aboutsummaryrefslogtreecommitdiff
path: root/README
diff options
context:
space:
mode:
Diffstat (limited to 'README')
-rw-r--r--README74
1 files changed, 49 insertions, 25 deletions
diff --git a/README b/README
index 9066189d0..412867037 100644
--- a/README
+++ b/README
@@ -76,8 +76,6 @@ $ adduser gnunet gnunet
76$ ./configure --prefix=$GNUNET_PREFIX --with-extractor=$LE_PREFIX 76$ ./configure --prefix=$GNUNET_PREFIX --with-extractor=$LE_PREFIX
77$ make 77$ make
78# make install 78# make install
79# sudo -u gnunet mkdir ~gnunet/.gnunet/
80# sudo -u gnunet touch ~gnunet/.gnunet/gnunet.conf
81# sudo -u gnunet gnunet-arm -s 79# sudo -u gnunet gnunet-arm -s
82 80
83This will create the users and groups needed for running GNUnet 81This will create the users and groups needed for running GNUnet
@@ -89,9 +87,13 @@ end-user applications as another user.
89 87
90If you create a system user "gnunet", it is recommended that you edit 88If you create a system user "gnunet", it is recommended that you edit
91the configuration file slightly so that data can be stored in the 89the configuration file slightly so that data can be stored in the
92system user home directory at "/var/lib/gnunet"; you may also want to 90system user home directory at "/var/lib/gnunet". Depending on what
91the $HOME-directory of your "gnunet" user is, you might need to set
92the SERVICEHOME option in section "[PATHS]" to "/var/lib/gnunet" to
93do this. Depending on your personal preferences, you may also want to
93use "/etc/gnunet.conf" for the location of the configuration file in 94use "/etc/gnunet.conf" for the location of the configuration file in
94this case. 95this case (instead of ~gnunet/.gnunet/gnunet.conf"). In this case,
96you need to start GNUnet using "gnunet-arm -s -c /etc/gnunet.conf".
95 97
96You can avoid running 'make install' as root if you run configure 98You can avoid running 'make install' as root if you run configure
97with the "--with-sudo=yes" option and have extensive sudo rights 99with the "--with-sudo=yes" option and have extensive sudo rights
@@ -125,13 +127,23 @@ $ aclocal -I /usr/local/share/aclocal
125Configuration 127Configuration
126============= 128=============
127 129
128Note that additional, per-user configuration files 130Note that additional, per-user configuration files can be created by
129(~/.gnunet/gnunet.conf) need to be created by each user (for example, 131each user. However, this is usually not necessary as there are few
130by running gnunet-setup). Note that gnunet-setup is a separate 132per-user options that normal users would want to modify. The defaults
131download and requires recent versions of GTK+ and Glade; you can also 133that are shipped with the installation are usually just fine.
132edit the configuration file by hand, but this is not recommended. For 134
133more general information about the GNU build process read the INSTALL 135The gnunet-setup tool is particularly useful to generate the master
134file. 136configuration for the peer. gnunet-setup can be used to configure and
137test (!) the network settings, choose which applications should be run
138and configure databases. Other options you might want to control
139include system limitations (such as disk space consumption, bandwidth,
140etc.). The resulting configuration files are human-readable and can
141theoretically be created or edited by hand.
142
143gnunet-setup is a separate download and requires somewhat recent
144versions of GTK+ and Glade. You can also create the configuration file
145by hand, but this is not recommended. For more general information
146about the GNU build process read the INSTALL file.
135 147
136GNUnet uses two types of configuration files, one that specifies the 148GNUnet uses two types of configuration files, one that specifies the
137system-wide defaults (typically located in 149system-wide defaults (typically located in
@@ -141,20 +153,13 @@ configuration file should be located in "~/.gnunet/gnunet.conf" or its
141location can be specified by giving the "-c" option to the respective 153location can be specified by giving the "-c" option to the respective
142GNUnet application. 154GNUnet application.
