public inbox for nncp-devel@lists.cypherpunks.ru
Atom feed
* Public NNCP Relay is now available
@ 2021-08-01 1:56 John Goerzen
2021-08-01 23:53 ` Public NNCP Relay now reachable by tor John Goerzen
2021-08-02 10:13 ` Public NNCP Relay is now available Sergey Matveev
0 siblings, 2 replies; 5+ messages in thread
From: John Goerzen @ 2021-08-01 1:56 UTC (permalink / raw)
To: nncp-devel
Hi folks,
I have now established the public NNCP relay I wrote about. This
is, of course, experimental and I hope we all can learn from it.
I know Sergey writes that it's intended to build up a "small size
ad-hoc friend-to-friend" network. I say - let's push its limits
and see where we can take it! I mean, we already know it's going
to be better than UUCP, right? :-)
I'll include the README.txt that can be freq'd from quux below.
It describes how to fetch a nodelist. Of course, that nodelist
need only list the peers that partner with the relay node
directly. -via can always hang more branches off it and the relay
need not know about them.
Also I think it would be really interesting to see where we can
take this. Email? Usenet? (rmail/rnews) There are a lot of
complexities there, and with email also security questions. I've
started to think about these issues but haven't gotten very far.
Basically, there's a pretty big difference between allowing a
machine you own to run sendmail on a remote node and allowing a
stranger you don't know to do the same. There are also questions
of routing and addressing and... yeah. Anyhow, there's nothing
preventing you from using this public relay to send email anyhow.
The public relay itself will not accept any nncp-exec or nncp-file
commands from any node. It will, however, answer nncp-freq
commands from all nodes it know about. This will let you relay
email via it, of course.
Here's the README.txt:
nncp.quux.org public NNCP server
John Goerzen
July 31, 2021
Welcome. Here you will find basic information on using the
nncp.quux.org
public NNCP relay/server.
JOINING THE NNCP RELAY
----------------------
To join, please send an email to jgoerzen@complete•org requesting
addtion.
Make sure your email includes:
- The preferred nodename for your system. Note that you can use
whatever
nodename you like locally, since they are just aliases for NNCP
ids.
This is to help others in the nodelist.
- If your system is permanently online on the Internet, reachable
at a known
hostname/port, and you wish this to be published in the
nodelist,
let me know. This is completely optional; it is assumed most
systems
will not be reachable in this way. However, if we have ones
that are,
then the relay server can also establish outbound connections to
you.
- The self section FROM WITHIN THE neigh BLOCK of your nncp.hjson.
It should
look like this:
neigh: {
self: {
# You should give public keys below to your neighbours
id: RKOLY...KAMXQ
exchpub: 2NZKH...CMI7A
signpub: EXD7M...YAOFA
noisepub: MIXYN...BGNDQ
}
}
Upon receiving your request, you will be added to the server
configuration and
the public nodelist.
LOCAL CONFIGURATION
-------------------
Add these lines to the neigh section of your nncp.hjson:
quux: {
id: SXNADKNYBOU6VPDVZHZZGHPJXDDZTDWDT4YAQ5TJHBA6FTNUHTCA
exchpub:
7L4GZ4LKXZREZFSBKCBX4CGUTLYKUHR4KNQ3O6NPJGGM6C5YGAPQ
signpub:
HS2Q2DNZWWCFY4V2UGYYJZFU4UPTUBFOTFYBY25QNOKDNG2OBKDQ
noisepub:
C7JASCAKJDRQNWNBOUX6WGFN4U7KC3NFU472IW43NJIBUB3V3EZQ
addrs: {
internet: "nncp.quux.org:5400"
}
incoming: "/tmp" # (or more appropriate path); may be
omitted after testing
}
Then restart your daemons and verify things have loaded
appropriately.
TESTING YOUR CONFIGURATION
--------------------------
Once you receive confirmation that your node has been added to the
server,
you can test your configuration by requesting this file from the
remote:
nncp-freq quux:README.txt
After packets are exchanged and tossed after a few minutes, you
should have
a copy of README.txt in the directory you labeled as incoming in
your
configuration. At this point, if you no longer wish to be able to
receive freqs or files from quux, you may delete or comment out
the
incoming line in your configuration. However, you probably will
want
to be able to freq files from quux; read on.
THE NODELIST
------------
Part of the fun of this relay is discovering other peers around
the world.
