diff options
author | Nico Schottelius <nico@nico-notebook.schottelius.org> | 2019-09-10 01:53:43 +0900 |
---|---|---|
committer | Nico Schottelius <nico@nico-notebook.schottelius.org> | 2019-09-10 01:53:43 +0900 |
commit | 3b8e2bff869096edf9ab0dead1c61eeae26a3d4f (patch) | |
tree | 188bfc680c9d4ec2ca61c152b0d609b84e3478b0 /README.md | |
parent | 9cda2ce9b8d35ba02a56e7f61c9e2f009ed85b73 (diff) |
Include friendchecker
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 137 |
1 files changed, 137 insertions, 0 deletions
@@ -10,3 +10,140 @@ know when they are online. Let's solve this problem once-and-for-all in a decentralised, sustainable and future proof way. ## Here come's the real IPv6 friend + +Instead of using a single system or server, we use IPv6 to connect to +our friends directly. Because each of our friends is reachable by IPv6 +if they are online (otherwise they would not be a real IPv6 friend), +we can easily verify if they are online. To find out who is online, +just connect to their computer! + +## How it works + +It's a bit geeky, but it works actually rather simple. +To become a real IPv6 friend, you need to do the following things: + +- Generate a GPG key with a comment named RIF following the URL of + your computer +- Ensure that the URL points to the IPv6 address of your computer +- Setup a webserver on your computer +- Export your key and all real IPv6 friend keys to your webserver as + "rifkeys.txt +- For each of your friends, check whether they are online! + +### Example: Generating a key with the right comment + +In this example I choose to create an ECC based key that requires the +export option in gpg: + +``` +[1:24] line:~% gpg --expert --full-gen-key +gpg (GnuPG) 2.2.12; Copyright (C) 2018 Free Software Foundation, Inc. +This is free software: you are free to change and redistribute it. +There is NO WARRANTY, to the extent permitted by law. + +Please select what kind of key you want: + (1) RSA and RSA (default) + (2) DSA and Elgamal + (3) DSA (sign only) + (4) RSA (sign only) + (7) DSA (set your own capabilities) + (8) RSA (set your own capabilities) + (9) ECC and ECC + (10) ECC (sign only) + (11) ECC (set your own capabilities) + (13) Existing key +Your selection? 9 +Please select which elliptic curve you want: + (1) Curve 25519 + (3) NIST P-256 + (4) NIST P-384 + (5) NIST P-521 + (6) Brainpool P-256 + (7) Brainpool P-384 + (8) Brainpool P-512 + (9) secp256k1 +Your selection? 1 +Please specify how long the key should be valid. + 0 = key does not expire + <n> = key expires in n days + <n>w = key expires in n weeks + <n>m = key expires in n months + <n>y = key expires in n years +Key is valid for? (0) 0 +Key does not expire at all +Is this correct? (y/N) y + +GnuPG needs to construct a user ID to identify your key. + +Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? c +Comment: RIF https://nico.ungleich.cloud +You selected this USER-ID: + "Nico Schottelius (RIF https://nico.ungleich.cloud) <ipv6@nico.ungleich.cloud>" + +Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o +We need to generate a lot of random bytes. It is a good idea to perform +some other action (type on the keyboard, move the mouse, utilize the +disks) during the prime generation; this gives the random number +generator a better chance to gain enough entropy. +We need to generate a lot of random bytes. It is a good idea to perform +some other action (type on the keyboard, move the mouse, utilize the +disks) during the prime generation; this gives the random number +generator a better chance to gain enough entropy. +gpg: key 27541E11E73F288D marked as ultimately trusted +gpg: directory '/home/nico/.gnupg/openpgp-revocs.d' created +gpg: revocation certificate stored as '/home/nico/.gnupg/openpgp-revocs.d/B982A8BABC030C66DEF5984527541E11E73F288D.rev' +public and secret key created and signed. + +pub ed25519 2019-09-09 [SC] + B982A8BABC030C66DEF5984527541E11E73F288D +uid Nico Schottelius (RIF https://nico.ungleich.cloud) <ipv6@nico.ungleich.cloud> +sub cv25519 2019-09-09 [E] + + +``` + +### Example: Setting up a webserver + +On a Debian/Devuan based distro: + +``` +apt install nginx +sudo chown $(whoami) /var/www/html +``` + + +### Exporting all keys + +To make yourself accessible and expose who your real IPv6 friends are. + +``` +gpg -a --export RIF > /var/www/html/rifkeys +``` + +### Example: List your friends + +``` +[1:40] line:~% gpg --list-keys --with-colons | grep RIF | awk -F: '{ print $10 }' | sed 's/\\x3a/:/' +Nico Schottelius (RIF https://nico.ungleich.cloud) <ipv6@nico.ungleich.cloud> +Nico Schottelius (myself) (RIF https://nico2.ungleich.cloud) <nico@nico.ungleich.cloud> +``` + +### Example: Checking which friends are online + +Use the included rif-checkfriends.sh script or iterate yourself over +above output. + +``` + + +``` + + +## To be added + +- advanced usage -> ipv6 email + +### CLI ideas + +- **rif prepare**: check webserver, keyring, etc. +- **rif online**: check who is online |