SecShare is a secure file and secret sharing tool for developers, built around a CLI-first workflow. It lets you upload a file, directory, or text secret from the terminal, get a link, and send that link to another person.
The CLI command and release assets use the secshare name.
Sending secrets through Slack, Telegram, or email is easy, but it leaves sensitive data in places where it does not belong. SecShare is meant for short-lived sharing flows that are convenient from a terminal and easy to automate in scripts or CI jobs.
- CLI upload flow for files and directories.
- Text secret sharing through CLI text mode.
- Download and decrypt shared content from a link.
- Client-side AES-256-GCM encryption in the CLI.
- Linux, macOS, and Windows installer scripts.
- TTL enforcement and download-limit deletion.
Linux and macOS:
curl -fsSL https://secshare.me/install.sh | shWindows:
irm https://secshare.me/install.ps1 | iexSee Installation Guide and CLI Usage Guide.
Uninstall commands are also available in the installation guide.
Upload a file:
secshare upload ./backup.zipUpload a directory:
secshare upload ./logsShare a text secret:
secshare upload "DATABASE_URL=postgres://user:pass@example/db" --textSend expiry/download options with an upload:
secshare upload ./report.pdf --expires 1h --downloads 1Download and decrypt a shared link:
secshare get "https://secshare.me/f/<token>#<key>" ./downloadsSecShare is intended to make temporary link-based sharing safer and more convenient, but it should not be treated as an absolute security guarantee. The CLI encrypts uploaded content client-side with AES-256-GCM and puts the decryption key in the URL fragment, which is not sent to the API during normal HTTP requests.
Do not post production secrets in GitHub issues, discussions, logs, or screenshots. TTL and download-limit deletion are enforced by backend queue jobs.
This project is licensed under the Apache License 2.0. See LICENSE for details.