Locally, DashKite uses the file .dashkite to manage your profile. CLI commands that access private resources require your profile. Your .dashkite profile is a YAML file structured like this:
profile:
publicKey: 6ovGwDUSNRgV2RvTONsw6JBU2kCZA379ELrsS3/ojQo=
device:
privateKey: Q8kehMPhEWxyoP3MlbX9LAIMCeO9YRSekzTdFWRQqsY=
publicKey: a5xasUsJTcQ5w0UwERNb98TOUHw5e+grUVym+jq1aD4=
Your profile public-key serves to anonymously identify and reference your profile. Private data is encrypted using the corresponding private-key, but it is not stored directly.
To safely make your profile private-key available to multiple devices, each device is assigned a device key-pair. The device public-key is used to identify the device and authorize requests to the DashKite API, while the device private-key is used to encrypt the profile private key before storing it with the API.
Using this scheme, the device private-key never leaves your device, and the profile private-key is only ever stored in an encrypted form. Therefore, if you delete .dashkite, you lose access to your profile private key and your authorization to access private resources.
npm install dashkite -g
This gives you the command-line executable dash
$ dash profile add david
[dash] warn: no credentials found in /Users/david/desktop-test or its direct ancestors.
[dash] warn: creating profile...
[dash] info: saving credentials in /Users/david/desktop-test/.dashkite
[dash] info: saving new profile with DashKite API...
[dash] info: new profile ready
[dash] info: updating profile with nickname...
[dash] info: profile nickname updated to david
###
## Start from a new device we'd like to name "phone"
###
$ dash profile link david
[dash] info: fetching test public key
[dash] info: saving profile public key in local profile
$ dash device add phone
[dash] info: using profile from [/Users/david/phone-test]
[dash] warn: no device key has been yet assigned for this device
[dash] info: updating profile with provisional device...
[dash] info: provisional device saved with profile
[dash] info: saving device key-pair to local .dashkite profile...
[dash] info: device key pair added
[dash] info: use an already authorized device to complete this device's authorization
###
## On first "device"
###
$ dash device authorize phone
[dash] info: using profile from [/Users/david/desktop-test]
[dash] info: fetching provisional device info...
[dash] info: encrypting profile private key for new device
[dash] info: authorizing device "phone"...
[dash] info: success
[dash] info: use the below PIN to complete the authorization on the new device
[dash] info: PIN: R1B1xA
###
## Back to the second "device"
###
$ dash device pin R1B1xA
[dash] info: using profile from [/Users/david/phone-test]
[dash] info: decrypting profile private key from old device
[dash] info: encrypting profile private key for phone
[dash] info: completing device authorization...
[dash] info: success
[dash] info: this device is now fully authorized and ready to use
###
## This assumes you already have a profile setup
###
$ dash post add 'Hello World!'
[dash] info: using profile from [/Users/david/desktop-test]
[dash] info: posting update...
[dash] info: success
###
## You can also post from files using stdin, including newline characters
###
$ echo "Hello, from stdin" > foo.txt
$ echo "We can write multiple lines here, too." >> foo.txt
$ dash post add < foo.txt
[dash] info: using profile from [/Users/david/desktop-test]
[dash] info: posting update...
[dash] info: success
###
## We can read these posts, newest first
###
$ dash post list david
[dash] info: looking for posts from "david"...
---
Hello, from stdin
We can write multiple lines here, too.
---
Hello World!
---
###
## To view anyone else's posts, just put their profile name in this command.
###
dash profile add [profile-name]
This command allows you to create a new DashKite profile or update the name of an existing profile. Your profile is stored within a file named .dashkite. If it cannot be found in your working directory or its ancestors, one is automatically generated and saved in your current working directory. See Your DashKite Profile for more information.
If you already have a profile, add will update your profile's name. Names must be unique, so this command will fail if you choose a name that conflicts with a name someone else picked.
dash profile link [profile-name]
This command allows you to link a new device with an existing profile. You cannot use this command if you already have a .dashkite file. link takes the profile name you provide, looks up the public key for that profile, and creates a .dashkite stub. You then need to go through the new device flow to authorize this device.
dash device add [device-name]
This command allows you to add a new device to your profile. This merely places a request with your profile from a new device, and is part of a larger new device flow.
dash device authorize [device-name]
This command authorizes a new device, requested via dash device add. It is part of the new device flow. You use authorize from an already-authorized device. It uses its access to the profile private key to encrypt a copy for the new device with asymmetric encryption.
This command grants temporary authorization to the new device's public device key, allowing it to access the API, but without access to the profile private key to access private data. It returns a 6-character PIN to be used with the new device to complete the authorization flow. You have 3 minutes to enter this PIN before re-submitting authorization.
dash device pin [device-PIN]
This command completes the new device flow. You get a PIN when using dash device authorize. Using this PIN allows the API to permanently authorize the new device, retrieve the encrypted profile private key, and replace it with a copy only the new device can decrypt.
After completing the new device flow, the device is ready and has full access to the profile.
dash device delete [device-name]
This command causes the profile to forget the target device. The public key entry is deleted, including the encrypted copy of the profile private key, denying the device access to both the API and any private data.
dash post add [text] dash post add < [file]
This command creates a DashKite post attributed to your profile. You may either input the content directly on the commandline, or pipe in a file. New-line characters are maintained.
dash post list [profile name]
This command lists out the posts from the target profile in reverse chronological order. Because DashKite posts are public, you may use this command without a .dashkite profile and see the posts from any profile you specify.
dash post delete [post ID]
This is a WIP command to delete a target post. It is functional, but there is currently no way to view a post's ID in the CLI tool.
FAQs
CLI for DashKite - social media with strong privacy
The npm package dashkite receives a total of 0 weekly downloads. As such, dashkite popularity was classified as not popular.
We found that dashkite demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.