GNUnet
From Whonix
Documentation for this entry is incomplete. Contributions are happily considered!
Introduction[edit]
GNUnet is a next generation, private and anonymous P2P networking stack that rebuilds the internet from the bottom-up on these principles. It exceeds all the other members of the big four (Tor, I2P and Freenet) in scope and design assumptions. [1] [2] Architecturally it is a master-piece that has been undergoing constant development since 2001.
Feature List[edit]
A no where near exhaustive feature list: (GNUnet has 45 deployed subsystems for details see: [3] [4])
- A very clean modular and documented architecture that allows for adding functionality without encumbering the protocol or limiting future changes
- GNUnet primarily written in C, but the gnunet-java subsystem provides an API for developing extensions in Java[5]. Similar work is being done for Rust.
- A P2P consensus system designed under the assumption that a powerful adversary controls nodes in the network - compared to a centralized directory servers model (Tor)
- Can use TCP,UDP,HTTPS,HTTP and Bluetooth transports
- ECRS is a distributed file store like Freenet but with many improvements including:
- allowing direct sharing of files from the local drive without encrypting and inserting them first.
- can share and mount directories via FUSE
- file download swarming for improved speeds
- global private keyword search for files
- resistance to keyword/unrelated content spam by using trusted namespaces[6]
- resource accounting to reward contributors and limit attacks
- User controllable anonymity levels for traffic routing - allows for more latency sensitive use-cases between peers like VoIP
- An anonymous routing capability that allows for:
- VPN functionality between peers
- IP protocol routing as opposed to just TCP
- traffic exits that allow connecting to the legacy Internet
- By implementing alpha-mixing (mixing traffic of varying latencies) it can provide more cover traffic for resisting traffic analysis
- A strong adversary resistant DHT that handles network churn
- GNS, a secure and memorable name system with query privacy and key revocation
- PSYC2 (WIP) an extensible messaging format that runs on the multicast subsystem to create social networking application (secushare [7])
- Conversation, a VoIP application
GNUnet in Whonix ™[edit]
These instructions are incomplete.
GNUnet's capabilities makes it an excellent choice for a planned Whonix ™ notification system, a censorship resistant host of project files and even as a Tor alternative on the gateway in the future. It is currently packaged in Debian but the rapid development cycle makes the versions packaged in stable obsolete and incapable of connecting to the network. See ticket [archive].
Install mmdebstrap systemd-container apt-cacher-ng.
1. Update the package lists.
sudo apt update
2. Upgrade the system.
sudo apt full-upgrade
3. Install the mmdebstrap systemd-container apt-cacher-ng package.
Using apt command line parameter --no-install-recommends is in most cases optional.
sudo apt install --no-install-recommends mmdebstrap systemd-container apt-cacher-ng
4. Done.
The procedure of installing mmdebstrap systemd-container apt-cacher-ng is complete.
sudo mmdebstrap --verbose --include gnunet --aptopt='Acquire::http { Proxy "http://127.0.0.1:3142"; }' sid ~/debian-sid-chroot
Enter chroot.
sudo systemd-nspawn -D ~/debian-sid-chroot
Or start systemd inside chroot. This requires using above command, creating user password, otherwise no login is possible.
sudo systemd-nspawn -D ~/debian-sid-chroot /sbin/init
To leave the chroot press keep holding key CTRL and press key 5 quickly 3 times within 1 second. [10]
See Also[edit]
Footnotes[edit]
- ↑ https://n0.is/b/2017/guix-and-gnunet-fs---a-public-draft/ [archive]
- ↑ https://secushare.org/anonymity [archive]
- ↑ https://gnunet.org/concepts [archive]
- ↑ The Architecture of the GNUnet: 45 Subsystems in 45 Minutes [archive]
- ↑ https://gnunet.org/svn/gnunet-java/doc/gnunet-java-tutorial.pdf [archive]
- ↑ https://gnunet.org/sites/default/files/ecrs.pdf [archive]
- ↑ https://secushare.org/ [archive]
- ↑
systemd-containeris optional. Could use normalchrootcommand which might be less secure. Under research.apt-cacher-ngis optional but then below--aptopt='Acquire::http { Proxy "http://127.0.0.1:3142 [archive]"; }'should be removed too.
- ↑
--aptopt='Acquire::http { Proxy "http://127.0.0.1:3142 [archive]"; }'is optional but useful to avoid repeat package download while experimenting. - ↑ https://unix.stackexchange.com/questions/577065/connected-to-container-mycontainer-press-three-times-within-1s-to-exit-sessi [archive]
Whonix ™ is Supported by Evolution Host DDoS Protected VPS. Stay private and get your VPS with Bitcoin or Monero.
|
100px |
| Fosshost | About Advertisements |
Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki
Please help us to improve the Whonix ™ Wikipedia Page. Also see the feedback thread.
Priority Support | Investors | Professional Support
Whonix ™ | © ENCRYPTED SUPPORT LP | 
Freedom Software / 
Open Source (Why?)
The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.