zrok/assets/js/34e1d3b9.cbef2106.js

"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[360],{3905:(e,t,r)=>{r.d(t,{Zo:()=>l,kt:()=>m});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function i(e){for(var t=1;t<arguments.length;t++){var r=null!=arguments[t]?arguments[t]:{};t%2?o(Object(r),!0).forEach((function(t){a(e,t,r[t])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(r)):o(Object(r)).forEach((function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(r,t))}))}return e}function s(e,t){if(null==e)return{};var r,n,a=function(e,t){if(null==e)return{};var r,n,a={},o=Object.keys(e);for(n=0;n<o.length;n++)r=o[n],t.indexOf(r)>=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n<o.length;n++)r=o[n],t.indexOf(r)>=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var p=n.createContext({}),c=function(e){var t=n.useContext(p),r=t;return e&&(r="function"==typeof e?e(t):i(i({},t),e)),r},l=function(e){var t=c(e.components);return n.createElement(p.Provider,{value:t},e.children)},u="mdxType",h={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,p=e.parentName,l=s(e,["components","mdxType","originalType","parentName"]),u=c(r),d=a,m=u["".concat(p,".").concat(d)]||u[d]||h[d]||o;return r?n.createElement(m,i(i({ref:t},l),{},{components:r})):n.createElement(m,i({ref:t},l))}));function m(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,i=new Array(o);i[0]=d;var s={};for(var p in t)hasOwnProperty.call(t,p)&&(s[p]=t[p]);s.originalType=e,s[u]="string"==typeof e?e:a,i[1]=s;for(var c=2;c<o;c++)i[c]=r[c];return n.createElement.apply(null,i)}return n.createElement.apply(null,r)}d.displayName="MDXCreateElement"},7515:(e,t,r)=>{r.r(t),r.d(t,{assets:()=>p,contentTitle:()=>i,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const o={sidebar_position:0},i="Private Shares",s={unversionedId:"concepts/sharing-private",id:"concepts/sharing-private",title:"Private Shares",description:"zrok was built to share and access digital resources. A private share allows a resource to be",source:"@site/../docs/concepts/sharing-private.md",sourceDirName:"concepts",slug:"/concepts/sharing-private",permalink:"/docs/concepts/sharing-private",draft:!1,editUrl:"https://github.com/openziti/zrok/blob/main/docs/../docs/concepts/sharing-private.md",tags:[],version:"current",sidebarPosition:0,frontMatter:{sidebar_position:0},sidebar:"tutorialSidebar",previous:{title:"Concepts",permalink:"/docs/concepts/"},next:{title:"Public Shares",permalink:"/docs/concepts/sharing-public"}},p={},c=[],l={toc:c};function u(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,n.Z)({},l,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"private-shares"},"Private Shares"),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," was built to share and access digital resources. A ",(0,a.kt)("inlineCode",{parentName:"p"},"private")," share allows a resource to be\naccessed on another user's system as if it were local to them. Privately shared resources can only be accessed by another ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," user who has the details of your unique share. You are in control of who can access your ",(0,a.kt)("inlineCode",{parentName:"p"},"private")," shares by sharing the the share token."),(0,a.kt)("p",null,"Peer-to-peer private resource sharing is one of the things that makes ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," unique."),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," also provides ",(0,a.kt)("inlineCode",{parentName:"p"},"public")," sharing of resources with non-",(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," users. Public resource sharing is limited to only resources that can be accessed over ",(0,a.kt)("inlineCode",{parentName:"p"},"HTTP")," or ",(0,a.kt)("inlineCode",{parentName:"p"},"HTTPS"),". ",(0,a.kt)("inlineCode",{parentName:"p"},"private")," sharing works with all of the resources types that ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," supports."),(0,a.kt)("p",null,"Here's how private sharing works:"),(0,a.kt)("h1",{id:"peer-to-peer"},"Peer to Peer"),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"zrok_public_share",src:r(4371).Z,width:"2200",height:"922"})),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"private")," shares are accessed using the ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok access")," command, and require the accessing user to have a ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok enable"),"-d account on the same service instance where the share was created."),(0,a.kt)("p",null,"The ",(0,a.kt)("inlineCode",{parentName:"p"},"private")," share is identified by a ",(0,a.kt)("em",{parentName:"p"},"share token"),". The accessing user will use the share token, along with the ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok access")," command to create a local endpoint on their system, which lets them use the shared resource as if it were local to their system."),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," does not require you to open any firewall ports or otherwise compromise the security of your local system; there is never an attack surface open to the public internet. As soon as you terminate the ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok share")," process, you immediately terminate any possible access to your shared resource."),(0,a.kt)("p",null,"The shared resource can be a development web server to share with friends and colleagues, a webhook from a server running in the cloud which has ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," running and has been instructed to ",(0,a.kt)("inlineCode",{parentName:"p"},"access")," the private resource. ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," can also share files, websites, and low-level TCP and UDP network connections using the ",(0,a.kt)("inlineCode",{parentName:"p"},"tunnel")," backend.  What matters is that the access to the shared resource is not done in a public way, and can only be accessed by other ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," users that have access to your share token."),(0,a.kt)("p",null,"The peer-to-peer capabilities of ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," are an important property of the underlying ",(0,a.kt)("a",{parentName:"p",href:"https://docs.openziti.io/docs/learn/introduction/"},"OpenZiti")," network that ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok")," uses to provide connectivity between users and resources."),(0,a.kt)("p",null,"Creating ",(0,a.kt)("inlineCode",{parentName:"p"},"private")," shares is easy and is accomplished using the ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok share private")," command. Run ",(0,a.kt)("inlineCode",{parentName:"p"},"zrok share private")," to see the usage output and to further learn how to use the command."))}u.isMDXComponent=!0},4371:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/zrok_private_share-3b4b2f89f7b5e6704d0b9078a701161e.png"}}]);