LinuxCommandLibrary

croc

Securely transfer files or folders

TLDR

Send a file or directory

$ croc send [path/to/file_or_directory]
copy

Send a file or directory with a specific passphrase
$ croc send [[-c|--code]] [passphrase] [path/to/file_or_directory]
copy

Receive a file or directory on receiving machine
$ croc [passphrase]
copy

Send and connect over a custom relay
$ croc --relay [ip_to_relay] send [path/to/file_or_directory]
copy

Receive and connect over a custom relay
$ croc --relay [ip_to_relay] [passphrase]
copy

Host a croc relay on the default ports
$ croc relay
copy

Display parameters and options for a croc command
$ croc [send|relay] --help
copy

SYNOPSIS

croc [OPTIONS] [FILE | DIRECTORY]
croc send [OPTIONS] [FILE | DIRECTORY]
croc receive [OPTIONS] [CODE]
croc [OPTIONS] [CODE]

PARAMETERS

--port
    Specify the port for direct connection attempts.

--relay


    Specify a custom relay server address.

--yes
    Automatically accept incoming file transfers without prompt.

--no-compress
    Disable compression for faster transfers, but larger size.

--stdout
    Write the received file content to standard output.

--stdin
    Read content from standard input to send as a file.

--text
    Send a string as a file instead of a local file.

--code
    Specify a custom code to use for sending (e.g., 'croc send --code mysecretfile').

--overwrite
    Overwrite existing files at the destination without prompting.

--debug
    Enable debug mode for verbose output.

--remember
    Remember custom relay server and port settings for future use.

DESCRIPTION

croc is a cross-platform command-line tool for secure and simple file transfer between two computers. It allows sending and receiving files or directories with ease, even across NATs, by utilizing a relay server. Files are encrypted end-to-end using PAKE, ensuring privacy. Its primary advantage is its simplicity: a sender generates a unique code, and the receiver uses that code to initiate the transfer. It's ideal for quick, ad-hoc transfers without requiring complex setup, shared keys, or direct IP connections. It supports resuming interrupted transfers and can handle multiple files.

CAVEATS

croc relies on a public relay server by default, which might experience heavy load or be blocked in certain networks. While secure via end-to-end encryption, the shared code must be communicated securely out-of-band to prevent unauthorized access. Self-hosting a relay is possible for enhanced control and privacy.

HOW IT WORKS

croc operates using a PAKE (Password Authenticated Key Exchange) protocol, specifically PAKE/Curve25519, over a relay server. The sender initiates a transfer, and croc generates a unique, ephemeral code. This code is then shared with the receiver. Both sender and receiver connect to the relay using this code, which acts as a shared secret to establish a secure, encrypted direct connection (if possible via NAT traversal) or tunnel through the relay. The code is only used to establish the connection and derive the encryption key, not for the data itself.

HISTORY

Developed in Go by schollz (Zack Scholl), croc gained significant traction for its intuitive approach to file sharing. It emerged as a solution to simplify secure ad-hoc transfers, avoiding the complexities of traditional methods like SSH or setting up dedicated servers. Its cross-platform compatibility and CLI-first design contributed to its rapid adoption by developers and users needing quick data exchange.

SEE ALSO

scp(1), rsync(1), sftp(1), netcat(1), curl(1)

Copied to clipboard