diff options
Diffstat (limited to 'template/tutorial-macos.html.j2')
-rw-r--r-- | template/tutorial-macos.html.j2 | 318 |
1 files changed, 5 insertions, 313 deletions
diff --git a/template/tutorial-macos.html.j2 b/template/tutorial-macos.html.j2 index 8bca8f50..fd86c750 100644 --- a/template/tutorial-macos.html.j2 +++ b/template/tutorial-macos.html.j2 | |||
@@ -120,7 +120,6 @@ | |||
120 | <p> | 120 | <p> |
121 | Perform the same steps as for Option 1, but add the configure flat '--enable-experimental' | 121 | Perform the same steps as for Option 1, but add the configure flat '--enable-experimental' |
122 | </p> | 122 | </p> |
123 | <!-- | ||
124 | <h4>{{ _("Install GNUnet plugin for name resolution") }}</h4> | 123 | <h4>{{ _("Install GNUnet plugin for name resolution") }}</h4> |
125 | 124 | ||
126 | <p> | 125 | <p> |
@@ -185,320 +184,13 @@ vpn (gnunet-service-vpn) | |||
185 | </code> | 184 | </code> |
186 | 185 | ||
187 | 186 | ||
188 | <h3>{{ _("Make sure it works") }}</h3> | 187 | <h3>{{ _("Further information") }}</h3> |
189 | 188 | ||
190 | <p> | 189 | <p>GNUnet has a number of services and features. |
191 | Let's try out some of GNUnet's use cases. Some should be done | 190 | Please check <a href="https://docs.gnunnet.org">our documentation</a> |
192 | before others: | 191 | to learn how to use them. If you find anything odd or bugs, please |
193 | </p> | 192 | <a href="https://gnunet.org/bugs">let us know</a>. |
194 | |||
195 | <ul> | ||
196 | <li>filesharing</li> | ||
197 | <li>A simple chat using CADET</li> | ||
198 | <li>Name resolution using GNS on the command line</li> | ||
199 | <li>Name resolution using GNS with a browser (do it on the command line first)</li> | ||
200 | <li>Serving a website using VPN (do name resolution with a browser first)</li> | ||
201 | </ul> | ||
202 | |||
203 | <h4>{{ _("filesharing") }}</h4> | ||
204 | |||
205 | <p> | ||
206 | Let's publish a file in the GNUnet filesharing network. We use the keywords | ||
207 | ("commons" and "state") so other people will be able to search for the file. | ||
208 | </p> | ||
209 | |||
210 | <p> | ||
211 | We can choose any file and describe it with meaningful keywords (using the | ||
212 | `-k` command line option). | ||
213 | </p> | ||
214 | |||
215 | <code> | ||
216 | $ gnunet-publish -k commons -k state ostrom.pdf<br> | ||
217 | Publishing `/home/myself/ostrom.pdf' done.<br> | ||
218 | URI is `gnunet://fs/chk/M57SXDJ72EWS25CT6307KKJ8K0GCNSPTAZ649NA1NS10MJB4A1GZ9EN4Y02KST9VA5BHE8B335RPXQVBWVZ587Y83WQ7J3DHMBX30Q8.DHNGBN4CB2DBX1QRZ1R0B1Q18WTEAK4R94S9D57C9JMJJ3H7SSQDCV4D1218C4S2VP085AMQQSMG18FCP6NQMZQZJ91XR5NBX7YF0V0.42197237'. | ||
219 | </code> | ||
220 | |||
221 | |||
222 | <p>Finding the file by keyword works with `gnunet-search`.</p> | ||
223 | |||
224 | <code> | ||
225 | $ gnunet-search commons<br> | ||
226 | #1:<br> | ||
227 | gnunet-download -o "ostrom.pdf" gnunet://fs/chk/M57SXDJ72EWS25CT6307KKJ8K0GCNSPTAZ649NA1NS10MJB4A1GZ9EN4Y02KST9VA5BHE8B335RPXQVBWVZ587Y83WQ7J3DHMBX30Q8.DHNGBN4CB2DBX1QRZ1R0B1Q18WTEAK4R94S9D57C9JMJJ3H7SSQDCV4D1218C4S2VP085AMQQSMG18FCP6NQMZQZJ91XR5NBX7YF0V0.42197237 | ||
228 | </code> | ||
229 | |||
230 | <p> | ||
231 | It gives us the command line call to download the file (and store it as | ||
232 | ostrom.pdf)! | ||
233 | </p> | 193 | </p> |
