On 2014-08-09 18:10, intrigeri wrote:
Hi,
[email protected] wrote (09 Aug 2014 16:41:54 GMT) :
I'm currently working on getting UDP based chat clients like Linphone
working over
Onioncat using Whonix.
Great news! I'm very glad to see someone working on this, which I've
been wanting to do for years, but clearly failed to. Woohoo :)
Since you will be using UDP settings anyway, then IMHO concentrating
on serverless
options are probably the better way forward as it lessens the burden
on users.
Full ACK. I'm personally wary of encouraging users to put trust into
yet another server, hence my interest in OnionCat: I've been
maintaining it in Debian for years, in the hope it can be useful for
such uses; glad to see someone trying it out!
1. Can you please tell me if there is any additional configuration
that you did to
your firewall to make Onioncat work?
We've made it work 2-3 years ago in Tails, but I'm afraid I don't
remember any of the details. Are you actually seeing reject logs from
the firewall, that indicate it's the culprit?
2. From looking at this:
https://www.cypherpunk.at/onioncat_trac/wiki/Security I got
the impression that anyone running Onioncat can connect to anyone else
that has it
too. I don't know if the version currently available in Debian stable
has the
authentication features in r555.
As one can see in the source package, Wheezy's 0.2.2+svn553-3 doesn't
apply any patch on top of the upstream source. If needed, I can
rebuild and upload Jessie's 0.2.2+svn559-1 to wheezy-backports.
What firewall precautions are needed to cope with this situation if
necessary?
No idea. I would instead look into handling the authorization and
authentication in the VoIP client instead.
Cheers,
My status report so far: The conflict is not caused by the firewall form
the logs I checked. However onioncat keeps complaining about not finding
a peer to forward to. Any idea what this is about or what I need to do?
From what I understand using Onioncat is as simple as running it with
ocat <MyHiddenServiceID>
and then connecting to the IPv6 address of the other endpoint with the
software in question. In this case its the local Linphone client calling
the user@[IPv6] address. Correct?
N.B.
As an aside, The Linphone version in Wheezy does not support ZRTP.
Suppose I get this working, will that be a problem?
_______________________________________________
Tails-dev mailing list
[email protected]
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
[email protected].