To that end, every peer on this relay is mentioned in the
nodelist.
Download the latest nodelist with:
nncp-freq quux:nodelist.zip
Upon unpacking, you will find a directory with nncp.hjson
fragments
corresponding to the nodes in the system. (Yes, I know about
nncp-cfgdir,
but it doesn't readily support comments and I wanted them.)
You can use a script such as this to emit a more cohesive
nncp.hjson blub:
rm MYNODE # Delete your own node; that will be processed under
"self"
for FILE in *; do
echo "$FILE: {"
cat "$FILE"
echo 'via: ["quux"]'
echo '}'
# Here you could add lines about incoming dirs, via path
done
Then, if you have two ready-made nncp.hsjon segments -- the bit
before this
part of the neigh section, this part, and then the end, you could
form the
complete nncp.hjson like so (assuming the above script is in
cat-nodelist):
cat nncp.hjson.pre > nncp.hjson
cat-nodelist >> nncp.hjson
cat nncp.hjson.post >> nncp.hjson
DISCLAIMERS
-----------
This system is experimental. No guarantee about correctness of
operation,
longevity, or uptime is provided.
Submitted data, including your name, email address, host keys, and
hostname/port, will be made available to all other present or
future members
of this relay server.
If you wish to be removed from the relay server, email
jgoerzen@complete•org
with your request.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Public NNCP Relay now reachable by tor
2021-08-01 1:56 Public NNCP Relay is now available John Goerzen
@ 2021-08-01 23:53 ` John Goerzen
2021-08-02 10:13 ` Public NNCP Relay is now available Sergey Matveev
1 sibling, 0 replies; 5+ messages in thread
From: John Goerzen @ 2021-08-01 23:53 UTC (permalink / raw)
To: nncp-devel
Hello,
For any tor users out there, the public NNCP relay service is now
reachable via a tor hidden service.
The new section of README.txt describes:
As an advanced option, you may access the quux.org NNCP system via
a tor
hidden service. To do so, add this to your addrs section for
quux:
tor: "|nc -X 5 -x 127.0.0.1:9050
akii45bolkchh5ulheaqip7amvy53ctt3crihzgzn3dgsk4jzj6ofuad.onion
5400"
This assumes that the tor SOCKS5 proxy is running on port 9050 on
localhost,
and that you have netcat installed. You may need to installl
netcat and
tor if you don't have them installed already.
- John
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Public NNCP Relay is now available
2021-08-01 1:56 Public NNCP Relay is now available John Goerzen
2021-08-01 23:53 ` Public NNCP Relay now reachable by tor John Goerzen
@ 2021-08-02 10:13 ` Sergey Matveev
2021-08-03 2:34 ` John Goerzen
1 sibling, 1 reply; 5+ messages in thread
From: Sergey Matveev @ 2021-08-02 10:13 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 3073 bytes --]
Greetings!
*** John Goerzen [2021-07-31 20:56]:
>I'll include the README.txt that can be freq'd from quux below. It describes
>how to fetch a nodelist.
Thanks for trying that out!
I joined and successfully fetched README.txt and nodelist.zip.
>Also I think it would be really interesting to see where we can take this.
>Email? Usenet? (rmail/rnews) There are a lot of complexities there, and
>with email also security questions.
I thought about that too, but indeed the very first question is
security. However if ordinary RFC822 messages are processed with
something like:
#!/bin/sh
echo From_ ... >> some.mbox
cat >> some
then hardly something can go from and compromise anything on the
computer. But that mbox file can be viewed with an ordinary MUA.
Allowing "sendmail" execution must be very trusted.
>(Yes, I know about nncp-cfgdir,
>but it doesn't readily support comments and I wanted them.)
Files in any of the directories starting with the "." will be silently
skipped, so can be used to store comments. And nearly all unknown files
(unknown configuration keys) will be ignored too.
