1. Forum
  2. Usenet
  3. NEWS.ADMIN.PEERING

  • Onion peering between INN and Rocksolid Light

    From Syber Shock@21:1/5 to All on Thu Sep 28 01:58:43 2023
    XPost: rocksolid.nodes.help, alt.privacy.anon-server

    I need to be able to explain succinctly how a INN peer should connect
    to a Rocksolid Light peer if such is possible.

    Rocksolid Light (rslight) peers and syncs using client commands instead
    of innfeed. It is very simple to configure. Rocksolid Light will peer
    with any NNTP peer that has user account authentication. Enter the
    credentials into the rslight config, list the desired newsgroups, and
    away we go. Rslight uses client commands to check, push and pull
    articles.

    But what if a sysop using INN wants to peer with rslight? Does INN have facility for this at user level? If I sync rslight with a INN peer, only
    the rslight peer is doing the synchronization of articles. Does INN have
    the facility to do the inverse with a rslight peer?

    I configure the rslight cron job to synchronize at randomized
    intervals. Ultimately my strategy is to check and synchronize articles
    at random intervals from ten to thirty minutes over a tor hidden onion
    circuit. I would expect a remote peer to do similarly. Randomization of
    the synchronization times is a hedge against traffic analysis. Delays
    of a few minutes before forwarding buffers connecting clients from
    message timing correlation. It is not perfect but it helps and it
    increases the cost for eavesdroppers.

    The hidden onion circuit is an extra layer of security for the
    connections. Each peer I link to would use a different hidden onion
    address, and I would give a different hidden onion address to each such
    peer. This allows every peer to hide physical location. It also allows
    every peer to have a secure, private pipe to only one other peer.

    Firstly I need to know how, if possible, to configure INN to
    synchronize via client authentication and client commands, without
    respect to the kind of network transport.

    Secondly I need ideas on how to configure INN to use multiple Tor
    hidden onion services, and connect INN to unique remote onion services
    on a per-peer basis.

    Please advise with concrete information.

    --
    3883@sugar.bug | web: sybershock.com | news: alt.sources.crypto

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Retro Guy@21:1/5 to Syber Shock on Thu Sep 28 04:46:51 2023
    XPost: rocksolid.nodes.help, alt.privacy.anon-server

    On Thu, 28 Sep 2023 01:58:43 -0500
    Syber Shock <admin@sybershock.com> wrote:

    I need to be able to explain succinctly how a INN peer should connect
    to a Rocksolid Light peer if such is possible.

    Rocksolid Light (rslight) peers and syncs using client commands instead
    of innfeed. It is very simple to configure. Rocksolid Light will peer
    with any NNTP peer that has user account authentication. Enter the credentials into the rslight config, list the desired newsgroups, and
    away we go. Rslight uses client commands to check, push and pull
    articles.

    Correct. rslight acts as a news client (nnrpd client), and also as a nnrpd server. MODE STREAM is not supported in rslight at this time.

    But what if a sysop using INN wants to peer with rslight? Does INN have facility for this at user level? If I sync rslight with a INN peer, only
    the rslight peer is doing the synchronization of articles. Does INN have
    the facility to do the inverse with a rslight peer?

    I am not aware of any feature of INN that allows it to act as a nnrpd client. That doesn't mean there is no such feature, just that I am not aware of it.

    I configure the rslight cron job to synchronize at randomized
    intervals. Ultimately my strategy is to check and synchronize articles
    at random intervals from ten to thirty minutes over a tor hidden onion circuit. I would expect a remote peer to do similarly. Randomization of
    the synchronization times is a hedge against traffic analysis. Delays
    of a few minutes before forwarding buffers connecting clients from
    message timing correlation. It is not perfect but it helps and it
    increases the cost for eavesdroppers.

    This should be simple with just shell scripts.

    The hidden onion circuit is an extra layer of security for the
    connections. Each peer I link to would use a different hidden onion
    address, and I would give a different hidden onion address to each such
    peer. This allows every peer to hide physical location. It also allows
    every peer to have a secure, private pipe to only one other peer.

    Makes sense.

    Firstly I need to know how, if possible, to configure INN to
    synchronize via client authentication and client commands, without
    respect to the kind of network transport.

    Secondly I need ideas on how to configure INN to use multiple Tor
    hidden onion services, and connect INN to unique remote onion services
    on a per-peer basis.

