- 1 Introduction
- 2 Inproxies inside Whonix-Workstation
- 3 Use I2P client inside Whonix-Workstation (Preferred)
- 4 Services
- 5 Installing I2P on Whonix-Gateway (I2P and Tor simultaneously)
- 6 Footnotes
The Invisible Internet Project (I2P) is an anonymous network, exposing a simple layer that applications can use to anonymously and securely send messages to each other through "tunnels". The network itself is strictly message based (IP), but there is a library available to allow reliable streaming communication on top of it (TCP). All communication is end to end encrypted (in total there are four layers of encryption used when sending a message), and even the end points ("destinations") are cryptographic identifiers (essentially a pair of public keys). This is known as Garlic routing which is a variant of Onion routing and benefits from the research on the latter but makes some different tradeoffs. Each client application has their I2P "router" that finds other clients by querying against the fully distributed "network database" - a custom structured distributed hash table (DHT) based off the Kademlia algorithm. Every router transports traffic for its peers which it uses as cover traffic for its own.
Read more about I2P's technical details here.
I2P is focused on creating a community around P2P darknet services rather than providing "outproxies"(exits) to the clearnet.
The I2P development team is an open group, welcome to all who are interested in getting involved, and all of the code is open source. The core I2P SDK and the current router implementation is done in Java (currently working with both sun and kaffe, gcj support planned for later), and there is a simple socket based API for accessing the network from other languages (with a C library available, and both Python and Perl in development). The network is actively being developed and has not yet reached the 1.0 release, but the current roadmap describes their schedule.
Overview on ways to use I2P with Whonix
- You can either use inproxies inside Whonix-Workstation to browse Eepsites or install I2P inside Whonix-Workstation.
- The inproxy method is more suited for a causal use of I2P, where you just want to anonymously view an Eepsite and don't care about eavesdroppers as long you are anonymous.
- Using the I2P client inside Whonix-Workstation (Preferred) is safer, all I2P traffic gets tunneled through Tor, fully featured but a tiny bit more difficult than installing I2P the ordinary way, i.e. using I2P in the clear, not over Tor.
Much of Tor's concepts carry over to I2P despite the terminology being somewhat different.
Other interesting concepts of note:
- Tor HS "stealth mode" == I2P client whitelist or using Encrypted LeaseSets (I2P documentation is lacking but there are plans to improve)
- Tor "Single Onion Service" == I2P 0-hop tunnels
http://identiguy.i2p - lists all known and alive I2P websites.
Inproxies inside Whonix-Workstation
Note that you will lose the end-to-end encryption to the eepsites, which I2P would provide, if you would install it directly inside Whonix-Workstation, or if you would use it the ordinary way. Depending on if the inproxy uses http (unencrypted), https (or is reachable through a hidden service), also Exit Nodes Eavesdropping applies. In any case, the I2P inproxy admin can also see all of your traffic in the I2P network and there is no way to prevent that.
List of I2P inproxy domains (bolded):
- many others are down 
Use I2P client inside Whonix-Workstation (Preferred)
Connecting to Tor before I2P
It is possible to run I2P inside the Whonix-Workstation.
user -> Tor -> I2P -> Internet
In case you want to do that, it is recommended to read the following two related wiki articles:
- Anonymity is provided by Tor.
- I2P router console works normal inside Tor Browser. No need to install a graphical user interface on the Whonix-Gateway.
- Eepsites (.i2p) can be reached directly from Tor Browser.
- I2P's end-to-end encryption will be used like usual.
- No Stream-Isolation Support
- I2P does not have stream isolation support meaning that visits to Eepsites are linkable and fingerprintable; each request includes the same X-I2P-Dest* headers, which are unique only to yourself. This might be true for outproxy requests as well.
- If you access site1.i2p and then site2.i2p, site3.i2p … and so on, each one of those operators will see the exact same X-I2P-Dest* values. Meaning if they are colluding, they will know that they were all accessed by the same person.
