Actions

Dev/Sponsor/Z

From Whonix

< Dev



DO IT[edit]

  • just connected to the router by the router
  • netrunner based
  • port to KDE plasma
  • port to ARM - done: https://github.com/netrunner-core/live-config [archive]
  • optional: cross compile to ARM
  • produce image that can be flashed on the odroid
  • incoming port for VNC [password protected only]
  • incoming port for SSH
  • install yacy
  • install zeronet
  • yacy index only zeronet
  • no browser on the ondroid required
  • zeronet over Tor
  • yacy over Tor
  • yacy indexing zeronet
  • later feature: deactivate Tor
  • hardening
  • maybe later feature: contribute to the Tor networking by being a relay, but hard because requiring port forwarding


  • Tor Browser Bundle (yes, with Tor) installed on PC for anonymity
  • or usual browser installed on PC for connectivity

-→ accessing local web interfaces for zeronet / yacy

third party tasks[edit]

whom what ticket status
blue systems / zeronet get zeronet Debian package into Debian repository https://github.com/HelloZeroNet/ZeroNet/issues/241 [archive] ?
zeronet do not show "PORT: CLOSED" in the webinterface when file /usr/share/anon-dist/marker exists TODO create ticket
zeronet zeronet: audit torrent implementation for IP leaks https://github.com/HelloZeroNet/ZeroNet/issues/274 [archive] ?
zeronet /etc/zeronet.d TODO create ticket
yacy socks proxy support http://mantis.tokeek.de/view.php?id=219 [archive] ?
yacy /etc/yacy.d TODO create ticket
yacy zeronet aware, capable of using zeronet TODO create ticket

repositories to be used[edit]

  • debian repo
  • torproject repo
  • yacy repo
  • zeronet install from netrunner repo
  • plasma install from netrunner repo

DO NOT[edit]

  • no iceweasel / Tor Browser installed due to resource issues on the odroid
  • yacy freeworld indexing NOT indexing
  • no torifying middle box [but that would work out of the box]

Notes[edit]

questions[edit]

  • odroid reboot button?
  • odroid case?
  • bridges stuff
  • RTC functional?
  • default ssh security?
    • default onion and password? → not prestart the odroid → avoid keeping records that could get lost → not possible
    • reachable in local network by default only

https://raspberrypi.stackexchange.com/a/24073 [archive] https://pihw.wordpress.com/guides/direct-network-connection/ [archive]

reports[edit]

  • reboot not functional: acpi
  • not use first boot click me
  • first boot click: script (to resize the disk → automate → then reboot)
  • not using debian security repository
  • sid not great, need jessie [not stable]
  • disable power saving monitor off?
  • remove avahi
  • remove cups
  • remove networkmanager
  • remove openssh-server (?)
  • package zeronet
  • install zeronet
  • install yacy
  • install tor
  • install tor-arm
  • sid related bug most likely
  • disable AppArmor in /lib/systemd/system/tor@default
  • systemctl daemon-reload
  • service tor restart
  • switch to ifupdown
  • create a package whonix-gw-network-conf to set up static networking and to fulfill dependency?

todo[edit]

  • systemtl units-list

how to[edit]

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

have it listen on 10.152.152.10
  • tor-service-defaults-torrc delete 2 sections, delete workstation socks dns trans port sections
  • static ip config / magic IP
  • install python-stem
  • install kwrite
  • install genmkfile
  • install helper-scripts
  • install anon-base-files
  • install anon-gw-base-files
  • install anon-gw-anonymizer
  • /usr/local/etc/torrc.d/50_user.conf DisableNetwork 0
  • sudo make install whonix-gw-firewall (dependency issue)
  • sudo debian/whonix-gw-firewall.postinst configure
  • /etc/whonix_firewall.d/40_zerobox.conf
GATEWAY_ALLOW_INCOMING_SSH=1
#ALLOW_GATEWAY_ROOT_USER=1
#ALLOW_GATEWAY_USER_USER=1
INT_IF=eth0
INT_TIF=eth0

     NON_TOR_GATEWAY="\
         127.0.0.0-127.0.0.24 \
         192.168.0.0-192.168.0.99 \
         192.168.1.0-192.168.1.99 \
         10.152.152.0-10.152.152.24 \
         10.0.2.2-10.0.2.24 \
      "

#GATEWAY_ALLOW_INCOMING_ICMP=1
WORKSTATION_TRANSPARENT_DNS=0
WORKSTATION_TRANSPARENT_TCP=0

demo[edit]

sudo torsocks apt-get install bash-completion

http://192.168.0.6:43110 [archive]

misc[edit]

https://github.com/HelloZeroNet/ZeroNet/issues/993 [archive] (ZeroNet devs explain security concerns)

https://github.com/HelloZeroNet/ZeroNet/issues/1292 [archive] (Switch to next-gen onion services)




Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png Matrix logo.svg.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate whonix.png

Share: Twitter | Facebook

Did you know that Whonix could provide protection against backdoors [archive]? See Verifiable Builds [archive]. Help is wanted and welcomed.

https [archive] | (forcing) onion [archive]

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.