234 | 194 | ||
235 | <h4>{{ _("CADET (and Chat)") }}</h4> | ||
236 | |||
237 | <p> | ||
238 | We can use the `gnunet-cadet` command line tool to open a port and from | ||
239 | another machine connect to this port and chat or transfer data. First we need | ||
240 | our *peer ID* of the GNUnet peer opening the port. | ||
241 | </p> | ||
242 | |||
243 | <code> | ||
244 | $ gnunet-peerinfo -s<br> | ||
245 | I am peer `P4T5GHS1PCZ06R82D3KW8Z8J1113BQZWAWGYHTZ8G1ZXMWXQGAVG'. | ||
246 | </code> | ||
247 | |||
248 | |||
249 | <p> | ||
250 | Now we open the port (it can be any string!): | ||
251 | </p> | ||
252 | |||
253 | <code> | ||
254 | $ gnunet-cadet -o my-secret-port | ||
255 | </code> | ||
256 | |||
257 | <p> | ||
258 | On the other machine we can connect using the peer ID and the port | ||
259 | and start chatting! | ||
260 | </p> | ||
261 | |||
262 | <code> | ||
263 | $ gnunet-cadet P4T5GHS1PCZ06R82D3KW8Z8J1113BQZWAWGYHTZ8G1ZXMWXQGAVG my-secret-port | ||
264 | </code> | ||
265 | |||
266 | <h4>{{ _("Name resolution using GNS on the command line") }}</h4> | ||
267 | |||
268 | <p> | ||
269 | GNS is the GNU name service, a fully decentralized alternatice to | ||
270 | DNS. We'll publish an IP address in a GNS record try to resolve it | ||
271 | on the command line. First we need an identity which is the | ||
272 | equivalent to a zone in DNS. We'll call it "myself" and create it | ||
273 | using the `gnunet-identity` command line tool. Instead of "myself" | ||
274 | you can surely use your nick or any other name. | ||
275 | </p> | ||
276 | |||
277 | <code> | ||
278 | $ gnunet-identity -C myself | ||
279 | </code> | ||
280 | |||
281 | <p> | ||
282 | We can check if it worked using the same tool. We expect the name | ||
283 | of our identity and the corresponding public key to be | ||
284 | displayed. | ||
285 | </p> | ||
286 | |||
287 | <code> | ||
288 | $ gnunet-identity -d<br> | ||
289 | myself - HWTYD3P5D77JVFNVMZ1M5T10V4SZYNMY3PCGQCSVENKD6ZCRKPMG | ||
290 | </code> | ||
291 | |||
292 | <p> | ||
293 | Now we add a public `A` record to our zone. It has the name "ccc", a value | ||
294 | of "195.54.164.39" and it expires after one day. | ||
295 | </p> | ||
296 | |||
297 | <code> | ||
298 | $ gnunet-namestore -z myself -a -e "1 d" -p -t A -n ccc -V 195.54.164.39 | ||
299 | </code> | ||
300 | |||
301 | <p> | ||
302 | Now we can query that record using the command line tool `gnunet-gns`. | ||
303 | </p> | ||
304 | |||
305 | <code> | ||
306 | $ gnunet-gns -t A -u ccc.myself<br> | ||
307 | ccc.myself:<br> | ||
308 | Got `A' record: 195.54.164.39 | ||
309 | </code> | ||
310 | |||
311 | <p> | ||
312 | So it worked! But only resolving our own records is boring. So we | ||
313 | can give our identity (the public key of it to be precise) to | ||
314 | someone else so they can try to resolve our records, too. The | ||
315 | other person (Bob) has to add it to his namestore like this: | ||
316 | <p> | ||
317 | |||
318 | <code> | ||
319 | $ gnunet-namestore -z myself -a -e never -p -t PKEY -n alice -V HWTYD3P5D77JVFNVMZ1M5T10V4SZYNMY3PCGQCSVENKD6ZCRKPMG | ||
320 | </code> | ||
321 | |||
322 | <p> | ||
323 | Our identity in Bobs namestore is a public record (-p) and never | ||
324 | expires (-e never). Now Bob (let's assume he has called his identity | ||
