How can i encrypt my config?

marugabisef · October 17, 2024, 9:18pm

how can i encrypt my config?

i want to share it to my friends but without the source code (api blocks), like make the blocks only visible for me

i heard is something about a donation or ? if yes @Ruri give me your contact so i can pay it

Pure · October 17, 2024, 11:05pm

The most secure way to share configs is using the guests feature in OB2 on a server or something. That will let you authorize users to use certain configs on the OB2 instance without the config ever leaving the system. It also restricts the config editing panel so remote users can’t see inside.

I believe the donation thing you are referencing was from the earlier days. I don’t think it encrypted configs, just compiled them to standalone c# applications, If I’m remembering correctly. Even then, compiled c# programs are not inherently secure at all.

marugabisef · October 18, 2024, 5:44am

how can i learn more clearly how to setup guests? i know it is from openbullet2 web version, i tried. but the system is very dirty and i can’t understand it really. is there a thread or a page with more detailed explications?

Pure · October 18, 2024, 9:35am

You’ll need to know enough networking to know the basics of hosting an application on a server that can be reached remotely.

So, setup OB2 Web on a server you own or rent. (Would not use a personal machine)

Create whatever guest accounts you want in the guest section of OB2. Username, Password, Access timeline, even IP range if you are inclined.

In the settings part of OB2, enable Admin Login too

Open whatever port you are using in OB2 to outside traffic (Default 5000)

Some providers will require you to also make a rule in your services firewall allowing outside IP’s to access that port.

If your networking is setup correctly you should be able to connect to that OB2 web instance from any remote machine and be met with a login page instead of the normal page you are met with when starting ob2 and connecting on the local machine.

Ruri · October 21, 2024, 10:01pm

There is also the option of using ngrok or similar, so you don’t have to set up hosting.

Pure · October 22, 2024, 2:55am

The reason I don’t recommend NGrok is that it leaks host IP in headers :c

edit: at least with default settings in my tests, It has a header named NGrok-Agent-Ips that shows the host machines IP