This looks cool, but if the author is here, I wish they would actually explain the security rather than just citing AES-GCM, which doesn't really explain the security design.<p>How is the key material established, exactly? How is it rotated? How is it protected when stored? The answers to these questions are a lot more relevant to understanding the security of this application than citing which encryption mode is being used.
for fans of tmux, I'm partial towards tmate[0], instant tmux session sharing over ssh, optionally through a relay<p>refs: [0]<a href="https://tmate.io" rel="nofollow">https://tmate.io</a>
I like to use SSH and GNU screen(1) to do follow-the-leader sharing of a screen session. There's probably a tmux equivalent.<p><a href="https://www.endpoint.com/blog/2009/09/24/gnu-screen-follow-leader" rel="nofollow">https://www.endpoint.com/blog/2009/09/24/gnu-screen-follow-l...</a>
Back in my day we used to use kibitz (from the expect package)...<p><a href="https://linux.die.net/man/1/kibitz" rel="nofollow">https://linux.die.net/man/1/kibitz</a><p><a href="https://opensource.apple.com/source/tcl/tcl-20/tcl_ext/expect/expect/example/kibitz.auto.html" rel="nofollow">https://opensource.apple.com/source/tcl/tcl-20/tcl_ext/expec...</a><p>Not bad for 415 lines of code.
Project devs: Consider using CPACE (a password-authenticated key exchange) which is in the process of being standardized by IETF.<p><a href="https://github.com/jedisct1/cpace" rel="nofollow">https://github.com/jedisct1/cpace</a>