Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
From a quick skim it looks like the key is base64 encoded into the URL in terminal_id param, so presumably you just share the URL and the collaborator stays on the URL with the key? If the key is ephemeral/regenerated for each session it seems to eliminate most of your concerns.
https://github.com/cs01/termpair/blob/1d273fa306a543fefbf2cf...
We've been toying with duckly (née gitduck) - and it provides shared web browsing, shared editing, and shared terminal. There might be some rough edges with the in-browser "window management" - but overall it works pretty well IMHO:
https://duckly.com/tools/terminal
Unfortunately not self-hosted.
We briefly tried tmate - do yourself a favour and get the upstream build (available as static binaries for Linux) - it's a bit finky about versions.
Eg via: https://github.com/tmate-io/tmate/releases/tag/2.4.0 get https://github.com/tmate-io/tmate/releases/download/2.4.0/tm... and drop the extracted binary in ~/bin or something.
You can self-hosted tmate, but imnho tmate doesn't add that much value over "grant user ssh access and use plain shared tmux/screen".
In that case, you might (for workstation/laptop) have co-worker's on vpn via wireguard /tailscale, bind sshd to the vpn interface, and allow access via ssh keys/certificates.
You can quickly provide a shared session connection to an external third party, so they can access computers that are not publicly accessable and that they normally would not have access to without having to do any credential management.
It's great for tech support.
tty-share is also good https://tty-share.com/
Project devs: Consider using CPACE (a password-authenticated key exchange) which is in the process of being formalized a standard by IETF.
https://github.com/jedisct1/cpace