pape.rs is a featureful file sharing, URL shortening and pastebin service with support for markdown and encryption! Start uploading below or visit GitHub if you'd like to run your own instance.

oror

Currently hosting a total of 4438 pastes. View the site source on GitHub.

Does pape.rs have accounts?

Kind of, you can sign your uploads using your SSH key which allows you to later list and remove your pastes. See the CLI page for more information.

My paste expired, can I recover it?

No, paste content is removed from the server after the expiration time. You can paste using an SSH key instead with no expiration and delete them manually as an alternative to expirations.

How can I encrypt my pastes?

Encrypted pastes work similarly to zerobin and others. You can encrypt your pastes by checking the "Encrypt" checkbox, or by using the CLI if you do not trust that the web page being served to you has not been compromised (recommended).

Client-side decryption requires your paste to be encrypted using AES-256-CBC with HMAC-SHA256 and uses your browsers Crypto API to decrypt the paste. You can also easily perform this offline

Why AES-256-CBC/HMAC-SHA256?

We want to make sure we're using an authenticated encryption scheme or equivalent, which leaves us with only a handful of options:

  • AES-256-CBC/HMAC-SHA256
  • AES-256-GCM
  • ChaCha20-Poly1305

AES-256-GCM is the usual goto and what would have been preferable, but due to openssl refusing to support AEAD modes in the EVP API, we can't create a dependency free CLI with it. Instead we use AES-256-CBC with HMAC-SHA256, an Encrypt-then-MAC construction. It's a little more brittle to decrypt in the browser but It's simple to implement and has the additional nicety that it doesn't fail catastrophically with IV re-use.

Pasting, uploading files, and shortening URLs can be done with simple curl commands:

Shell
$ curl https://pape.rs --data-binary @main.cpp
$ curl https://pape.rs --data-binary @<(cat main.cpp)
$ curl https://pape.rs --data-binary "https://pape.rs/really-long-url"
$ curl https://pape.rs -F [email protected] -F [email protected]

For advanced features such as encryption and paste signing, use the pape.rs CLI:

cli

A featureful CLI for pape.rs is also available written in bash, dependent only on openssh, openssl, and curl; all of which are available on most systems. It can encrypt and sign pastes, upload files, and shorten URLs. I would encourage you to read the source as it is short and simple to verify:

installation & usage

Shell
# Install.
curl -s https://pape.rs > papers && chmod +x papers

# Uploading.
papers paste main.cpp
papers files spongebob.png
papers short 'https://pape.rs/really-long-url'

# Paste Management using SSH Signing:
papers --sign ~/.ssh/id_rsa.pub paste  main.cpp
papers --sign ~/.ssh/id_rsa.pub files  patrick.png
papers --sign ~/.ssh/id_rsa.pub delete YzK35Q
papers --sign ~/.ssh/id_rsa.pub stats  YzK35Q

# Paste Encryption
papers --encrypt files *.png

standalone encrypt

If you just want quick encryption without the full CLI you can use the following short script that uses openssl to encrypt and paste:

Shell
#!/usr/bin/env bash
set -euo pipefail

# Generate a random IV and K_1, then encrypt.
I="$(openssl rand -hex 16)"
K="$(openssl rand -hex 32)"
C=$(
    openssl enc \
        -aes-256-cbc \
        -K "$K" \
        -iv "$I" \
        -in $1 | base64
)

# Derive K_2 = SHA256(K_1) ...
M=$(echo -n "$K" | xxd -r -p | sha256sum | cut -d' ' -f1)
# ... and MAC the ciphertext.
M=$(
    echo -n "$C" |
        base64 -d |
        openssl dgst -sha256 -mac hmac -macopt hexkey:"$M" -binary |
        xxd -p |
        tr -d "\n"
)

# Submit Paste, get Paste ID.
U=$(
    echo -n "$C" | curl \
        https://pape.rs/p/ \
        -s \
        --data-urlencode @-
)

# Generate URL Fragment
F=$(echo -n "$M$I$K" | xxd -r -p | base64 -w 0)

# Construct the URL with the decryption fragment.
echo "https://pape.rs/p/$U#$F"

Login with your SSH public key to manage your pastes, or your private key to sign pastes when pasting from the browser. Please instead if you don't trust the browser (recommended).

This will store your key using local storage. This requires accepting our GDPR cookie policy. This information will not be used to identify you and is not sent to the server except to request your paste list, but never associated with your IP. You can revoke this at any time by clearing your browser's local storage.