143 155
144The defaults that are shipped with the installation are usually ok,
145you may want to adjust the limitations (space consumption, bandwidth,
146etc.) though. The configuration files are human-readable. Note that
147you MUST create "~/.gnunet/gnunet.conf" explicitly before starting
148GNUnet. You can either run gnunet-setup (available as part of the
149gnunet-gtk source package) or simply create an empty file.
150
151 156
152Usage 157Usage
153===== 158=====
154 159
155First, you must obtain an initial list of GNUnet hosts. Knowing a 160First, you must obtain an initial list of GNUnet hosts. Knowing a
156single peer is sufficient since after that GNUnet propagates 161single peer is sufficient since after that GNUnet propagates
157information about other peers. Note that the default "gnunet.conf" 162information about other peers. Note that the default configuration
158contains URLs from where GNUnet downloads an initial hostlist 163contains URLs from where GNUnet downloads an initial hostlist
159whenever it is started. If you want to create an alternative URL for 164whenever it is started. If you want to create an alternative URL for
160others to use, the file can be generated on any machine running 165others to use, the file can be generated on any machine running
@@ -170,16 +175,24 @@ HTTPPORT to the public.
170If the solution with the hostlist URL is not feasible for your 175If the solution with the hostlist URL is not feasible for your
171situation, you can also add hosts manually. Simply copy the hostkeys 176situation, you can also add hosts manually. Simply copy the hostkeys
172to "$SERVICEHOME/data/hosts/" (where $SERVICEHOME is the directory 177to "$SERVICEHOME/data/hosts/" (where $SERVICEHOME is the directory
173specified in the gnunet.conf configuration file). 178specified in the gnunet.conf configuration file). You can also use
179"gnunet-peerinfo -g" to GET a URI for a peer and "gnunet-peerinfo -p
180URI" to add a URI from another peer. Finally, GNUnet peers that use
181UDP or WLAN will discover each other automatically (if they are in the
182vicinity of each other) using broadcasts (IPv4/WLAN) or multicasts
183(IPv6).
174 184
175Now start the local node using "gnunet-arm -s". GNUnet should run 24/7 if 185The local node is started using "gnunet-arm -s". GNUnet should run
176you want to maximize your anonymity. 18624/7 if you want to maximize your anonymity, as this makes partitioning
187attacks harder.
177 188
178You should then be able to access GNUnet using the shell: 189Once your peer is running, you should then be able to access GNUnet
190using the shell:
179 191
180$ gnunet-search KEYWORD 192$ gnunet-search KEYWORD
181 193
182This will display a list of results to the console. Then use 194This will display a list of results to the console. You can abort
195the command using "CTRL-C". Then use
183 196
184$ gnunet-download -o FILENAME GNUNET_URI 197$ gnunet-download -o FILENAME GNUNET_URI
185 198
@@ -228,7 +241,7 @@ information about the failing testcase to the Mantis bugtracking
228system at https://gnunet.org/bugs/. 241system at https://gnunet.org/bugs/.
229 242
230 243
231Running http on port 80 and https on port 443 244Running HTTP on port 80 and HTTPS on port 443
232============================================= 245=============================================
233 246
234In order to hide GNUnet's HTTP/HTTPS traffic perfectly, you might 247In order to hide GNUnet's HTTP/HTTPS traffic perfectly, you might
@@ -252,6 +265,17 @@ to map them to a priviledged port (from the point of view of the
252network). However, we are not aware of this providing any advantages 265network). However, we are not aware of this providing any advantages
253at this point. 266at this point.
254 267
268If you are already running an HTTP or HTTPS server on port 80 (or 443),
269you may be able to configure it as a "ReverseProxy". Here, you tell
270GNUnet that the externally visible URI is some sub-page on your website,
271and GNUnet can then tunnel its traffic via your existing HTTP server.
272This is particularly powerful if your existing server uses HTTPS, as
273it makes it harder for an adversary to distinguish normal traffic to
274your server from GNUnet traffic. Finally, even if you just use HTTP,
275you might benefit (!) from ISP's traffic shaping as opposed to being
276throttled by ISPs that dislike P2P. Details for configuring the
277reverse proxy are documented on our website.
278
255 279
256Stay tuned 280Stay tuned
257========== 281==========