Command line tool to securely send files (without a relay or port forwarding).
peer_1: gday send file.mp4 folder Tell your mate to run "gday get 1.n5xn8.wvqsf".
peer_2: gday get 1.n5xn8.wvqsf Transfer complete.
To run the executable directly:
- Download an executable from releases.
- Extract it (on Linux:
tar xf <file>). - Run it:
./gday
To install with cargo:
cargo install gday
To install with brew:
brew install manforowicz/tap/gday
-
No limit on the size of files and folders sent.
-
Files are sent directly, without relay servers. A server is only used to exchange socket addresses at the beginning.
-
Automatically resumes interrupted transfers. Just
gday sendthe same files, and partial downloads will be detected and resumed. -
Doesn't require port forwarding. Instead, uses TCP Hole Punching to traverse NATs. This may not work on very restrictive NATs. If that happens, enable IPv6 or move to a different network.
-
If a contact exchange server is down, just uses a different one from the default list. Or specify your own with
--server. -
Server connection encrypted with TLS and file transfer is over TCP that's end-to-end encrypted with ChaCha20Poly1305.
-
Automatically tries both IPv4 and IPv6.
-
Resistant to malicious servers impersonating your peer. Uses SPAKE2 to derive an encryption key from a shared secret.
-
No
unsafeRust in this repository.
Usage: gday [OPTIONS] <COMMAND>
Commands:
send Send files and/or directories
get Receive files
help Print this message or the help of the given subcommand(s)
Options:
-s, --server <SERVER> Use a custom gday server with this domain name
-p, --port <PORT> Connect to a custom server port
-u, --unencrypted Connect to server with TCP instead of TLS
-v, --verbosity <VERBOSITY> Verbosity. (trace, debug, info, warn, error) [default: warn]
-h, --help Print help
-V, --version Print version
| No relays | Works beyond LAN | Works through very strict NATs | No port forwarding | Encrypted | Can resume interrupted transfers | |
|---|---|---|---|---|---|---|
| gday | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ |
| magic-wormhole | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
| croc | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ |
| p2pcopy | ✅ | ✅ | ❌ | ✅ | ❌ | ❌ |
| qft | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ |
| iwant | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ |
| zget | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ |
| sharedrop | ❌ | ✅ | ✅ | ✅ | ✅ | ❌ |
| filepizza | ❌ | ✅ | ✅ | ✅ | ✅ | ❌ |
| Personal SSH or HTTPS | ✅ | ✅ | ✅ | ❌ | ✅ | ❌ |
| Personal FTP | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| Dropbox, Google Drive, etc. | ❌ | ✅ | ✅ | ✅ | ✅ | ❌ |
| Delivering a USB drive | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
Open an issue to add more projects to this list.
-
Peer A randomly generates a "room code" and a "shared secret".
-
Peer A randomly selects a gday server ID and connects to it over TLS.
-
Peer A sends its room code and its local IP address and port number to the gday server.
-
Peer A combines the server's ID, room code, and shared secret into a code of form
"1.n5xn8.wvqsf". -
Peer A tells this code to Peer B, possibly via phone call or text message.
-
Peer B also sends this room code and its local IP address and port number to the gday server.
-
The gday server sends both peers the public and local IP addresses and ports of the other peer.
-
From the same local port that they used to connect to the server, each peer tries a few times to connect over TCP to both the local and public socket addresses of the other peer.
-
Once any of the connection attempts succeeds, they use password-authenticated key exchange to derive a strong shared key from their shared secret, and use it to encrypt their TCP connection with chacha20poly1305.
-
Peer A sends Peer B a list of offered files and their sizes.
-
Peer B checks for files left over from any previous interrupted downloads, and replies with the file portions it would like to receive.
-
Peer A sends all the accepted files to Peer B, back-to-back.
- gday - Command line tool for sending files.
- gday_server - Server that lets two peers share their socket addresses.
- gday_hole_punch - Library for establishing peer-to-peer TCP connection.
- gday_file_transfer - Library for transferring files over a connection.
- gday_encryption - Library for encrypting an IO stream.
- gday_contact_exchange_protocol - Library with protocol for two peers to share their socket addresses via a server.
See CONTRIBUTING.md if you'd like to contribute to this project.