diff options
Diffstat (limited to 'template/use.html.j2')
-rw-r--r-- | template/use.html.j2 | 235 |
1 files changed, 235 insertions, 0 deletions
diff --git a/template/use.html.j2 b/template/use.html.j2 new file mode 100644 index 00000000..2f90aade --- /dev/null +++ b/template/use.html.j2 | |||
@@ -0,0 +1,235 @@ | |||
1 | {% extends "common/base.j2" %} | ||
2 | {% block body_content %} | ||
3 | <article class="container"> | ||
4 | <!--<article> --> | ||
5 | <header> | ||
6 | <h2>{{ _("How to use GNUnet - in a nutshell") }}</h2> | ||
7 | </header> | ||
8 | |||
9 | <section> | ||
10 | <h3>{{ _("Make sure your GNUnet installation works...") }}</h3> | ||
11 | |||
12 | <p> | ||
13 | ... and play around with it. So let's try out some of GNUnet's use cases. Please mind that some should be done in a particular order, one after another: | ||
14 | </p> | ||
15 | |||
16 | <ul> | ||
17 | <li>filesharing</li> | ||
18 | <li>A simple chat using CADET</li> | ||
19 | <li>Name resolution using GNS on the command line</li> | ||
20 | <li>Name resolution using GNS with a browser (do it on the command line first)</li> | ||
21 | <li>Serving a website using VPN (do name resolution with a browser first)</li> | ||
22 | </ul> | ||
23 | </section> | ||
24 | <section> | ||
25 | <h4>{{ _("filesharing") }}</h4> | ||
26 | |||
27 | <p> | ||
28 | Let's publish a file in the GNUnet filesharing network. We use the keywords | ||
29 | ("commons" and "state") so other people will be able to search for the file. | ||
30 | </p> | ||
31 | |||
32 | <p> | ||
33 | We can choose any file and describe it with meaningful keywords (using the | ||
34 | `-k` command line option). | ||
35 | </p> | ||
36 | |||
37 | <code> | ||
38 | $ gnunet-publish -k commons -k state ostrom.pdf<br> | ||
39 | Publishing `/home/myself/ostrom.pdf' done.<br> | ||
40 | URI is `gnunet://fs/chk/M57SXDJ72EWS25CT6307KKJ8K0GCNSPTAZ649NA1NS10MJB4A1GZ9EN4Y02KST9VA5BHE8B335RPXQVBWVZ587Y83WQ7J3DHMBX30Q8.DHNGBN4CB2DBX1QRZ1R0B1Q18WTEAK4R94S9D57C9JMJJ3H7SSQDCV4D1218C4S2VP085AMQQSMG18FCP6NQMZQZJ91XR5NBX7YF0V0.42197237'. | ||
41 | </code> | ||
42 | |||
43 | <p> | ||
44 | Finding the file by keyword works with `gnunet-search`. | ||
45 | </p> | ||
46 | |||
47 | <code> | ||
48 | $ gnunet-search commons<br> | ||
49 | #1:<br> | ||
50 | gnunet-download -o "ostrom.pdf" gnunet://fs/chk/M57SXDJ72EWS25CT6307KKJ8K0GCNSPTAZ649NA1NS10MJB4A1GZ9EN4Y02KST9VA5BHE8B335RPXQVBWVZ587Y83WQ7J3DHMBX30Q8.DHNGBN4CB2DBX1QRZ1R0B1Q18WTEAK4R94S9D57C9JMJJ3H7SSQDCV4D1218C4S2VP085AMQQSMG18FCP6NQMZQZJ91XR5NBX7YF0V0.42197237 | ||
51 | </code> | ||
52 | |||
53 | <p> | ||
54 | It gives us the command line call to download the file (and store it as | ||
55 | ostrom.pdf)! | ||
56 | </p> | ||
57 | </section> | ||
58 | <section> | ||
59 | <h4>{{ _("CADET (and Chat)") }}</h4> | ||
60 | |||
61 | <p> | ||
62 | We can use the `gnunet-cadet` command line tool to open a port and from | ||
63 | another machine connect to this port and chat or transfer data. First we need | ||
64 | our *peer ID* of the GNUnet peer opening the port. | ||
65 | </p> | ||
66 | |||
67 | <code> | ||
68 | $ gnunet-peerinfo -s<br> | ||
69 | I am peer `P4T5GHS1PCZ06R82D3KW8Z8J1113BQZWAWGYHTZ8G1ZXMWXQGAVG'. | ||
70 | </code> | ||
71 | |||
72 | <p> | ||
