Description
Paaster is a secure and user-friendly pastebin application that prioritizes privacy and simplicity. With end-to-end encryption and paste history, Paaster ensures that your pasted code remains confidential and accessible.
Paaster.io alternatives and similar software solutions
Based on the "Pastebins" category.
Alternatively, view paaster alternatives based on common mentions on social networks and blogs.
-
PrivateBin
A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. -
Sup3rS3cretMes5age
Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend -
Modern Paste
DISCONTINUED. Modern pastebin with a contemporary, minimalistic user interface backed by a robust feature set. -
cryptonote
:lock: A simple open source web application that lets users encrypt and share messages that can only be read once. -
ZeroBin
DISCONTINUED. This Project has been renamed and moved to https://github.com/PrivateBin/PrivateBin -
Phaste
DISCONTINUED. A Phalcon-based, MySQL pastebin application with privacy-respecting Piwik integration and syntax highlighting. -
localpaste
a simple python based pastebin you can run locally, with curl for input, just like clbin.com -
Linked.PM
A simple web application which encrypts your private messages (Java Script client-side encryption) and converts them into clickable links and QR-codes.
CodeRabbit: AI Code Reviews for Developers
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of Paaster.io or a related project?
README
Follow the development of our desktop client here
Paaster
Paaster is a secure by default end-to-end encrypted pastebin built with the objective of simplicity.
Preview
Features
- End to end encryption.
- Memory efficient.
- File drag & drop.
- Shortcuts.
- Paste history.
- Fast.
- Delete after view or X amount of time.
Looking to build a client for paaster?
Check out our Integration documentation
Security
What is E2EE?
E2EE or end to end encryption is a zero trust encryption methodology. When you paste code into paaster
the code is encrypted locally with a secret generated on your browser. This secret is never shared with the server & only people you share the link with can view the paste.
Can I trust a instance of paaster not hosted by me?
No. Anyone could modify the functionality of paaster
to expose your secret key to the server. We recommend using a instance you host or trust.
How are client secrets stored?
Client-sided secrets are stored in localStorage on paste creation (for paste history.) Anything else would be retrievable by the server or be overly complicated. This does make paaster
vulnerable to malicious javascript being executed, but this would require malicious javascript to be present when the svelte application is built. If this was the case you'd have bigger issues, like the module just reading all inputs & getting the plain text paste.
How are client secrets transported?
Paaster
uses URI fragments to transport secrets, according to the Mozilla foundation URI fragments aren't meant to be sent to the server. Bitwarden also has a article covering this usage here.
How are server secrets stored?
Server-sided secrets are stored in localStorage on paste creation, allowing you to modify or delete pastes later on. Server-sided secrets are generated on the server using the python secrets
module & are stored in the database using bcrypt
hashing.
Cipher
paaster
is built using the forge module, using AES-256
in CBC
mode with PKCS7
padding & PBKDF2
key derivation at 50,000
iterations. More details are located in our Integration documentation.
Shortcuts
Ctrl+V
- Paste code.Ctrl+S
- Download code as file.Ctrl+A
- Copy all code to clipboard.Ctrl+X
- Copy URL to clipboard.
Requesting features
- Open a new issue to request a feature (one issue per feature.)
What we won't add
- Paste editing.
paaster
isn't a text editor, it's a pastebin.
- Paste button.
paaster
isn't a text editor, when code is inputted it will always be automatically uploaded.
- Optional encryption.
paaster
will never have opt-in / opt-out encryption, encryption will always be present.
Setup
Production with Docker
git clone --branch Production https://github.com/WardPearce/paaster
- Configure
docker-compose.yml
- Proxy exposed ports using Nginx (or whatever reverse proxy you prefer.)
- FRONTEND_PROXIED should be the proxied address for "paaster_frontend". E.g. for paaster.io this is "https://paaster.io"
- VITE_BACKEND should be the proxied address for "paaster_starlette". E.g. for paaster.io this is "https://api.paaster.io"
sudo docker-compose build; sudo docker-compose up -d
Using Rclone
Using rclone with Docker Compose
Basically the most important part is to install fuse
, create /var/lib/docker-plugins/rclone/config
& /var/lib/docker-plugins/rclone/cache
, install the docker plugin docker plugin install rclone/docker-volume-rclone:amd64 args="-v" --alias rclone --grant-all-permissions
, configure the rclone.conf
for the storage service you want to use & then configure your docker compose to use the rclone volume. Example rclone docker compose.
Production without docker
This setup is not recommended & requires more research / knowledge.
git clone --branch Production https://github.com/WardPearce/paaster
.cd paaster-frontend
- Create
.env
VITE_NAME
- The name displayed on the website.VITE_BACKEND
- The URL of the API.
- Install nodejs
npm install
npm run build
- Serve files generated in
dist
with Nginx (or whatever reverse proxy you use.) cd paaster-backend
- Install Python 3.7+
pip3 install -r requirements.txt
- Configure
main.py
following the guide for uvicorn.
- Pass environmental variables
REDIS_HOST
REDIS_PORT
MONGO_IP
MONGO_PORT
MONGO_DB
FRONTEND_PROXIED
- The URL of the Frontend.
- Proxy port with Nginx (or whatever reverse proxy you use.)
Development
git clone https://github.com/WardPearce/paaster
.cd paaster-frontend
- Create
.env
VITE_NAME
- The name displayed on the website.VITE_BACKEND
- The URL of the API.
- Install nodejs
npm install
npm run dev
cd paaster-backend
- Pass environmental variables
REDIS_HOST
REDIS_PORT
MONGO_IP
MONGO_PORT
MONGO_DB
FRONTEND_PROXIED
- The URL of the Frontend.
- Install Python 3.7+
pip3 install -r requirements.txt
- Run main.py