Alright everyone! So, My friend and I were able, After much work,
To connect our netsukuku nodes through tinc! What we did, Was, We
installed tinc, We went to /etc/tinc, And we created the myvpn
folder. Then, We created, Inside of that folder, A hosts folder.
We, Then, Created a tinc.conf file in the myvpn folder. This is the
tinc.conf file for me. This is probably case sensitive, So please
be careful.
Name=MissValeska ConnectTo=TincDaemon
My name on tinc is just MissValeska, And my friend's name is
TincDaemon. So, That is simple enough. We, Then, Ran sudo tincd -n
myvpn --generate-keys -K. This generated the keys we needed to
connect to each other, And killed tincd afterwards. You'll have to
press enter a few times to confirm the things it will ask you
though.
In the hosts folder, A MissValeska file was created for me, Which
contained my RSA Public key.
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAxVOGFZbTC13IOT8R48B++LfNOlwiCE3H7AVns44ANyYOaVoq6fRl
Z07ryNqRARvoEy/VcoqK9/uJ988/lgIuSayy50FFH8AiVFn8tMISVKpk1T6zyCqZ
m5G4E3h2gwbYZkuc6rWu0Agq1cI0QRKpLLad6X3lD3fWp7sfMawCss018HV3gNHA
2v1Vo4hyiXXLqN2MQ80Exwk8irpWUnMYFQ3HEdo1BDORBVXBClxtn4avApVnemrJ
y+lQ58ZhlKB2g9F7+5HiYW2adQSdJydKfnjw6MpVvHztHL7Z2AW3+KowW7JkdCmg
kp2S+Ogs4yJ65c+lJ+MZcf3sY+oGjpm7gwIDAQAB -----END RSA PUBLIC
KEY-----
This is all mine is, Feel free to use it, You'll need my IP
address though, I'll PM you that if you want to connect to me. This
is just used for verifying that the RSA key the other person is
saying is mine, Actually is mine.
Next, You'll need their RSA key, So copy it, And put it into a file
of their username, This is probably case sensitive, So be careful,
Both here, And in tinc.conf.
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAvADTePAqnqkoit19Np2NfcBDhFd9Hnet5KHFFdBJ5RCUacBVhIWB
fqkcmv9aIApiHI4mYbKHhK8PqJ3HXGS96f/qXqPEvdDTwShLKPjxlBXtV+zmLReA
CjR4sPDK0cSKC0CunYnm7JI8ey8GX/QE12yslDHwZPNcHG2jxnXjbRkXN9GLxG1V
kcYv07TGwpF5130zSSXEF6EIhNx241xxiaSROuk6xcP75zqEJPfTB8GjNcPnDISS
bzdi+FRSC+/VCS9RE196mmanlX4HiE/TFpnH9EEqgTsLnkPedVT3cuQtVRvDOGXA
b2DdKcwUhBly6b/6C5qVYXuD08pswj6zlQIDAQAB -----END RSA PUBLIC
KEY----- Address=friendIPhere
This is my friend's RSA key, Obviously with his IP replaced by
friendIPhere. In this case, We both used the no-ip service.
https://www.noip.com/ Which you must sign up for, And has a linux
.deb file you can download here.
http://launchpadlibrarian.net/26258014/noip2_2.1.9-3_amd64.deb
After setting all of that up, Just use the host name you set for
yourself in the sign up process for the Address, And it should
work fine. You MUST download and install that .deb file though! It
will have configuration options as it is installing, This is
crucial to registering your actual computer's IP address and such
to the hostname you will be using from your no-ip account.
Now, After this, You can just run sudo service tinc start, And then
sudo tincd -n myvpn
This should start tinc, However! You will NOT have tinc as an
interface (in this case we just called it tinc, Instead of
something like tinc0, Though, That would be best for minimum
confusion.) until you set that up in your /etc/network, I modified
my /etc/network/interfaces with this at the bottom of the file.
Remember, The netmask and address are changable, I'm not sure what
the netmask will entail in changing, But the address is just the IP
address of the interface tinc. P.S, You can change the name of the
tinc interface here, But changing tinc to what ever you'd like,
However, It might require changes to the following files, I'm not
certain though.
iface tinc inet static address 10.0.0.41 netmask 255.0.0.0 tinc-net
myvpn tinc-debug 1 tinc-mlock yes tinc-user nobody tinc-pidfile
/tmp/tinc.pid tinc-logfile /var/log/tinc.log
I think the tinc files are created by default in the folders like
/etc/network/if-up.d and /etc/network/if-pre-up.d, But, I'm not
sure. This is what is in my if-up.d folder as a file called tinc.