73 | Now we open the port (it can be any string!): | ||
74 | </p> | ||
75 | |||
76 | <code> | ||
77 | $ gnunet-cadet -o my-secret-port | ||
78 | </code> | ||
79 | |||
80 | <p>On the other machine we can connect using the peer ID and the port and start chatting!</p> | ||
81 | |||
82 | <code> | ||
83 | $ gnunet-cadet P4T5GHS1PCZ06R82D3KW8Z8J1113BQZWAWGYHTZ8G1ZXMWXQGAVG my-secret-port | ||
84 | </code> | ||
85 | </section> | ||
86 | <section> | ||
87 | <h4>{{ _("Name resolution using GNS on the command line") }}</h4> | ||
88 | |||
89 | <p>GNS is the GNU name service, a fully decentralized alternatice to DNS. We'll publish an IP address in a GNS record try to resolve it on the command line. First we need an identity which is the | ||
90 | equivalent to a zone in DNS. We'll call it "myself" and create it using the | ||
91 | `gnunet-identity` command line tool. Instead of "myself" you can surely use your | ||
92 | nick or any other name. </p> | ||
93 | |||
94 | <code> | ||
95 | $ gnunet-identity -C myself | ||
96 | </code> | ||
97 | |||
98 | <p>We can check if it worked using the same tool. We expect the name of our identity and the corresponding public key to be displayed.</p> | ||
99 | |||
100 | <code> | ||
101 | $ gnunet-identity -d<br> | ||
102 | myself - HWTYD3P5D77JVFNVMZ1M5T10V4SZYNMY3PCGQCSVENKD6ZCRKPMG | ||
103 | </code> | ||
104 | |||
105 | <p> | ||
106 | Now we add a public `A` record to our zone. It has the name "ccc", a value | ||
107 | of "195.54.164.39" and it expires after one day. | ||
108 | </p> | ||
109 | |||
110 | <code> | ||
111 | $ gnunet-namestore -z myself -a -e "1 d" -p -t A -n ccc -V 195.54.164.39 | ||
112 | </code> | ||
113 | |||
114 | <p>Now we can query that record using the command line tool `gnunet-gns`.</p> | ||
115 | |||
116 | <code> | ||
117 | $ gnunet-gns -t A -u ccc.myself<br> | ||
118 | ccc.myself:<br> | ||
119 | Got `A' record: 195.54.164.39 | ||
120 | </code> | ||
121 | |||
122 | <p> | ||
123 | So it worked! But only resolving our own records is boring. So we | ||
124 | can give our identity (the public key of it to be precise) to | ||
125 | someone else so they can try to resolve our records, too. The | ||
126 | other person (Bob) has to add it to his namestore like this: | ||
127 | </p> | ||
128 | |||
129 | <code> | ||
130 | $ gnunet-namestore -z myself -a -e never -p -t PKEY -n alice -V HWTYD3P5D77JVFNVMZ1M5T10V4SZYNMY3PCGQCSVENKD6ZCRKPMG | ||
131 | </code> | ||
132 | |||
133 | <p> | ||
134 | Our identity in Bobs namestore is a public record (-p) and never | ||
135 | expires (-e never). Now Bob (let's assume he has called his | ||
136 | identity myself, too) should be able to resolve our "ccc" record, | ||
137 | too! | ||
138 | </p> | ||
139 | |||
140 | <code> | ||
141 | $ gnunet-gns -t A -u ccc.alice.myself<br> | ||
142 | ccc.alice.myself:<br> | ||
143 | Got `A' record: 195.54.164.39 | ||
144 | </code> | ||
145 | |||
146 | <p> | ||
147 | It can continue like this. A friend of Bob would be able to | ||
148 | resolve our records too because Bob published our identity in a | ||
149 | public record. Bobs friend would simply use "ccc.alice.bob.myself" | ||
150 | to resolve our "ccc" record. | ||
151 | </p> | ||
152 | </section> | ||
153 | <section> | ||
