Alright everyone! So, My friend and I were able, After much work, To
connect our netsukuku nodes through tinc! What we did, Was, We
installed tinc, We went to /etc/tinc, And we created the myvpn folder.
Then, We created, Inside of that folder, A hosts folder. We, Then,
Created a tinc.conf file in the myvpn folder. This is the tinc.conf
file for me. This is probably case sensitive, So please be careful.
Name=MissValeska
ConnectTo=TincDaemon
My name on tinc is just MissValeska, And my friend's name is
TincDaemon. So, That is simple enough. We, Then, Ran sudo tincd -n
myvpn --generate-keys -K. This generated the keys we needed to connect
to each other, And killed tincd afterwards. You'll have to press enter
a few times to confirm the things it will ask you though.
In the hosts folder, A MissValeska file was created for me, Which
contained my RSA Public key.
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAxVOGFZbTC13IOT8R48B++LfNOlwiCE3H7AVns44ANyYOaVoq6fRl
Z07ryNqRARvoEy/VcoqK9/uJ988/lgIuSayy50FFH8AiVFn8tMISVKpk1T6zyCqZ
m5G4E3h2gwbYZkuc6rWu0Agq1cI0QRKpLLad6X3lD3fWp7sfMawCss018HV3gNHA
2v1Vo4hyiXXLqN2MQ80Exwk8irpWUnMYFQ3HEdo1BDORBVXBClxtn4avApVnemrJ
y+lQ58ZhlKB2g9F7+5HiYW2adQSdJydKfnjw6MpVvHztHL7Z2AW3+KowW7JkdCmg
kp2S+Ogs4yJ65c+lJ+MZcf3sY+oGjpm7gwIDAQAB
-----END RSA PUBLIC KEY-----
This is all mine is, Feel free to use it, You'll need my IP address
though, I'll PM you that if you want to connect to me. This is just
used for verifying that the RSA key the other person is saying is
mine, Actually is mine.
Next, You'll need their RSA key, So copy it, And put it into a file of
their username, This is probably case sensitive, So be careful, Both
here, And in tinc.conf.
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAvADTePAqnqkoit19Np2NfcBDhFd9Hnet5KHFFdBJ5RCUacBVhIWB
fqkcmv9aIApiHI4mYbKHhK8PqJ3HXGS96f/qXqPEvdDTwShLKPjxlBXtV+zmLReA
CjR4sPDK0cSKC0CunYnm7JI8ey8GX/QE12yslDHwZPNcHG2jxnXjbRkXN9GLxG1V
kcYv07TGwpF5130zSSXEF6EIhNx241xxiaSROuk6xcP75zqEJPfTB8GjNcPnDISS
bzdi+FRSC+/VCS9RE196mmanlX4HiE/TFpnH9EEqgTsLnkPedVT3cuQtVRvDOGXA
b2DdKcwUhBly6b/6C5qVYXuD08pswj6zlQIDAQAB
-----END RSA PUBLIC KEY-----
Address=friendIPhere
This is my friend's RSA key, Obviously with his IP replaced by
friendIPhere. In this case, We both used the no-ip service.
https://www.noip.com/ Which you must sign up for, And has a linux .deb
file you can download here.
http://launchpadlibrarian.net/26258014/noip2_2.1.9-3_amd64.deb
After setting all of that up, Just use the host name you set for
yourself in the sign up process for the Address, And it should work
fine. You MUST download and install that .deb file though! It will
have configuration options as it is installing, This is crucial to
registering your actual computer's IP address and such to the hostname
you will be using from your no-ip account.
Now, After this, You can just run sudo service tinc start, And then
sudo tincd -n myvpn
This should start tinc, However! You will NOT have tinc as an
interface (in this case we just called it tinc, Instead of something
like tinc0, Though, That would be best for minimum confusion.) until
you set that up in your /etc/network, I modified my
/etc/network/interfaces with this at the bottom of the file. Remember,
The netmask and address are changable, I'm not sure what the netmask
will entail in changing, But the address is just the IP address of the
interface tinc. P.S, You can change the name of the tinc interface
here, But changing tinc to what ever you'd like, However, It might
require changes to the following files, I'm not certain though.
iface tinc inet static
address 10.0.0.41
netmask 255.0.0.0
tinc-net myvpn
tinc-debug 1
tinc-mlock yes
tinc-user nobody
tinc-pidfile /tmp/tinc.pid
tinc-logfile /var/log/tinc.log
I think the tinc files are created by default in the folders like
/etc/network/if-up.d and /etc/network/if-pre-up.d, But, I'm not sure.