    Please advise with concrete information.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Syber Shock@21:1/5 to Retro Guy on Thu Sep 28 08:16:32 2023
    XPost: rocksolid.nodes.help, alt.privacy.anon-server

    On Thu, 28 Sep 2023 04:46:51 -0700
    Retro Guy <retroguy@novabbs.com> wrote:

    I configure the rslight cron job to synchronize at randomized
    intervals. Ultimately my strategy is to check and synchronize
    articles at random intervals from ten to thirty minutes over a tor
    hidden onion circuit. I would expect a remote peer to do similarly. Randomization of the synchronization times is a hedge against
    traffic analysis. Delays of a few minutes before forwarding buffers connecting clients from message timing correlation. It is not
    perfect but it helps and it increases the cost for eavesdroppers.

    This should be simple with just shell scripts.

    My setup avoids crontab and uses systemd init to spawn. Maybe a little
    cleanup for install path vars would make this useful.

    $ cat /etc/systemd/system/rslight-cron.service

    [Unit]
    Description=rslight nntp cron
    After=network.target
    StartLimitIntervalSec=0
    [Service]
    User=root
    Type=simple
    TimeoutSec=0
    WorkingDirectory=/home/rslight/cron
    PIDFile=/var/run/rslight_cron_service.pid
    ExecStart=/bin/bash /home/rslight/cron/rslight.cron.bash
    KillMode=process Restart=always
    RestartSec=31s
    [Install]
    WantedBy=multi-user.target

    $ cat /home/rslight/cron/rslight.cron.bash

    #!/usr/bin/env bash

    # Cron loop randomizer for Rocksolid Light.
    # Adjust the paths to match your installation.
    # Bundled with a systemd service control script.

    counter="0"
    crondir="/home/rslight/cron"
    cronlog="$crondir/rslight.cron.log" timelog="$crondir/rslight.cron.timestamp.log"

    while :
    do

    # logging timestamp for begin of cron job
    date -u >> "$timelog

    counter="$((counter+1))"
    echo "$counter" >> "$cronlog"

    cd /var/www/public_html/forum/spoolnews
    bash -lc "php8.2 /home/rslight/config/scripts/cron.php" >> "$cronlog"
    echo "--------" >> "$cronlog"
    echo "" >> "$cronlog"

    # timestamp for end of cron job in timestamp only file
    date -u >> "$timelog"
    echo "--------" >> "$timelog"

    # rotate log files
    tail -c 65536 "$cronlog" > "$cronlog.temp"
    mv "$cronlog.temp" "$cronlog"
    tail -c 65536 "$timelog" > "$timelog.temp"
    mv "$timelog.temp" "$timelog"

    # random 10-30 minute pause in loop
    randpoz="$RANDOM$RANDOM"
    randpoz="$((randpoz%1200))"
    randpoz="$((randpoz+600))"
    sleep "$randpoz.600600600600600600" # easy to see with ps grep

    done # while true

    --
    3883@sugar.bug | web: sybershock.com | news: alt.sources.crypto

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ivo Gandolfo@21:1/5 to Retro Guy on Thu Sep 28 18:55:26 2023
    XPost: alt.privacy.anon-server

    On 28/09/2023 13:46, Retro Guy wrote:
    On Thu, 28 Sep 2023 01:58:43 -0500
    Syber Shock <admin@sybershock.com> wrote:

    But what if a sysop using INN wants to peer with rslight? Does INN have
    facility for this at user level? If I sync rslight with a INN peer, only
    the rslight peer is doing the synchronization of articles. Does INN have
    the facility to do the inverse with a rslight peer?

    I am not aware of any feature of INN that allows it to act as a nnrpd client. That doesn't mean there is no such feature, just that I am not aware of it.


    You can connect as server (with mode stream) or with client (with IHAVE
    and other permission). You can choose both way.


    The hidden onion circuit is an extra layer of security for the
    connections. Each peer I link to would use a different hidden onion
    address, and I would give a different hidden onion address to each such
    peer. This allows every peer to hide physical location. It also allows
    every peer to have a secure, private pipe to only one other peer.

    Makes sense.


    Pay attention! run a news server take a lot of bandwich. One peer with
    my server (full feed) take _at least_ 2GB/day in/at least 500MB/day out.
    (all hyearchies, nothing excluded) It's realistic run them over a (poor) bandwich network? IMHO no.

    Firstly I need to know how, if possible, to configure INN to
    synchronize via client authentication and client commands, without
    respect to the kind of network transport.

    Secondly I need ideas on how to configure INN to use multiple Tor
    hidden onion services, and connect INN to unique remote onion services
    on a per-peer basis.

    Please advise with concrete information.

    just use correctly the readers.conf permission, or setup the feed.
    innfeed not have much capabilities, but a little setup with sucks or
    other software to jump, or a batch, a feed it's possible.