325 | myself, too) should be able to resolve our "ccc" record, too! | ||
326 | </p> | ||
327 | |||
328 | <code> | ||
329 | $ gnunet-gns -t A -u ccc.alice.myself<br> | ||
330 | ccc.alice.myself:<br> | ||
331 | Got `A' record: 195.54.164.39 | ||
332 | </code> | ||
333 | |||
334 | <p> | ||
335 | It can continue like this. A friend of Bob would be able to | ||
336 | resolve our records too because Bob published our identity in a | ||
337 | public record. Bobs friend would simply use "ccc.alice.bob.myself" | ||
338 | to resolve our "ccc" record. | ||
339 | </p> | ||
340 | |||
341 | |||
342 | <h4>{{ _("Name resolution using GNS with a browser") }}</h4> | ||
343 | |||
344 | <p> | ||
345 | In the previous use case "Name resolution using GNS on the | ||
346 | command line" we got an idea about what GNS is about, but now | ||
347 | let's use it with a browser, to make it actually useful. Currently | ||
348 | Firefox and Chromium are known to work. | ||
349 | </p> | ||
350 | |||
351 | <p> | ||
352 | Many websites enforce HTTPS and thus provide certificates for | ||
353 | their hostnames (and not our GNS names). Browsers don't like wrong | ||
354 | hostnames in certificates and will present error messages. So | ||
355 | GNUnet has to trick them by generating own certificates for our | ||
356 | GNS names. This means we need to create our own certificate | ||
357 | authority and tell our browser about it. Luckily there's a script | ||
358 | for it: | ||
359 | </p> | ||
360 | |||
361 | <code> | ||
362 | $ gnunet-gns-proxy-setup-ca | ||
363 | </code> | ||
364 | |||
365 | <p> | ||
366 | After executing this script the Browser has to be restarted. | ||
367 | </p> | ||
368 | |||
369 | <p> | ||
370 | GNUnet provides a proxy service (gnunet-gns-proxy) that the | ||
371 | browser can send DNS and HTTP traffic to. It will try to resolve | ||
372 | names with GNS first and forward the rest of the DNS traffic to | ||
373 | the system's DNS resolver. It will also take care of the HTTP | ||
374 | traffic, so the browser gets valid certificates and the web server | ||
375 | will not be confused by our GNS hostnames. Our GNS namestore | ||
376 | doesn't know about any DNS hostnames yet, so we have to store | ||
377 | them, too. For our "ccc" A record, we have to store a LEHO (legacy | ||
378 | hostname) record, too. It must contain the website's original DNS | ||
379 | hostname: | ||
380 | </p> | ||
381 | |||
382 | <code> | ||
383 | $ gnunet-namestore -z myself -a -e "1 d" -p -t LEHO -n ccc -V www.ccc.de | ||
384 | </code> | ||
385 | |||
386 | <p> | ||
387 | Now let's start gnunet-gns-proxy. | ||
388 | </p> | ||
389 | |||
390 | <code> | ||
391 | $ /usr/lib/gnunet/libexec/gnunet-gns-proxy | ||
392 | </code> | ||
393 | |||
394 | <p> | ||
395 | Our browser has to be configured so it uses our proxy. In Firefox | ||
396 | we have to set these options under "about:config": | ||
397 | </p> | ||
398 | |||
399 | <code> | ||
400 | network.proxy.socks: localhost<br> | ||
401 | network.proxy.socks_port: 7777<br> | ||
402 | network.proxy.socks_remote_dns true<br> | ||
403 | network.proxy.type: 1 | ||
404 | </code> | ||
405 | |||
406 | <p> | ||
407 | To tell Chromium to use the proxy, it has to be started with the | ||
408 | "--proxy-server" command line option: | ||
409 | </p> | ||
410 | |||