I even wanted to make an example (suggested) nodelist format in
recutils/recfile format in documentation, something like:
Name: stargrave
Description: some guy
Id: BYRRQUULEHINPKEFN7CHMSHR5I5CK7PMX5HQNCYERTBAR4BOCG6Q
ExchPub: ESTTKDHQR5H3US4UGZYNECESAH6AKHGYFYLDLK6CH7GXZOPNRIAA
SignPub: NSJPM42R6VURSKTWRHPXR5XJBYT4DH7GISPV6EP26OIMZ6NLD4OA
NoisePub: SBUVQDOUBOGNSICBMBWRO7PT2HDXXXYESLVTH77VVPU64VXMPZOQ
Host: nncp.stargrave.org:540
Host: another.mirror.stargrave.org:5400
Host: [2001:470:1f1b:230::1]:5400
Capability: IPv6
Capability: Many GiBs of diskspace
Neighbour: another-guy
Neighbour: yet-another-known-node
Area: PY2SOLOM7DQJPHVMTHNBBJAS4LIRKKVZPI6CLTBCQUZMED54STVA
Area: X6PFUQIVGC6EZVY5WPEP6WYZJ6QPQNHSV6PJIN252FI36FGYMOBA
Area: 2CAGBUTUGK5DNLJHZLSIYYK26A2F22QSNPI6QBASXLZXVZGJN2TA
Name: ...
[...]
and possible arealist:
Name: nodelist updates
Id: PY2SOLOM7DQJPHVMTHNBBJAS4LIRKKVZPI6CLTBCQUZMED54STVA
Type: file
Name: chatting around
Id: X6PFUQIVGC6EZVY5WPEP6WYZJ6QPQNHSV6PJIN252FI36FGYMOBa
Type: exec
ExecHook: echomail
but was lazy enough for all of that :-). Still was remembering FidoNet
technologies. Recfiles can be converted to Hjson/JSON/whatever easily:
$ recsel -P Name,Id,ExchPub,SignPub,NoisePub < nodelist.rec | {
read NAME ; read ID ; read EXCH_PUB ; read SIGN_PUB ; read NOISE_PUB
echo name: $NAME
echo id: $ID
echo exchpub: $EXCH_PUB
echo signpub: $SIGN_PUB
echo noisepub: $NOISE_PUB
}
name: stargrave
id: BYRRQUULEHINPKEFN7CHMSHR5I5CK7PMX5HQNCYERTBAR4BOCG6Q
exchpub: ESTTKDHQR5H3US4UGZYNECESAH6AKHGYFYLDLK6CH7GXZOPNRIAA
[...]
name: ...
[...]
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Public NNCP Relay is now available
2021-08-02 10:13 ` Public NNCP Relay is now available Sergey Matveev
@ 2021-08-03 2:34 ` John Goerzen
2021-08-04 8:14 ` Sergey Matveev
0 siblings, 1 reply; 5+ messages in thread
From: John Goerzen @ 2021-08-03 2:34 UTC (permalink / raw)
To: Sergey Matveev; +Cc: nncp-devel
On Mon, Aug 02 2021, Sergey Matveev wrote:
> then hardly something can go from and compromise anything on the
> computer. But that mbox file can be viewed with an ordinary MUA.
> Allowing "sendmail" execution must be very trusted.
Yes; in fact, rmail is a pretty simple interface for this. I was
thinking of rsmtp (BSMTP) but rmail sure does lend itself to
simplicity.
So this and a conversation I had off-list have prompted me to
start to wonder - what are we building here? One person asked me
to add via lines, since he had three nodes, only one of which
would contact quux. That gets complicated in a hurry, since of
course the via lines on quux only help for content originating
there (which is pretty much nothing except responses to freqs).
So, what are we building? Maybe:
1. A simple relay for people to exchange data with their own
nodes;
2. A simple relay for people to exchange data with their own nodes
or the nodes of their friends;
3. A larger peer-to-peer network as in UUCPNet or FidoNet that
builds a decentralized network atop the Internet (or other
transports)
For 1 or 2, a public nodelist is barely even necessary; you
configure your own machines as appropriate. For 3, it's a must,
and even more so than in UUCP land because we can't send traffic
to a remote without their keys - and we can't RECEIVE traffic from
a remote without their keys.
More on that below...
> Files in any of the directories starting with the "." will be
> silently
> skipped, so can be used to store comments. And nearly all
> unknown files
> (unknown configuration keys) will be ignored too.
Oh very nice!
> I even wanted to make an example (suggested) nodelist format in
> recutils/recfile format in documentation, something like:
TIL of recutils. Interesting - thanks!
So if we're going to build #3, what we need is for each node to be
able to compute the via lines for the other nodes in the network
*from its own perspective*.
Fortunately we actually have such a tool: pathalias, from the old
UUCP days. And, it's even still maintained!
https://gitlab.com/uucpnet/pathalias
Its output is in UUCP bang path format, but a little bit of sed
munging would get it to exactly what we need to facilitate basic
communications from any node in the network to any other node in
the network.