    If you want to test, my server have areally a TOR service active, but experimental.

    (to all other user's here: WARNING! it's experimental! service are not garantuee at this time. If you want to test them, feel free, but
    remember to report to my email any bug/malfunction you found!)

    node: bofhteamhroxbmd6pxbjrg6egqrnnu2vj7vlxpcnb3ypk56devuyj6yd.onion


    Sincerely

    --
    Ivo Gandolfo

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From rek2 hispagatos@21:1/5 to Anonymous on Thu Sep 28 17:46:44 2023
    XPost: rocksolid.nodes.help, alt.privacy.anon-server, alt.2600.madrid
    XPost: alt.2600

    On 2023-09-28, Anonymous <Anonymous@news.novabbs.org> wrote:
    My setup avoids crontab and uses systemd init to spawn

    What is the reason that you use systemd ? Or just by chance ?

    and here comes the long old with new accents
    vim vs emacs
    linux vs *bsd
    kde vs gnome
    tiling vs non-tiling
    ....
    Systemd vs Initd
    xorg vs wayland

    :D :D

    /me goes to prepare usenet popcorn

    Happy Hacking
    ReK2


    --
    - {gemini,https}://{,rek2.}hispagatos.org - mastodon: @rek2@hispagatos.space
    - [https|gemini]://2600.Madrid - https://hispagatos.space/@rek2
    - https://keyoxide.org/A31C7CE19D9C58084EA42BA26C0B0D11E9303EC5

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Anonymous@21:1/5 to All on Thu Sep 28 17:26:31 2023
    XPost: rocksolid.nodes.help, alt.privacy.anon-server

    My setup avoids crontab and uses systemd init to spawn

    What is the reason that you use systemd ? Or just by chance ?

    --
    Posted on Rocksolid Light

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Retro Guy@21:1/5 to Retro Guy on Fri Sep 29 10:55:53 2023
    XPost: rocksolid.nodes.help, alt.privacy.anon-server

    Retro Guy wrote:

    On Thu, 28 Sep 2023 01:58:43 -0500
    Syber Shock <admin@sybershock.com> wrote:

    snip

    Firstly I need to know how, if possible, to configure INN to
    synchronize via client authentication and client commands, without
    respect to the kind of network transport.

    See my previous message in this thread (pullnews).

    Secondly I need ideas on how to configure INN to use multiple Tor
    hidden onion services, and connect INN to unique remote onion services
    on a per-peer basis.

    Multiple instances of pullnews run from however you want (cron, systemd, whatever) should do this.

    I also have a script provided to me by the co-creator of rocksolid.* that
    makes it pretty simple to connect anything to a local port and have it communicate with a remote .onion address. Just let me know if you'd like
    a copy.

    Please advise with concrete information.

    My head is full of concrete, so not a problem.

    --
    Retro Guy

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Retro Guy@21:1/5 to Retro Guy on Fri Sep 29 10:19:57 2023
    XPost: rocksolid.nodes.help, alt.privacy.anon-server

    Retro Guy wrote:

    On Thu, 28 Sep 2023 01:58:43 -0500
    Syber Shock <admin@sybershock.com> wrote:

    snip

    But what if a sysop using INN wants to peer with rslight? Does INN have
    facility for this at user level? If I sync rslight with a INN peer, only
    the rslight peer is doing the synchronization of articles. Does INN have
    the facility to do the inverse with a rslight peer?

    I am not aware of any feature of INN that allows it to act as a nnrpd client. That doesn't mean there is no such feature, just that I am not aware of it.

    I had forgotten that I used to use 'pullnews' before ever starting on rslight. I would sort of peer inn servers this way because I had no idea what I was doing :)

    Anyway, pullnews will allow you to poll a nnrpd server and feed to another, and it works quite reliably.

    https://www.eyrie.org/~eagle/software/inn/docs/pullnews.html

    I believe there are other programs that can do this or similar, but I have
    not used them.

    --
    Retro Guy

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?Q?Julien_=c3=89LIE?=@21:1/5 to All on Fri Sep 29 18:21:56 2023
    XPost: rocksolid.nodes.help, alt.privacy.anon-server

    Hi Retro Guy,

    Anyway, pullnews will allow you to poll a nnrpd server and feed to
    another, and it works quite reliably.

    https://www.eyrie.org/~eagle/software/inn/docs/pullnews.html

    Yup! Thanks to recent discussions in news.admin.peering which permitted
    to greatly improve pullnews and fix a few bugs.

    --
    Julien ÉLIE

    « Quo vadis ? » (saint Jean)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)