154 | <h4>{{ _("Name resolution using GNS with a browser") }}</h4> | ||
155 | |||
156 | <p> | ||
157 | In the previous use case "Name resolution using GNS on the command line" we got an idea | ||
158 | about what GNS is about, but now let's use it with a browser, to make it actually useful. Currently Firefox and Chromium are known to work. | ||
159 | </p> | ||
160 | |||
161 | <p> | ||
162 | Many websites enforce HTTPS and thus provide certificates for | ||
163 | their hostnames (and not our GNS names). Browsers don't like wrong | ||
164 | hostnames in certificates and will present error messages. So GNUnet | ||
165 | has to trick them by generating own certificates for our GNS | ||
166 | names. This means we need to create our own certificate authority | ||
167 | and tell our browser about it. Luckily there's a script for it: | ||
168 | </p> | ||
169 | |||
170 | <code> | ||
171 | $ gnunet-gns-proxy-setup-ca | ||
172 | </code> | ||
173 | |||
174 | <p>After executing this script the Browser has to be restarted.</p> | ||
175 | |||
176 | <p> | ||
177 | GNUnet provides a proxy service (gnunet-gns-proxy) that the | ||
178 | browser can send DNS and HTTP traffic to. It will try to resolve | ||
179 | names with GNS first and forward the rest of the DNS traffic to | ||
180 | the system's DNS resolver. It will also take care of the HTTP | ||
181 | traffic, so the browser gets valid certificates and the web server | ||
182 | will not be confused by our GNS hostnames. Our GNS namestore | ||
183 | doesn't know about any DNS hostnames yet, so we have to store | ||
184 | them, too. For our "ccc" A record, we have to store a LEHO (legacy | ||
185 | hostname) record, too. It must contain the website's original DNS | ||
186 | hostname: | ||
187 | </p> | ||
188 | |||
189 | <code> | ||
190 | $ gnunet-namestore -z myself -a -e "1 d" -p -t LEHO -n ccc -V www.ccc.de | ||
191 | </code> | ||
192 | |||
193 | <p>Now let's start gnunet-gns-proxy.</p> | ||
194 | |||
195 | <code> | ||
196 | $ /usr/lib/gnunet/libexec/gnunet-gns-proxy | ||
197 | </code> | ||
198 | |||
199 | <p> | ||
200 | Our browser has to be configured so it uses our proxy. In Firefox | ||
201 | we have to set these options under "about:config": | ||
202 | </p> | ||
203 | |||
204 | <code> | ||
205 | network.proxy.socks: localhost<br> | ||
206 | network.proxy.socks_port: 7777<br> | ||
207 | network.proxy.socks_remote_dns true<br> | ||
208 | network.proxy.type: 1 | ||
209 | </code> | ||
210 | |||
211 | <p> | ||
212 | To tell Chromium to use the proxy, it has to be started with the | ||
213 | "--proxy-server" command line option: | ||
214 | </p> | ||
215 | |||
216 | <code> | ||
217 | $ chromium --proxy-server="socks5://127.0.0.1:7777" | ||
218 | </code> | ||
219 | |||
220 | <p> | ||
221 | Now we should be able to resolve our GNS names in the browser! We | ||
222 | just have to type "https://ccc.myself" into the address bar. If | ||
223 | our friend Bob prepared his system, too, he can resolve our record | ||
224 | by typing "ccc.alice.myself". | ||
225 | </p> | ||
226 | </section> | ||
227 | <section> | ||
228 | <h4>{{ _("VPN") }}</h4> | ||
229 | |||
230 | <p> | ||
231 | TBD | ||
232 | </p> | ||
233 | </section> | ||
234 | </article> | ||
235 | {% endblock body_content %} | ||