After that, we can think about possibilities for how to address
email across the system. It would be somewhat different from
SMTP, in that in SMTP the mailers did the relaying, and with NNCP
we can do the relaying in NNCP itself. (And SHOULD, to preserve
E2EE).
I made a sample map file for pathalias:
quux .quux.org
quux = quux.org
alexandria quux(DEDICATED)
hephaestus alexandria(LOCAL)
athena quux(DEDICATED)
Running pathalias on that produces:
hephaestus %s
alexandria alexandria!%s
quux alexandria!quux!%s
athena alexandria!quux!athena!%s
quux.org alexandria!quux!%s
.quux.org alexandria!quux!%s
(those are tab-delimeted)
And that is a correct output for what I described the links:
alexandria<->quux, hephaestus<->alexandria, and athena<->quux,
with the local system being hephaestus.
If anybody is interested in looking into this, be my guest.
Otherwise, I may do so when I have time (which may not be right
away)
John
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Public NNCP Relay is now available
2021-08-03 2:34 ` John Goerzen
@ 2021-08-04 8:14 ` Sergey Matveev
0 siblings, 0 replies; 5+ messages in thread
From: Sergey Matveev @ 2021-08-04 8:14 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 3446 bytes --]
Greetings!
*** John Goerzen [2021-08-02 21:34]:
>what are we building here?
This is the main question! :-)
>So, what are we building? Maybe:
>1. A simple relay for people to exchange data with their own nodes;
>2. [...]
>For 1 or 2, a public nodelist is barely even necessary; you configure your
>own machines as appropriate.
Agreed that nodelist is barely necessary there.
>3. A larger peer-to-peer network as in UUCPNet or FidoNet that builds a
>decentralized network atop the Internet (or other transports)
Currently I am in the state that we (probably only I?) definitely do not
want that. I thought about FTN-networks all the time since the very
beginning of NNCP project. And honestly and frankly I just fear to think
in that direction (of more or less global-scale network), because I see
huge quantity of projects having too high and too longterm and too
complicated targets -- and they fail because of lack of time, lack of
interest after a while and various other reasons. I prefer to have not
so feature-full thing, but that could be treated more or less completed
and good enough for some clearly defined use-cases.
Making FTN-like network from NNCP is not possible because of decisions
of authentication of everyone and everything. You correctly noted that
you even can not receive anything without explicit knowledge of sender's
public keys. And I very like that decision anyway: friend-to-friend
networks are more secure, more simple, and so on. And of course they
have got some drawbacks impeding some tasks solving.
>So if we're going to build #3, what we need is for each node to be able to
>compute the via lines for the other nodes in the network *from its own
>perspective*.
Yeah, that is some kind of full-fledged dynamic routing. And moreover,
in FTN networks every node can directly connect to any other node, that
currently is not possible without presharing their public keys. Globally
distributed nodelist with public keys can help in that, but in that case
you will use system with some kind of automatic nodes discovery/knowledge.
I know that even completely cryptography-less systems like FTN existed
with millions of users, but I really do want much more secure and
authenticated/trusted thing. However currently there is already
multicast areas functionality where you can transit packets without
knowing the sender of area packet.
That is (global-scale network, without the forced need of
friend-to-friend connectivity) much more complicated tasks. Possibly
that kind of network can be built atop of NNCP, using it as a
node-to-node transport, and processing tossed packets with some
completely different routing algorithms and formats. But NNCP itself is
definitely useful at least for my needs (store-and-forward helpers), and
NNCP-FTN is the thing which I definitely not in need :-). It can be
interesting as a hobby, just-for-run project, some kind of challenge,
but not for the really appearing problems solution. Of course this is
only my personal opinion.
>Fortunately we actually have such a tool: pathalias, from the old UUCP days.
>And, it's even still maintained! https://gitlab.com/uucpnet/pathalias
Very interesting tool! Definitely could be useful even now. Will look at
it closer soon. Thanks for pointing!
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-08-04 11:46 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-01 1:56 Public NNCP Relay is now available John Goerzen
2021-08-01 23:53 ` Public NNCP Relay now reachable by tor John Goerzen
2021-08-02 10:13 ` Public NNCP Relay is now available Sergey Matveev
2021-08-03 2:34 ` John Goerzen
2021-08-04 8:14 ` Sergey Matveev