This is what is in my if-up.d folder as a file called tinc.
#!/bin/sh
set -e
[ "$METHOD" = loopback ] && exit 0
[ -n "$IF_TINC_NET" ] && exit 0
invoke-rc.d tinc alarm || exit 0
This was in my if-pre-up.d folder as a file called tinc.
#!/bin/sh
set -x
[ -z "$IF_TINC_NET" ] && exit 0
# Read options from /etc/default
. /etc/default/tinc
# Read options from /etc/network/interfaces
[ -n "$IF_TINC_CONFIG" ] && EXTRA="$EXTRA -c $IF_TINC_CONFIG"
[ -n "$IF_TINC_DEBUG" ] && EXTRA="$EXTRA -d$IF_TINC_DEBUG"
[ -n "$IF_TINC_MLOCK" ] && EXTRA="$EXTRA --mlock"
[ -n "$IF_TINC_LOGFILE" ] && EXTRA="$EXTRA
--logfile=$IF_TINC_LOGFILE"
[ -n "$IF_TINC_PIDFILE" ] && EXTRA="$EXTRA
--pidfile=$IF_TINC_PIDFILE" ||
IF_TINC_PIDFILE=/var/run/tinc.$IF_TINC_NET.pid
[ -n "$IF_TINC_CHROOT" ] && EXTRA="$EXTRA --chroot"
[ -n "$IF_TINC_USER" ] && EXTRA="$EXTRA --user=$IF_TINC_USER"
set -e
# Start tinc daemon
/usr/sbin/tincd -n "$IF_TINC_NET" -o "Interface=$IFACE" $EXTRA
# Wait for it to come up properly
sleep 0.1
i=0;
while [ ! -f "$IF_TINC_PIDFILE" ] ; do
if [ $i = '30' ] ; then
echo 'Failed to start tinc daemon!'
exit 1
fi
sleep 0.1
i=$(($i+1))
done
exit 0
So, We just ran netsukuku by running sudo ntkd -i tinc -v 2 at this
point, Which worked fine. However, We couldn't work out how to ping
each other, Pinging myself (10.0.0.41) worked. However, Pinging him
through the tinc interface, Resulted in
ping: bad timing interval.
Which, Also, Occured for me when I tried to ping myself through that
interface, Though that makes more sense for me. However, I don't know
what this command means entirely, Anyway, Here is the terminal log of
that.
missvaleska@missvaleska-GA-970A-D3:~$ ping -i tinc 10.0.0.42
ping: bad timing interval.
missvaleska@missvaleska-GA-970A-D3:~$ ping -i tinc 10.0.0.41
ping: bad timing interval.
missvaleska@missvaleska-GA-970A-D3:~$ ping 10.0.0.41
PING 10.0.0.41 (10.0.0.41) 56(84) bytes of data.
64 bytes from 10.0.0.41: icmp_req=1 ttl=64 time=0.032 ms
64 bytes from 10.0.0.41: icmp_req=2 ttl=64 time=0.030 ms
64 bytes from 10.0.0.41: icmp_req=3 ttl=64 time=0.024 ms
64 bytes from 10.0.0.41: icmp_req=4 ttl=64 time=0.030 ms
^C
--- 10.0.0.41 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2997ms
rtt min/avg/max/mdev = 0.024/0.029/0.032/0.003 ms
missvaleska@missvaleska-GA-970A-D3:~$ ping 10.0.0.42
connect: Network is unreachable
missvaleska@missvaleska-GA-970A-D3:~$ ping 10.0.0.41
PING 10.0.0.41 (10.0.0.41) 56(84) bytes of data.
64 bytes from 10.0.0.41: icmp_req=1 ttl=64 time=0.044 ms
64 bytes from 10.0.0.41: icmp_req=2 ttl=64 time=0.031 ms
^C
--- 10.0.0.41 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.031/0.037/0.044/0.008 ms
missvaleska@missvaleska-GA-970A-D3:~$
We tried pinging google through tinc using the internet sharing
feature, It just universally said, Destination network unknown,
However google.com.inet (Which I thought would tell netsukuku, This is
an internet address, And how to resolve it.) just said ping: unknown
host google.com.inet
Which is great, I think! Because, Then it means it is connected to the
internet, It just doesn't know how to connect to google.com. (I tried
pinging 8.8.8.8, Thinking it might be a DNS issue. It resulted in the
same error, Though, Ping never told me it couldn't find it, I could
only figure it out using wireshark.) Anyway, Here are the wireshark
logs too, I hope this was helpful!
