Sysadmin & Infrastructure

Secure File Transfer on Locked-Down Servers

Bypassing restrictions using pure POSIX shell and OpenSSL.

If you have spent enough time managing production environments, you have likely encountered the scenario: you are connected via SSH to a locked-down server, and you need to extract a large log file, a database dump, or a configuration archive. The problem? The server has no build tools, no Go runtime, no Python, and no root access to install standard utilities like rsync or scp. Additionally, the environment mounts directories with the noexec flag, preventing you from bringing your own statically compiled binaries.

This is a common policy in heavily regulated enterprise networks and strict CI/CD environments. Security teams lock down everything, leaving you with nothing but a barebones POSIX shell. When popular file transfer tools like Magic Wormhole or Croc fail because they require a client binary, you have to get creative.

The POSIX Fallback: Using What You Have

Almost every Unix-like system ships with two fundamental tools: curl and openssl. If we can chain these together, we can construct an encrypted, streamable data pipeline without ever writing an executable file to disk.

The core concept is straightforward. On your local machine (where you have privileges), you encrypt the data and stream it to a relay server. On the restricted server, you use curl to pull the encrypted stream, pipe it through openssl for decryption, and redirect the output to a file.

Generating the Pipeline

Manually constructing the correct OpenSSL commands, generating a secure PBKDF2 derived key, and ensuring AES-256-CTR mode is correctly configured is tedious and error-prone. This is why we built Tubo.

Tubo is a zero-install file transfer tool. The client on the restricted server is a raw POSIX shell script. If you refuse to pipe curl | sh for security reasons, Tubo provides a manual mode that outputs the exact pipeline you need to execute.

curl -sN https://tubo.endlessite.com/run/xyz | openssl enc -d -aes-256-ctr -pass pass:YOUR_KEY > database_dump.sql

Let's break down why this works in restricted environments:

Limitations and Edge Cases

While this approach solves the immediate problem, it is not without compromises. Standard openssl enc behavior can vary across obscure Unix distributions (like older versions of AIX or Solaris). Additionally, because this pipeline relies on a stateless HTTP stream, there is no built-in mechanism for resumable transfers if the connection drops halfway through a 50GB file.

For most emergency operations—pulling logs to debug an incident or extracting a fast snapshot—this pure shell pipeline is the most pragmatic solution available. We designed Tubo to automate this exact workflow, minimizing friction when you are dealing with rigid infrastructure.

If you want to inspect the relay code or review the manual POSIX commands, the repository is open source. You can find it here.