GNUnet

From Gentoo Wiki
Jump to: navigation, search
This article is a stub. You can help by expanding it.
Warning
This page is a work in progress by ng0 (talk | contribs). Treat its contents with caution.


GNUnet is a mesh routing layer for end-to-end encrypted networking and a framework for distributed applications designed to replace the old insecure Internet protocol stack.

In other words, GNUnet provides a strong foundation of free software for a global, distributed network that provides security and privacy. Along with an application for secure publication of files, it has grown to include all kinds of basic applications for the foundation of a GNU internet.

GNUnet is an official GNU package. GNUnet can be downloaded from GNU and the GNU mirrors, its sourcecode can be found at [1].

Installation

USE flags

Cannot load package information. Is the atom net-misc/gnunet correct?

Kernel

For GNUnet on GNU/Linux you need to have /dev/net/tun for some GNUnet services (VPN, DNS, EXIT).

KERNEL Enable CONFIG_TUN in the kernel
Device Drivers ->  Network device support
<*>   Universal TUN/TAP device driver support

Emerge

Install net-misc/gnunet:

root #emerge --ask net-misc/gnunet

For graphical tools, install net-misc/gnunet-gtk:

root #emerge --ask net-misc/gnunet-gtk

Emerge messages

 To configure
    1) Add desired user(s) to the 'gnunet' group
    2) Edit the system-wide config file '/etc/gnunet/gnunet.conf'
       preferably using 'gnunet-setup -c /etc/gnunet/gnunet.conf'
       ('gnunet-setup' is part of the gnunet-gtk package)
    3) You may want to choose other bootstrap nodes than the ones
       provided in /usr/share/gnunet/hellos or remove them if you
       want to run GNUnet another way.
    4) Certain services will require '/dev/net/tun' to exist,
       which you must enable in your kernel.

    For further troubleshooting and info, take a look at the wiki
    page about gnunet.


Configuration

GNUnet can be configured systemwide, additionally it per user overwrites happen in ~/.config/ gnunet.conf. The Systemwide configuration is handled in /etc/gnunet/, per user configuration is done either through gnunet-setup which comes with net-misc/gnunet-gtk) or by editing the above mentioned file.

Systemwide Configuration

During emerge of gnunet, the following file is created for default minimal configuration:

FILE /etc/gnunet/gnunet.conf
[PATHS]
DEFAULTCONFIG = /etc/gnunet.conf

[arm]
SYSTEM_ONLY = YES
USER_ONLY = NO

[transport-tcp]
PORT = 2086
ADVERTISED_PORT = 2086

[transport-udp]
PORT = 2086
ADVERTISED_PORT = 2086

[nat]
BEHIND_NAT = YES
ENABLE_UPNP = NO
USE_LOCALADDR = NO
DISABLEV6 = YES

[hostlist]
OPTIONS = -b -e

After the configuration file has been modified or gnunet-setup was run, proceed to the appropriate service section for the target init system.

The complete options for configuration can be found in /usr/share/gnunet/config.d/ for gnunet and /usr/share/gnunet-gtk/config.d/ for gnunet-gtk. GNUnet comes with sane defaults which will work.

Services

OpenRC

To start immediately:

root #rc-service gnunet start

To start the gnunet service on system boot, add it to the default runlevel:

root #rc-update add gnunet default

Systemd

To start immediately:

root #systemctl start gnunet.service

To start the gnunet service on system boot:

root #systemctl enable gnunet.service


Terminology

Add explanations of commonly used words here.

Using GNUnet

GNUnet comes with a broad range of services, which will be described here. (48 services total)

For further input, consider reading the Official GNUnet User Handbook

gnunet-gtk

Graphical Interaction with gnunet.

GNS

VPN

File-sharing

gnunet-fs-gtk is a file sharing client without distracting extras

Publishing files can be done either through gnunet-gtk, or directly on the commandline. The following assumes you have the gnunet service started and gnunet configured:

For default values, you can use:

* gnunet-publish cats.avi

Furthermore, you can add options:

* -a, --anonymity=LEVEL      set the desired LEVEL of sender-anonymity
* -D, --disable-extractor    do not use libextractor to add keywords or metadata
* -d, --disable-creation-timedisable adding the creation time to the metadata of the uploaded file
* -e, --extract              print list of extracted keywords that would be used, but do not perform upload
* -k, --key=KEYWORD          add an additional keyword for the top-level file or directory (this option can be specified multiple times)
* -m, --meta=TYPE:VALUE      set the meta-data for the given TYPE to the given VALUE
* -n, --noindex              do not index, perform full insertion (stores entire file in encrypted form in GNUnet database)
* -P, --pseudonym=NAME       publish the files under the pseudonym NAME (place file into namespace)
* -p, --priority=PRIORITY    specify the priority of the content
* -r, --replication=LEVEL    set the desired replication LEVEL
* -u, --uri=URI              URI to be published (can be used instead of passing a file to add keywords to the file with the respective URI)
* -V, --verbose              be verbose (print progress information)

Troubleshooting

Get Involved

Read up on how to report bugs and how to get involved with development here: [2]

There are various projects around GNUnet, SecuShare as the social component [3], Taler [4]

Development depends on individual projects, for example SecuShare works with the latest svn of gnunet:

root #emerge --ask =net-misc/gnunet-9999