More explanation about what the onion build option means #71

This commit is contained in:
Bob Mottram 2017-09-12 10:08:36 +01:00
parent 9a5eb8c89b
commit 9de00eea27
4 changed files with 18 additions and 12 deletions

View File

@ -70,10 +70,10 @@ freedombone-image -t beaglebone
Or of you want a system where the services are only accessible via onion addresses. Or of you want a system where the services are only accessible via onion addresses.
#+begin_src #+begin_src
freedombone-image -t beaglebone --onion yes freedombone-image -t beaglebone --onion-addresses-only yes
#+end_src #+end_src
Onion addresses have the advantage of being difficult to censor and you don't need to buy a domain or have a dynamic DNS account. An onion based system also means you don't need to think about NAT traversal type issues. Onion addresses have the advantage of being difficult to censor and you don't need to buy a domain or have a dynamic DNS account. An onion based system also means you don't need to think about NAT traversal type issues. This *does not* mean that everything gets routed through Tor, it just means that the sites for apps which you install will be available through Tor's address system.
#+BEGIN_CENTER #+BEGIN_CENTER
[[file:images/bbb_back.jpg]] [[file:images/bbb_back.jpg]]

View File

@ -26,7 +26,7 @@ cd freedombone
git checkout stretch git checkout stretch
sudo make install sudo make install
freedombone-image --setup debian freedombone-image --setup debian
freedombone-image -t i386 --onion yes freedombone-image -t i386 --onion-addresses-only yes
#+end_src #+end_src
Or on Arch/Parabola: Or on Arch/Parabola:
@ -38,7 +38,7 @@ cd freedombone
git checkout stretch git checkout stretch
sudo make install sudo make install
freedombone-image --setup parabola freedombone-image --setup parabola
freedombone-image -t i386 --onion yes freedombone-image -t i386 --onion-addresses-only yes
#+end_src #+end_src
Now prepare your local system to talk to the freedombone by running the following command. This will set up avahi and create ssh keys if necessary. Now prepare your local system to talk to the freedombone by running the following command. This will set up avahi and create ssh keys if necessary.
@ -51,7 +51,9 @@ freedombone-client
[[file:images/tor_onion.jpg]] [[file:images/tor_onion.jpg]]
#+END_CENTER #+END_CENTER
The version in which sites are available only via onion addresses is the easiest to get started with, since you can evaluate the system without committing to buying an ICANN domain name or needing to get involved with SSL/TLS certificates at all. However, if you do want your sites to be available typically as subdomains of a domain name which you own then remove the *--onion yes* option from the last command shown above. Also see the [[./domains.html][guide on setting up an ICANN domain name]]. The version in which sites are available only via onion addresses is the easiest to get started with, since you can evaluate the system without committing to buying an ICANN domain name or needing to get involved with SSL/TLS certificates at all. However, if you do want your sites to be available typically as subdomains of a domain name which you own then remove the *--onion-addresses-only yes* option from the last command shown above. Also see the [[./domains.html][guide on setting up an ICANN domain name]].
The *onion-addresses-only* option *does not* mean that everything gets routed through Tor. It's intended to provide accessible web apps with minimum fuss and without needing to buy a clearnet domain name or mess with forwarding ports. Using apps via their onion addresses may provide some degree of anonymity but it may not be perfect and anonymity isn't the aim of this system (if you want that then use [[https://tails.boum.org/][TAILS]]).
If you want to create images for microSD cards used within various single board computers then replace the *i386* with *beaglebone* / *cubieboard2* / *cubietruck* / *a20-olinuxino-lime* / *a20-olinuxino-lime2* / *a20-olinuxino-micro* or *apu*. If you want to create images for microSD cards used within various single board computers then replace the *i386* with *beaglebone* / *cubieboard2* / *cubietruck* / *a20-olinuxino-lime* / *a20-olinuxino-lime2* / *a20-olinuxino-micro* or *apu*.

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2017-07-03 Mon 12:29 --> <!-- 2017-09-12 Tue 09:56 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -330,11 +330,11 @@ Or of you want a system where the services are only accessible via onion address
</p> </p>
<pre class="example"> <pre class="example">
freedombone-image -t beaglebone --onion yes freedombone-image -t beaglebone --onion-addresses-only yes
</pre> </pre>
<p> <p>
Onion addresses have the advantage of being difficult to censor and you don't need to buy a domain or have a dynamic DNS account. An onion based system also means you don't need to think about NAT traversal type issues. Onion addresses have the advantage of being difficult to censor and you don't need to buy a domain or have a dynamic DNS account. An onion based system also means you don't need to think about NAT traversal type issues. This <b>does not</b> mean that everything gets routed through Tor, it just means that the sites for apps which you install will be available through Tor's address system.
</p> </p>
<div class="org-center"> <div class="org-center">

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2017-07-03 Mon 12:29 --> <!-- 2017-09-12 Tue 10:06 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -262,7 +262,7 @@ git clone https://github.com/bashrc/freedombone
git checkout stretch git checkout stretch
sudo make install sudo make install
freedombone-image --setup debian freedombone-image --setup debian
freedombone-image -t i386 --onion yes freedombone-image -t i386 --onion-addresses-only yes
</code></pre> </code></pre>
</div> </div>
@ -277,7 +277,7 @@ git clone https://github.com/bashrc/freedombone
git checkout stretch git checkout stretch
sudo make install sudo make install
freedombone-image --setup parabola freedombone-image --setup parabola
freedombone-image -t i386 --onion yes freedombone-image -t i386 --onion-addresses-only yes
</code></pre> </code></pre>
</div> </div>
@ -299,7 +299,11 @@ Now prepare your local system to talk to the freedombone by running the followin
</div> </div>
<p> <p>
The version in which sites are available only via onion addresses is the easiest to get started with, since you can evaluate the system without committing to buying an ICANN domain name or needing to get involved with SSL/TLS certificates at all. However, if you do want your sites to be available typically as subdomains of a domain name which you own then remove the <b>&#x2013;onion yes</b> option from the last command shown above. Also see the <a href="./domains.html">guide on setting up an ICANN domain name</a>. The version in which sites are available only via onion addresses is the easiest to get started with, since you can evaluate the system without committing to buying an ICANN domain name or needing to get involved with SSL/TLS certificates at all. However, if you do want your sites to be available typically as subdomains of a domain name which you own then remove the <b>&#x2013;onion-addresses-only yes</b> option from the last command shown above. Also see the <a href="./domains.html">guide on setting up an ICANN domain name</a>.
</p>
<p>
The <b>onion-addresses-only</b> option <b>does not</b> mean that everything gets routed through Tor. It's intended to provide accessible web apps with minimum fuss and without needing to buy a clearnet domain name or mess with forwarding ports. Using apps via their onion addresses may provide some degree of anonymity but it may not be perfect and anonymity isn't the aim of this system (if you want that then use <a href="https://tails.boum.org/">TAILS</a>).
</p> </p>
<p> <p>