Connections¶
We recommend using stunnel, Tor and socat along with nymphemeral when downloading and sending messages. If you are a Whonix user, you should go to Connections (Whonix).
Stunnel¶
stunnel adds TLS to your connections. You can install it with:
sudo apt-get install stunnel4
To configure stunnel, you can use the .conf
file we provide
with nymphemeral. Copy that file to the directory where stunnel
looks for config files (which is usually /etc/stunnel
):
sudo curl https://raw.githubusercontent.com/felipedau/nymphemeral/master/connections/stunnel.conf -o /etc/stunnel/stunnel.conf
Open /etc/default/stunnel4
and enable stunnel automatic startup
by switching ENABLE
to 1
:
# Change to one to enable stunnel automatic startup
ENABLED=1
And start it with:
sudo service stunnel4 start
You should get the following message:
Starting SSL tunnels: [Started: /etc/stunnel/stunnel.conf] stunnel.
Tunelling¶
From the last sections of the .conf
file:
[nntps-client]
client = yes
accept = 127.0.0.1:119
connect = 127.0.0.1:10063
[ssmtp-client]
protocol = smtp
client = yes
accept = 127.0.0.1:2525
connect = 127.0.0.1:2526
Note that:
- The NNTP client is used to download messages. Whenever it accesses
port
119
, stunnel will connect it to port10063
, adding TLS. - The SMTP client is used to send messages. Whenever it accesses port
2525
, stunnel will connect it to port2526
, adding TLS.
Tor¶
Tor is a low-latency communication system used to hide your traffic. If you wish to have the latest stable version you should use this option. If that is not the case, simply install it with:
sudo apt-get install tor
Socat¶
socat manages the last part of the process, which will make the connections from your machine to the servers via Tor. You can install it with:
sudo apt-get install socat
A script should be used to make the connection itself. Copy both socat scripts we provide with nymphemeral:
curl https://raw.githubusercontent.com/felipedau/nymphemeral/master/connections/socnews.sh -o ~/socnews.sh
curl https://raw.githubusercontent.com/felipedau/nymphemeral/master/connections/socsmtp.sh -o ~/socsmtp.sh
And enable them to be executed:
chmod +x ~/socnews.sh ~/socsmtp.sh
News Server¶
From the socnews.sh
file:
socat TCP-Listen:10063,bind=localhost,fork SOCKS4A:localhost:news.mixmin.net:563,socksport=9050 > /dev/null 2>&1 &
Note that socat accepts connections through port 10063
(the one
that stunnel connects to) and then connects to the news server at
mixmin.net via Tor through port 9050
.
Run it with:
~/socnews.sh
SMTP Server¶
From the socsmtp.sh
file:
socat TCP-Listen:2526,bind=localhost,fork SOCKS4A:localhost:lnwxejysejqjlm3l.onion:2525,socksport=9050 > /dev/null 2>&1 &
Note that socat accepts connections through port 2526
(the one
that stunnel connects to) and then connects to the Jeremy Bentham
Remailer SMTP server at anemonee.mooo.com via Tor through port
9050
.
Run it with:
~/socsmtp.sh
You could also use other SMTP servers, such as these ones:
mail.mixmin.net
mail.allpingers.net
Note
You can use whatever NNTP/SMTP servers you would like. We chose to use those for convenience, but you are totally free to configure other ones or setup your own.
Important
You do not need to start stunnel or Tor again, but the scripts have to be executed every time the system starts up or whenever you wish to use nymphemeral.