Features

Quickstart

Getting otsgo from Webinstall

curl -sS https://webi.sh/ots | sh

Getting otsgo from go install

$ go install github.com/emdneto/otsgo@latest

Getting otsgo from binary

Using otsgo CLI

Overview

$ ots -hA simple CLI and API client for One-Time SecretUsage:  ots [flags]  ots [command]Available Commands:  burn        Burn a secret that has not been read yet  completion  generate the autocompletion script for the specified shell  get         Get secret, metadata or recent  help        Help about any command  login       Perform basic http auth and store credentials  share       Share or generate a random secret  status      Current status of the systemFlags:      --config string   config file (default is $HOME/.otsgo.yaml)  -h, --help            help for ots  -t, --toggle          Help message for toggle  -v, --version         Displays current versionUse "ots [command] --help" for more information about a command.

Show OTS status

$ ots statusSTATUS TIMESTAMPnominal1709507672

Share Secrets

$ ots share -hShare or generate a random secretUsage:  ots share [flags]Flags:  -f, --from-stdin          Read from stdin  -g, --generate            Generate a short, unique secret. This is useful for temporary passwords, one-time pads, salts, etc.  -h, --help                help for share  -p, --passphrase string   a string that the recipient must know to view the secret. This value is also used to encrypt the secret and is bcrypted before being stored so we only have this value in transit.  -r, --recipient string    an email address. We will send a friendly email containing the secret link (NOT the secret itself).  -s, --secret string       the secret value which is encrypted before being stored. There is a maximum length based on your plan that is enforced (1k-10k)  -t, --ttl int             the maximum amount of time, in seconds, that the secret should survive (i.e. time-to-live). Once this time expires, the secret will be deleted and not recoverable. (default 604800)

Share a generated secret

$ ots share -g

Share custom secret with ttl and passphrase

$ ots share -s hellosecret -t 300 -p hello

Share secret from file

$ cat <<EOF | ots share -f -secret: helloseret: secretEOF$ echo "hellosecret" | ots share -f

Burn secrets

$ ots burn METADATA_KEY

Get secrets, metadata and recent

$ ots get -hGet secret, metadata or recentUsage:  ots get [flags]  ots get [command]Available Commands:  meta        Retrieve secret associated metadata  recent      Retreive a list of recent metadata.  secret      Retrieve a Secret

Get secret value

$ ots get secret SECRET_KEY

Get secret metadata

$ ots get meta METADATA_KEY

Get recent secrets (requires auth)

$ ots get recentUSER                    STATE           EXPIRES                 EXPIRED METADATA                        PASSHPHRASE     CREATED                 SENT    TTL       anon                    viewed          2024-03-10 20:13:45     false   1z3bp2asyt2mo3xk0w4ddiveg0yhhor false           2024-03-03 20:13:45     []      167h58m13sdemouser12345@demo.com  received        2024-03-10 20:01:40     false   drssrmf8avh5mv8mqlj2sgvi6tsqwz9 false           2024-03-03 20:01:40     []      0s        demouser12345@demo.com  received        2024-03-10 16:17:01     false   58aqvdaqwbh2b0gx1koru0baiid894a true            2024-03-03 16:17:01     []      0s        demouser12345@demo.com  received        2024-03-10 14:57:02     false   5s3onh5cyd2e1dsa5qmsm2afq91d3g0 false           2024-03-03 14:57:02     []      0s        demouser12345@demo.com  received        2024-03-10 14:55:23     false   n28eqt08te7gl7jphjg89b7p1s1cetk true            2024-03-03 14:55:23     []      0s

Authentication

Auth with Environment Variables

$ export OTS_USER=demo; export OTS_TOKEN=xyz$ ots get recent$ ots share -g -r demo@demo.com

Store auth credentials

$ ots login -u USERNAME -p API_TOKEN$ ots get recent$ ots share -g -r demo@demo.com

Common aliases

alias oss="ots share secret"alias osgs="ots share secret -g"alias ogs="ots get secret"alias obs="ots burn secret"