1. Forum
  2. fsxNet
  3. FSX CRY

  • Re: Iand alternaernative transports

    From Avon@21:1/101 to Al on Tue Nov 19 16:29:10 2019
    On 18 Nov 2019 at 07:24p, Al pondered and said...

    Yep, gonna get going with something here.
    I just read Alexey Vissarionov say something about secure binkp in the FTSC_PULIC area.. sounds hopefull although I don't know what he meant by that. I'm hoping he'll shed some light on his thoughts and/or works with that.

    He is a binkd developer so he may have pointers for securing binkp when using binkd, we'll see what he has to say.

    cool, yes I had on my to-do a test with Oli over this so we could confirm
    some polling with his TOR address.

    --- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Oli@21:1/151 to Al on Tue Nov 19 17:02:08 2019
    Just starting a thread here from one in Fido. Happy to work with
    you both Oli/Al to get something running.

    Yep, gonna get going with something here.

    With which "something" should we start?

    I just read Alexey Vissarionov say something about secure binkp in the FTSC_PULIC area.. sounds hopefull although I don't know what he meant
    by that. I'm hoping he'll shed some light on his thoughts and/or works with that.

    I also would like to know more about "secure binkp". To my knowledge it's not easy to create something that is significantlly better than direct TLS, but I'm
    not an encryption expert.

    --- GoldED+/LNX 1.1.5-b20180707
    * Origin: 🌈 (21:1/151)
  • From Oli@21:1/151 to Al on Wed Nov 20 08:44:02 2019
    Yep, gonna get going with something here.

    With which "something" should we start?

    I don't know what button to press.. :)

    Where do you think we should start, tor?

    Let me know what I need to start and I'll get started.

    Tor it is.

    First you need to install Tor and then configure a hidden service (aka onion service):
    https://www.torproject.org/docs/tor-onion-service.html.en

    The short version:
    apt get install tor

    configure the service in /etc/tor/torrc, which looks like this (could be added to the end of the config file):

    HiddenServiceDir /var/lib/tor/hidden_service/ftn_v2
    HiddenServiceVersion 2
    HiddenServicePort 24554 127.0.0.1:24554

    HiddenServiceDir /var/lib/tor/hidden_service/ftn_v3
    HiddenServiceVersion 3
    HiddenServicePort 24554 127.0.0.1:24554

    Version 2 are the short addresses, version 3 the long addresses (which is the default in recent versions). Short is better for the nodelist, long has even better security, anonymity, ... (if that matters). You can have both or you can
    only use one of the two.
    Restart tor. You should find the generated address in /var/lib/tor/hidden_service/ftn_v3/hostname (or whatever pathname you have configured).

    Then we should be able to connect to your system over Tor.

    Additional options:

    You can use multiple ports with one onion address like:

    HiddenServiceDir /var/lib/tor/hidden_service/ftn_v3
    HiddenServicePort 24554 127.0.0.1:24554
    HiddenServicePort 2323 192.168.0.21:2323

    You can also use a seperate onion addresses for every service:

    HiddenServiceDir /var/lib/tor/hidden_service/bink1
    HiddenServicePort 24554 127.0.0.1:24554

    HiddenServiceDir /var/lib/tor/hidden_service/bink2
    HiddenServicePort 24554 127.0.0.1:24555

    HiddenServiceDir /var/lib/tor/hidden_service/bink3
    HiddenServicePort 24554 127.0.0.1:24556




    --- GoldED+/LNX 1.1.5-b20180707
    * Origin: 🌈 (21:1/151)
  • From Oli@21:1/151 to Al on Wed Nov 20 08:50:30 2019
    I once read Alexey say something about ssh. I could be mistaken but I don't think ssh is what we want in this case. I hope he'll explain
    what he means by secure binkp.

    Why don't we want ssh? I think it could be a good option and has also some advantages over TLS. It depends on the specification and implementation though.
    I imagine there are multiple ways to use the SSH protocol with binkp. Some very elegant, others might be cringworthy.

    --- GoldED+/LNX 1.1.5-b20180707
    * Origin: 🌈 (21:1/151)
  • From Oli@21:1/151 to Al on Wed Nov 20 12:08:54 2019
    Tor it is.

    If I've done this right my onion address is..

    unnp7cod2ek7teu4.onion

    12:08 [27342] BEGIN, binkd/1.1a-99/Linux
    12:08 [27342] clientmgr started
    12:08 [27343] using tor-proxy 127.0.0.1:9050/ for .onion address
    + 12:08 [27343] call to 21:4/106@fsxnet
    12:08 [27343] trying unnp7cod2ek7teu4.onion via socks 127.0.0.1:9050...
    12:08 [27343] connected
    12:08 [27343] connected to socks5 127.0.0.1:9050
    + 12:08 [27343] outgoing session with unnp7cod2ek7teu4.onion:24554
    - 12:08 [27343] OPT CRAM-MD5-f55767689f3ca1441b5df64a7cb6d2ee
    + 12:08 [27343] Remote requests MD mode
    - 12:08 [27343] SYS The Rusty MailBox
    - 12:08 [27343] TIME Wed, 20 Nov 2019 03:08:04 -0800
    - 12:08 [27343] VER binkd/1.0.5-pre5/Linux binkp/1.1
    + 12:08 [27343] addr: 21:4/106@fsxnet
    - 12:08 [27343] TRF 0 0
    + 12:08 [27343] Remote has 0b of mail and 0b of files for us
    - 12:08 [27343] OPT EXTCMD GZ BZ2
    + 12:08 [27343] Remote supports EXTCMD mode
    + 12:08 [27343] Remote supports GZ mode
    + 12:08 [27343] Remote supports BZ2 mode
    + 12:08 [27343] sending /srv/ftn/outbound/fsxnet/21.4.106.0.out as cb489628.pkt
    (862)
    + 12:08 [27343] sent: /srv/ftn/outbound/fsxnet/21.4.106.0.out (862, 862.00 CPS,
    21:4/106@fsxnet)
    + 12:08 [27343] done (to 21:4/106@fsxnet, OK, S/R: 1/0 (862/0 bytes))



    --- GoldED+/LNX 1.1.5-b20180707
    * Origin: 🌈 (21:1/151)
  • From Oli@21:1/151 to Al on Wed Nov 20 12:29:22 2019
    20 Nov 19 12:08, I wrote to Al:

    - 12:08 [27343] VER binkd/1.0.5-pre5/Linux binkp/1.1

    Is your binkd build with perl support?

    $ binkd -vv
    Binkd 1.1a-99 (Oct 3 2019 15:18:24/Linux)
    Compilation flags: gcc, zlib, bzlib2, perl, https, amiga_4d_outbound. Facilities: fts5004 ipv6


    --- GoldED+/LNX 1.1.5-b20180707
    * Origin: 🌈 (21:1/151)