Cjdns/How to install cjdns
From Telecomix Crypto Munitions Bureau
The following tutorial is intend to teach you how to:
- install cjdns
- connect to a node
- enable people to connect to your node
Contents |
[edit] Setup
- install dependencies
- download cjdns from git
- compile it
- run the binary you just compiled and follow the instructions
~:$ sudo apt-get install cmake git build-essential
Ubuntu (10.04-12.04): To install cjdns on Ubuntu:
:~$ cd /opt/ :~/opt$ sudo git clone https://github.com/cjdelisle/cjdns.git cjdns
go into cjdns folder and compile software:
:~/opt$ cd cjdns :~/opt/cjdns$ sudo ./do
generate configuration file:
:~/opt/cjdns$ sudo ./cjdroute --genconf >> cjdroute.conf
Now open cjroute.conf with your favorite text editor and add the cjdns nodes that you wish to connect with. See below for an example:
[edit] The (EASY) way to install cjdns (Debian/Ubuntu)
Here is an init script, hyperboria, that you can use to start,stop,restart,status,install and uninstall the cjdns. This script is for debian/ubuntu and could be made to work with other Linux distributions. This script has been tested on a vanilla install of debian/ubuntu and works, just run it and GO!.
Features of the script:
- start: start cjdns.
- stop: stop cjdns.
- restart: restart cjdns and flush logs ( this will save last 100 lines of logs).
- status: check to see if cjdns is running.
- flush: flush all but last 100 lines of logs.
- update: upgrade to the latest version of cjdns (this will stop cjdns while it upgrades).
- install: install cjdns.
- delete: uninstall cjdns.
To install cjdns, open terminal, download the hyperboria script and create a symbolic link to /etc/init.d/cjdns. I usually save the script in ~/scripts/cjdns_init_script/:
:~$ git clone git://gist.github.com/3435341.git cjdns_init_script :~$ cd cjdns_init_script :~$ sudo ln -s /path/to/script/hyperboria.sh /etc/init.d/cjdns :~$ sudo chmod +x /etc/init.d/cjdns
You can edit the script parameters to your liking or leave the default settings. Now it is time to install cjdns. Type the following into terminal:
:~$ sudo /etc/init.d/cjdns install
The install script will create a cjdns folder in /opt/, a cjdroute.conf file in /etc/ and a log file in /var/log/cjdns/. During the installation you will be prompted to add peers (which is optional, you can do this during installation or after installation). Once you add some peers (come to the irc channel for more information or use your own peers) you can start up cjdns by typing the following into terminal:
:~$ sudo /etc/init.d/cjdns start
You should then see the tun0 interface, with your own personal ipv6 address: inet-addr: fc00::/8 something).
:~$ sudo /etc/init.d/cjdns start|stop|restart|status|flush|update|install|delete
If you want to completely uninstall cjdns, the script will also delete cjdns for you, you simply need to run the following in terminal:
:~$ sudo /etc/init.d/cjdns delete
This will delete /opt/cjdns/ and /var/log/cjdns/. The delete function of the script does not delete /etc/cjdroute.conf, nor the symbolic link, /etc/init.d/cjdns, because you might want to use that later. To delete those as well simply type the following into terminal:
:~$ sudo rm /etc/init.d/cjdns /etc/cjdroute.conf
Thats it! Hope this helps and WELCOME TO TCXNET!! \o/ !!
[edit] Config file
In the config file, there is a part that looks something like this:
// Nodes to connect to.
"connectTo":
{
// Add connection credentials here to join the network
// Ask somebody who is already connected.
}
}
},
change it to (this works as of 2012-07-23)
// Nodes to connect to.
"connectTo":
{
// Add connection credentials here to join the network
// Ask somebody who is already connected.
"96.126.112.124:10000":
{
"password": "null",
"authType": 1,
"trust": 9000,
"publicKey":"7zy1gb9bw4xp82kjvh66w01jdgh6y3lk7cfnl0pgb0xnn26b2jn0.k"
}
"173.255.219.67:10000":
{
"password": "null",
"authType": 1,
"trust": 9000,
"publicKey": "lj52930v1vmg3jqyb399us501svntt499bvgk0c1fud4pmy42gj0.k"
}
"199.180.252.227:19071":
{
"password": "public_JFh4rX0R1jm6a7eKWCzD",
"publicKey": "425bcpr9ns0jpuh9ffx1lbbktkd3tpln16jzs9sgbjdkvfg25zv0.k"
}
"87.208.234.24:28078":
{
"password":"freedomnetsrai9yah4Kic5Kojah5que4xoCh",
"authType":1,
"trust": 9000,
"publicKey":"qb426vh42usw995jy60ll6rtslguv1ylpvwp44ymzky6f0u5qvq0.k"
}
//Dan's Florida Xen VPS - IPv6: fcd6:b2a5:e3cc:d78d:fc69:a90f:4bf7:4a02
"199.83.100.24:41902":
{
"password": "znuhtpf005705tp8snzbywynm6",
"publicKey": "xltnfur6xh2n36g79y1qpht910c13sq7lb049662x7trfx3gf190.k"
}
//Dan's OpenVZ SeaNode - IPv6: fc99:02f4:7795:c86c:36bd:63ae:cf49:d459
"74.221.208.153:25521":
{
"password": "jljwnfutfpt1nz3yjsj0dscpf7",
"publicKey": "8hgr62ylugxjyyhxkz254qtz60p781kbswmhhywtbb5rpzc5lxj0.k"
}
}
}
},
You do not need to do anything more. But if you want to, you could setup your computer to listen for incoming connections, if you want others to be able to initiate peering with you. Just read the config file and figure it out for yourself :P
Also, maybe you want to find some real friends that you know in person, and peer with them directly. This will make the network more decentralized, faster and more secure.
