeroBin using HTTP://YOUR_IP/ZeroBin.

Virtualhost configuration

If you want to access to your Zerobin instance using a subdomain (More friendly, like zb.domain.tld), you can create a dedicated virtualhost (And even using SSL if you want)

You will need to:

1) Create a A redirection in your DNS server/registrar from zb.domain.tld to your IP

2) Have SSL certificate ready. If not you can read this tutorial. (Optional)

3) Create your virtualhost as following:

In /etc/apache2/sites-enabled/, create a file called zerobin (In root):

nano /etc/apache2/sites-enabled/zerobin

and paste/adapt the following content:

<VirtualHost *:80>
        ServerAdmin webmaster@domain.tld
        ServerName zb.domain.tld
        Redirect / https://zb.domain.tld

</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile /etc/ssl/certs/myblog.pem
        SSLCertificateKeyFile /etc/ssl/private/myblog.key

        ServerAdmin webmaster@domain.tld
        ServerName zb.domain.tld

        DocumentRoot /var/www/ZeroBin
        <Directory />
                Options FollowSymLinks
                AllowOverride All
        </Directory>
        <Directory /var/www/ZeroBin>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>
</IfModule>

Adapt the content (Servername, webmaster, SSL certificate and directory, …).

When done, save the file (CTRL+X then Yes) and reload apache: (In root)

/etc/init.d/apache2 reload

You should now have access in HTTPS to your ZeroBin using zb.domain.tld URL.

Gravatar

Loves to discover web-based apps to install on his own server@home and write articles about it

0 Comments:

Add a comment