- The longer you leave I2P running, the better profile those operators can build on you. The X-I2P-Dest* values only change on restart of the I2P instance or on stop/start of the HTTP Proxy tunnel. I2P has no fix for this at the moment, however someone is writing an experimental plugin to provide a stream-isolating mechanism for http-over-I2P. The si-i2p-plugin is an I2P SAM application which presents an http proxy(on port 4443 by default) that acts as an intermediate between your browser and the I2P network. It uses the SAM library to create a unique destination for each I2P site that you visit. This way, your base32 destination couldn't be used to track you with a network of colluding sites.
- Adds load to Tor.
- Adds load to I2P.
- It is slower than I2P directly on Whonix-Gateway or the ordinary usage.
- No contribution to the I2P network (leeching). 
Installation and Setup:
|Security warning: Adding a third party repository allows the vendor to replace any package on your system. Proceed at your own risk! See Foreign Sources for further information. For greater safety, users adding third party repositories should always use Multiple Whonix-Workstations to compartmentalize VMs with additional software.|
Currently supported architectures include amd64, i386, armel, armhf (for Raspbian), and powerpc.
TO-DO: Update signing key info when migration from KYTV infrastructure happens.
pub 4096R/0x67ECE5605BCF1346 2013-10-10 I2P Debian Package Repository <firstname.lastname@example.org> Key fingerprint = 7840 E761 0F28 B904 7535 49D7 67EC E560 5BCF 1346
Download key with scurl to home folder.
scurl -o i2p-pubkey.asc https://geti2p.net/_static/i2p-debian-repo.key.asc
Check fingerprints/owners without importing anything.
gpg --keyid-format long --with-fingerprint i2p-pubkey.asc
If it looks good import into trusted.gpg.d.
gpg --no-default-keyring --keyring ./i2p-pubkey.gpg --import i2p-pubkey.asc sudo cp i2p-pubkey.gpg /etc/apt/trusted.gpg.d/i2p-pubkey.gpg
For default Whonix using Debian stable:
sudo su -c "echo -e 'deb http://deb.i2p2.no/ jessie main\ndeb-src http://deb.i2p2.no/ jessie main' > /etc/apt/sources.list.d/i2p-release.list"
For Whonix build using Debian Testing or Unstable (Sid):
sudo su -c "echo -e 'deb http://deb.i2p2.no/ unstable main\ndeb-src http://deb.i2p2.no/ unstable main' > /etc/apt/sources.list.d/i2p-release.list"
Update the package lists.
sudo apt-get update
Install I2P and dependencies.
sudo apt-get install i2p i2p-keyring
2. Configure I2P as a service that automatically runs when your system boots, set the amount of Ram to your needs and leave the User as i2psvc
sudo dpkg-reconfigure i2p
3. Add FoxyProxy to Tor Browser in Whonix.
4. Start/Stop the I2P service:
Start the I2P service
sudo systemctl start i2p
Stop the I2P service
sudo systemctl stop i2p
Status of the I2P service
sudo systemctl status i2p
To run I2P manually as User:
- Note: The config folder changes to /home/user/.i2p/
Please review and adjust the bandwidth settings on the configuration page, as the default settings of 300 KB/s down / 60 KB/s up are fairly conservative.
Many interesting features and functionality are implemented for I2P in the form of stand-alone packages or plugins that can be optionally installed from their official plugin eepsite. The instructions are simple to follow. The signing keys for these plugins is already built into the official I2P package and so are already white-listed. This is not a complete list.
See this page for documentation about default port numbers of I2P plugins.
I2P-Bote is a serverless, encrypted email plugin that uses I2P for anonymity. Messages are stored in the distributed hash table (DHT) for 100 days, during which the recipient is able to download them.
To back up I2P-Bote data, copy the i2pbote folder inside the I2P config directory (~/.i2p/i2pbote on Unix systems or /var/lib/i2p/i2p-config when running as a daemon).