To start cjdns:
:~/opt/cjdns$ sudo ./cjdroute < cjdroute.conf > cjdroute.log
If all goes well, you should be able to look at ifconfig in terminal and see a virtual network interface, i.e., tun0:
:~/opt/cjdns$ ifconfig
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet6 addr: fdce:4421:51dd:5156:c53a:1z74:4n2c:11e5/8 Scope:Global
UP POINTOPOINT RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:152 (152.0 B)
You can use ping6 to ping your ipv6 address via terminal:
:~/opt/cjdns$ ping6 -I tun0 fdce:4421:51dd:5156:c53a:1z74:4n2c:11e5 PING fdce:4421:51dd:5156:c53a:1z74:4n2c:11e5(fdce:4421:51dd:5156:c53a:1z74:4n2c:11e5) from fdce:4421:51dd:5156:c53a:1z74:4n2c:11e5 tun0: 56 data bytes 64 bytes from fdce:4421:51dd:5156:c53a:1z74:4n2c:11e5: icmp_seq=1 ttl=64 time=0.055 ms 64 bytes from fdce:4421:51dd:5156:c53a:1z74:4n2c:11e5: icmp_seq=2 ttl=64 time=0.067 ms
If you have used the above configuration for cjdroute.conf you should be able to connect to the cjdns IRC server fc3a:2804:615a:b34f:abfe:c7d5:65d6:f50c #hyperboria.
[edit] Specific installation
On a Raspberry Pi, IPv6 is not load by default, so if you do
:~/opt/cjdns$ ifconfig
You'll have something like that :
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP POINTOPOINT RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:152 (152.0 B)
To load IPv6
modprobe ipv6
[edit] Hosting a node
I will use 192.168.1.213 as my IP address. If people to have access to this machine from the Internet you should use your Public IP address. You will need to use port forwarding on your router/switch if you are behind a NAT. So, look for this section in the cjdroute.conf file. Note: the port number may vary: But, ☢ DO NOT CHANGE PORTS ☢ ←.
/* These are your connection credentials
for people connecting to you with your default password.
adding more passwords for different users is advisable
so that leaks can be isolated.
"your.external.ip.goes.here:37400":
{
"password": "a234234sdjflskrwerjlaskjfd",
"publicKey": "jsalkdjf0asfasjfadf0sfafdkj234lk23j4asfdasfsad0afdas.k"
}
Replace your "your.external.ip.goes.here" with your IP address. In my case I will change it to this:
"192.168.1.213:31913":
{
"password": "a234234sdjflskrwerjlaskjfd",
"publicKey": "jsalkdjf0asfasjfadf0sfafdkj234lk23j4asfdasfsad0afdas.k"
}
Save and close cjdroute.conf and restart cjdns. Now others will be able to connect to your cjdns peer by adding the above peer info to the interface section of cjdroute.conf, for example I am also running cjdns on my laptop. I am going to add the above peer I just created to my laptop's cjdroute.conf file, it will look like this:
// Nodes to connect to.
"connectTo":
{
// Add connection credentials here to join the network
// Ask somebody who is already connected.
//cjdns debian box on my local network
"192.168.1.213:37400":
{
"password": "rv1qwpf82820xwxkjcjyl239v0",
"publicKey": "467f8rvjyxnx7x8phb3s4zp8ubq7cuthhbbttrxjdnx2b3fw5m50.k"
}
}
Please read that
// WARNING: Currently there is no key derivation done on the password field,
// DO NOT USE A PASSWORD HERE use something which is truly random and
// cannot be guessed.
// Including a username in the beginning of the password string is encouraged
// to aid in remembering which users are who.
Now when I start cjdns on my laptop, my laptop will be part of the same cjdns network.
Note: if you want a private network, and you do not want to be connected to any public peers, simply do not include the public peers mentioned above. Also, people will not be able to connect to your peer over the Internet (ipv4) Without the password and publicKey above.
If you're behind a NAT, it's okay to put in cjdroute.conf the IP lan, but make sure, that when you give the info to someone, you give the WAN IP otherwise he won't be able to connect to your node. And don't forget to setup port forwarding for UDP on the port (for instance there, it would be 37400).
[edit] Can I haz hostname plz ?
Note: It is important to note with the current version of cjdns above, you can only use IP addresses in your configuration file under interfaces. There is a patch that is being tested that allows you to use domain names in the configuration file. THIS IS STILL BEING TESTED and the patch has NOT been accepted by the main developers of cjdns yet. If you would like to test this, you can get the software here https://github.com/cyisfor/cjdns and it will allow you to added peers using domain name, i.e.,
//Domain name point at peer
"uwb.example1.com:10050":
{
"password": "null",
"publicKey": "sfaslfkj234rr7qvjsz6hs1ljckvzfkwkv64mtuvnz9px1yq9c0.k",
}
//Domain name point at peer
"verge.example2.tm:6323":
{
"password": "dk349jdk3buhrtc4wbk8sv230",
"publicKey": "lhjs0njqddkeid0dl32bbyp2mksmyzf5l34dkd03ksy78y1dj130.k"
}
