-
Notifications
You must be signed in to change notification settings - Fork 21
Expand file tree
/
Copy pathhashbang.html
More file actions
76 lines (55 loc) · 2.95 KB
/
hashbang.html
File metadata and controls
76 lines (55 loc) · 2.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<!--
Hey, you found the source code!
That is a sign you hopefully know better than to blindly run unknown commands
from the internet and/or are a curious person. We like you already.
What this command will actually do, is set you up with a free "shell" account
on one of our servers, that you can use as you see fit. It will also set you
up with email, IRC, and other things on your shell, so you can keep in touch
and learn/make awesome things with us.
Don't trust us? Good! You probably don't know us (yet) so you shouldn't.
To help address this we GPG sign this shell-setup script so you can verify
it has not been changed by a third party before you run it by doing:
> gpg --verify <(curl https://hashbang.sh)
The safest method of running a script from a source you don't trust is to:
Download and verify integrity with GnuPG
> gpg --recv-keys 0xD2C4C74D8FAA96F5
> curl https://hashbang.sh | gpg -o hashbang.sh
Note that piping to sh there is dangerous:
you do not know, before gpg returns,
whether the signature is valid.
Inspect source code
> less hashbang.sh
Run
> chmod +x hashbang.sh
> ./hashbang.sh
As an advanced alternative you can bypass using this script and hit our user
provisioning API directly with an SSH Public Key and desired username:
> curl https://hashbang.sh/server/stats
{ "server.hashbang.sh": { infos ...}, ... }
> curl -d '{"user":"someuser","key":"'"$(cat ~/.ssh/id_rsa.pub)"'","host":"someHost.hashbang.sh"}' -H 'Content-Type: application/json' https://hashbang.sh/user/create
We look forward to seeing you on the other side.
Note: #! has never provided user data to any government agency.
Pay close attention to the removal of this notice.
All code licensed via MIT: https://hashbang.sh/LICENSE.md
-->
<!DOCTYPE html>
<html lang="en">
<head>
<title>‎</title>
<meta name="viewport" content="initial-scale = 1, maximum-scale=1, user-scalable = 0"/>
<meta name="apple-mobile-web-app-capable" content="yes"/>
<meta name="apple-mobile-web-app-status-bar-style" content="black"/>
<meta name="HandheldFriendly" content="true"/>
<meta name="MobileOptimized" content="320"/>
<link href="https://fonts.googleapis.com/css?family=Montserrat" rel="stylesheet" type="text/css">
<link href="/assets/local.css" rel="stylesheet" type="text/css">
<link type="image/png" rel="icon" href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQAAAAA3iMLMAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAAAmJLR0QAAd2KE6QAAAAYSURBVAjXY2CAAck+EKp/B0II9gMoGwYA4+MJkeae/NUAAAAldEVYdGRhdGU6Y3JlYXRlADIwMTQtMDUtMTdUMTM6MzI6MTMtMDQ6MDB7pieOAAAAJXRFWHRkYXRlOm1vZGlmeQAyMDE0LTA1LTE3VDEzOjMxOjQ4LTA0OjAwqyt+rwAAAABJRU5ErkJggg==">
</head>
<body>
<script src="/assets/scripts.js"></script>
<h1>#!</h1>
<a id="view-source" href="view-source:https://hashbang.sh">
<code>sh <(curl hashbang.sh | gpg)</code>
</a>
</body>
</html>