411 | <code> | ||
412 | $ chromium --proxy-server="socks5://127.0.0.1:7777" | ||
413 | </code> | ||
414 | |||
415 | <p> | ||
416 | Now we should be able to resolve our GNS names in the browser! We | ||
417 | just have to type "https://ccc.myself" into the address bar. If | ||
418 | our friend Bob prepared his system, too, he can resolve our record | ||
419 | by typing "ccc.alice.myself". | ||
420 | </p> | ||
421 | |||
422 | |||
423 | <h4>{{ _("VPN") }}</h4> | ||
424 | |||
425 | <p> | ||
426 | TBD | ||
427 | </p> | ||
428 | |||
429 | <h3>{{ _("Uninstall GNUnet and its dependencies") }}</h3> | ||
430 | |||
431 | <code> | ||
432 | $ cd ~/gnunet_installation/gnunet<br> | ||
433 | $ sudo make uninstall<br> | ||
434 | $ cd ~/gnunet_installation/libmicrohttpd<br> | ||
435 | $ sudo make uninstall<br> | ||
436 | $ sudo apt remove git libtool autoconf autopoint build-essential libgcrypt-dev libidn11-dev zlib1g-dev libunistring-dev libglpk-dev miniupnpc libextractor-dev libjansson-dev libcurl4-gnutls-dev libsqlite3-dev<br> | ||
437 | $ sudo apt autoremove<br> | ||
438 | $ sudo userdel -r gnunet<br> | ||
439 | $ sudo groupdel gnunet<br> | ||
440 | $ sudo groupdel gnunetdns<br> | ||
441 | $ sudo mv /etc/nsswitch.conf.original /etc/nsswitch.conf<br> | ||
442 | $ sudo rm /lib/$(uname -m)-linux-gnu/libnss_gns.so.2 | ||
443 | </code> | ||
444 | |||
445 | <h3>{{ _("Appendix A: Optional GNUnet features") }}</h3> | ||
446 | |||
447 | <p> | ||
448 | TBD | ||
449 | </p> | ||
450 | |||
451 | <h3>{{ _("Troubleshooting") }}</h3> | ||
452 | |||
453 | <h4>{{ _("You can't reach other people's nodes") }}</h4> | ||
454 | |||
455 | <p> | ||
456 | Should our computer not have reached the open GNUnet network automatically, | ||
457 | we can manually instruct our node how to reach the nodes of our friends. This | ||
458 | works by exchanging HELLO strings. This is how we get a hello string for our | ||
459 | computer. | ||
460 | </p> | ||
461 | |||
462 | <code> | ||
463 | $ gnunet-peerinfo -gn | ||
464 | </code> | ||
465 | |||
466 | <p> | ||
467 | We can now pass this string to our friends "out of band" (using | ||
468 | whatever existing chat or messaging technology). If the string | ||
469 | contains some private IP networks we don't want to share, we can | ||
470 | carefully edit them out. | ||
471 | </p> | ||
472 | |||
473 | <p> | ||
474 | Once we receive such strings from our friends, we can add them | ||
475 | like this: | ||
476 | </p> | ||
477 | |||
478 | <code> | ||
479 | gnunet-peerinfo -p <string> | ||
480 | </code> | ||
481 | |||
482 | |||
483 | <p> | ||
484 | Now our GNUnet nodes can attempt reaching each other directly. This may | ||
485 | still fail due to NAT traversal issues. | ||
486 | </p> | ||
487 | |||
488 | |||
489 | <!-- | ||
490 | <h4>{{ _("OMG you guys broke my internet") }}</h4> | ||
491 | |||
492 | <p> | ||
493 | We can replace `/etc/nsswitch.conf` with the backup we made earlier | ||
494 | (`/etc/nsswitch.conf.original`). Now DNS resolution should work again without a | ||
495 | running GNUnet. | ||
496 | </p> | ||
497 | |||
498 | <code> | ||
499 | $ cp /etc/nsswitch.conf.original /etc/nsswitch.conf | ||
500 | </code> | ||
501 | --> | ||
502 | |||
503 | </div> | 195 | </div> |
504 | {% endblock body_content %} | 196 | {% endblock body_content %} |