Compartmentalize activities and only use the I2P-Bote/Susimail VM snapshot for this purpose. Generally, applications that run with a browser interface are vulnerable to a whole class of bugs, including cross-site request forgery (CSRF).
- A webmail interface.
- A user interface translated into 15 languages.
- One-click creation of email accounts (called email identities).
- Emails can be sent either under a sender identity or anonymously.
- 2048-bit ElGamal, 256/521-bit Elliptic Curve and NTRU-1087 encryption.
- Transparent, automatic encryption and signing without relying on third-party software such as PGP/GnuPG.
- Sending and receiving via relays with delay periods set by the user, similar to Mixmaster.
- Theme support.
- POP3 / IMAP / SMTP.
- Cc and Bcc support.
- Delivery confirmation.
- Basic support for short recipient names.
- Android support (via I2P's Android client).
- An outproxy to interoperate with clearnet mail servers.
- Custom folders.
- Multi-device identity syncing.
- Support for short email addresses like email@example.com
- HashCash as an anti-spam solution should it become a problem.
- Lots of other small improvements.
Syndie is I2P's distributed forum software, allowing asynchronous conversations between anonymous participants. It was the focus of I2P's creator shortly before he ceased public activity. It supports single and multiple author modes, adjustable visibility of posts and post moderation. Syndie features its own minimalist and secure reader to protect against browser exploitation.
On the whole, Syndie works at the *content layer* - individual posts are contained in encrypted zip files, and participating in the forum means simply sharing these files. There are no dependencies upon how the files are transferred (over I2P, Tor, Freenet, gnutella, bittorrent, RSS, usenet, email), but simple aggregation and distribution tools are bundled with the standard Syndie release.
Download Syndie from the official I2P plugin site (echelon.i2p). Its more secure than fetching from HTTPS sites on the clearnet.
After downloading, run it with:
java -jar syndie-installer-*.jar
RetroShare is an alternative to Syndie which can be tunneled through I2P for enhanced anonymity.
Follow the steps in this guide to connect to others over I2P.
Syncthing is a popular libre software for file syncing based on the bittorrent protocol. Its possible to tunnel its traffic over I2P as shown in this guide.
As part of a summer coding project (as of 2016), ZeroNet is being modified to natively support tunneling over I2P.
Installing I2P on Whonix-Gateway (I2P and Tor simultaneously)
user -> Tor -> Internet
user -> I2P -> Internet
Whonix I2P documentation thread:
- * http://i2p.rocks/
- http://i2p2piszzzndhfvr.onion - simply append the Onion Service name after the short eepsite name, omitting the .i2p TLD as shown.
awxcnx I2P eepsite inproxy
awxcnx I2P IRC inproxy (See Chat for general chat safety advice.)
or simply add '.to' after '.i2p'. For example, instant of http://forum.I2P you can use http://forum.i2p.to.
- Sounds worse than it is. Only very few people are expected to use I2P over Tor. I2P offers those options itself. It is not like a leeching mod.
- To import asc key files into trusted.gpg.d they must be converted into a .gpg keychain file first.
- I2P .deb Packages installation instructions from I2P's third party repository
- The following instructions have been tested as functional in Tor Browser versions 6.5, 7.0a1 and 7.0a2 "hardened". https://lists.torproject.org/pipermail/tbb-dev/2017-February/000471.html
- Some users report xpinstall.signatures.required needs to be disabled in Tor Browser about:config settings to enable FoxyProxy, when it is installed from the Debian repository. This workaround is not required when installing FoxyProxy from addons.mozilla.org. https://forums.whonix.org/t/new-version-of-tbb-no-longer-accepts-foxyproxy-plugin
- This procedure is safe. Since Firefox 43, all add-ons on Mozilla's servers are signed and verified. https://wiki.mozilla.org/Add-ons/Extension_Signing
Impressum | Datenschutz | Haftungsausschluss
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.