#!/bin/sh
set -e
[ "$METHOD" = loopback ] && exit 0 [ -n "$IF_TINC_NET" ] && exit 0
invoke-rc.d tinc alarm || exit 0
This was in my if-pre-up.d folder as a file called tinc.
#!/bin/sh
set -x
[ -z "$IF_TINC_NET" ] && exit 0
# Read options from /etc/default
. /etc/default/tinc
# Read options from /etc/network/interfaces
[ -n "$IF_TINC_CONFIG" ] && EXTRA="$EXTRA -c
$IF_TINC_CONFIG" [ -n "$IF_TINC_DEBUG" ] && EXTRA="$EXTRA
-d$IF_TINC_DEBUG" [ -n "$IF_TINC_MLOCK" ] &&
EXTRA="$EXTRA --mlock" [ -n "$IF_TINC_LOGFILE" ] &&
EXTRA="$EXTRA --logfile=$IF_TINC_LOGFILE" [ -n "$IF_TINC_PIDFILE" ]
&& EXTRA="$EXTRA --pidfile=$IF_TINC_PIDFILE" ||
IF_TINC_PIDFILE=/var/run/tinc.$IF_TINC_NET.pid [ -n
"$IF_TINC_CHROOT" ] && EXTRA="$EXTRA --chroot" [ -n
"$IF_TINC_USER" ] && EXTRA="$EXTRA
--user=$IF_TINC_USER"
set -e
# Start tinc daemon
/usr/sbin/tincd -n "$IF_TINC_NET" -o "Interface=$IFACE" $EXTRA
# Wait for it to come up properly
sleep 0.1 i=0; while [ ! -f "$IF_TINC_PIDFILE" ] ; do if [ $i =
'30' ] ; then echo 'Failed to start tinc daemon!' exit 1 fi sleep
0.1 i=$(($i+1)) done
exit 0
So, We just ran netsukuku by running sudo ntkd -i tinc -v 2 at
this point, Which worked fine. However, We couldn't work out how to
ping each other, Pinging myself (10.0.0.41) worked. However,
Pinging him through the tinc interface, Resulted in
ping: bad timing interval.
Which, Also, Occured for me when I tried to ping myself through
that interface, Though that makes more sense for me. However, I
don't know what this command means entirely, Anyway, Here is the
terminal log of that.
missvaleska@missvaleska-GA-970A-D3:~$ ping -i tinc 10.0.0.42 ping:
bad timing interval. missvaleska@missvaleska-GA-970A-D3:~$ ping -i
tinc 10.0.0.41 ping: bad timing interval.
missvaleska@missvaleska-GA-970A-D3:~$ ping 10.0.0.41 PING 10.0.0.41
(10.0.0.41) 56(84) bytes of data. 64 bytes from 10.0.0.41:
icmp_req=1 ttl=64 time=0.032 ms 64 bytes from 10.0.0.41: icmp_req=2
ttl=64 time=0.030 ms 64 bytes from 10.0.0.41: icmp_req=3 ttl=64
time=0.024 ms 64 bytes from 10.0.0.41: icmp_req=4 ttl=64 time=0.030
ms ^C --- 10.0.0.41 ping statistics --- 4 packets transmitted, 4
received, 0% packet loss, time 2997ms rtt min/avg/max/mdev =
0.024/0.029/0.032/0.003 ms missvaleska@missvaleska-GA-970A-D3:~$
ping 10.0.0.42 connect: Network is unreachable
missvaleska@missvaleska-GA-970A-D3:~$ ping 10.0.0.41 PING 10.0.0.41
(10.0.0.41) 56(84) bytes of data. 64 bytes from 10.0.0.41:
icmp_req=1 ttl=64 time=0.044 ms 64 bytes from 10.0.0.41: icmp_req=2
ttl=64 time=0.031 ms ^C --- 10.0.0.41 ping statistics --- 2 packets
transmitted, 2 received, 0% packet loss, time 999ms rtt
min/avg/max/mdev = 0.031/0.037/0.044/0.008 ms
missvaleska@missvaleska-GA-970A-D3:~$
We tried pinging google through tinc using the internet sharing
feature, It just universally said, Destination network unknown,
However google.com.inet (Which I thought would tell netsukuku, This
is an internet address, And how to resolve it.) just said ping:
unknown host google.com.inet
Which is great, I think! Because, Then it means it is connected to
the internet, It just doesn't know how to connect to google.com. (I
tried pinging 8.8.8.8, Thinking it might be a DNS issue. It
resulted in the same error, Though, Ping never told me it couldn't
find it, I could only figure it out using wireshark.) Anyway, Here
are the wireshark logs too, I hope this was helpful!
_______________________________________________ Netsukuku mailing
list [email protected]
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/netsukuku
