+
-
-Homesteading the Fediverse +
Homesteading the Fediverse
+Some things you might want to know about the Fediverse:
+Federation as a concept
-Federation as a concept
+The political definition of a federation is "a union of partially self-governing states or regions under a central (federal) government". The fediverse isn't exactly like that, in that there is no federal government. However there are protocols which govern the communication between instances and that might be analogized to being a sort of elementary constitution or mutual agreement binding all participants together. The protocols are merely ways of moving data around though, and don't impose any sort of moral code.
Keep the number of users on each server small
-Keep the number of users on each server small
+The importance of this can't be overstated. Servers with lots of users always eventually have problems where the interests of the users are not the same as the interests of the server administrator. If you are the server administrator, or if there are only a small squad-size group of people on the server, then it's a lot easier to resolve differences and everyone's interests are likely to be similar.
Drama will happen
-Drama will happen
+It's inevitable in any social network, but fortunately your options for dealing with it are better than they are in the giant proprietary monoliths. In the proprietary world Google or Facebook don't give a damn about the fate of individual users. On a server with a small number of users if you're getting griefed then the administrator is likely to care and be able to do something about it.
Don't be afraid to block
-Don't be afraid to block
+Especially if other servers are publishing content which may not be legal in your jurisdiction then don't be afraid to use domain or user blocking from the Administrator control panel. The same applies if users on other servers are trying to harass you. Blocking creates politics and drama but this is a feature not a bug. It allows you to craft your own distinct community and user experience while also existing in the wider federation. It's hard to do this on sites like Twitter or Facebook. Try to keep blocking to a minimum though and avoid doing it for insubstantial reasons. If you have other users on your server then publish the blocked domains list somewhere they can see. That avoids disappointment and enables you to have a discussion about the validity of blocking decisions.
Network structure maps on to social structure
-Network structure maps on to social structure
+Over time follows and blocking rules come to match the underlying social geography of affinity groups. Blocking will happen and users will move around or start new servers. Drama related to blocking will dissipate.
Keep your follows under the Dunbar number
-Keep your follows under the Dunbar number
+Keep the number of other frequently active users you're following to under a couple of hundred. Your actual number of follows might be larger than this but could include users who rarely post anything.
@@ -220,9 +217,9 @@ Once there are more than a couple of hundred highly active users in your timelinAvoid big public servers
-Avoid big public servers
+It may seem like a good idea and it may seem like you're doing a service to the community by allowing random strangers to register, but servers with thousands of users only cause problems - social, administrative, financial and possibly also legal. The financial strain of running a powerful server with high reliability may be enough to encourage the administrator to begin pushing advertising onto the system, or sell user content, and then before you know it you have identical problems to Twitter. Instead try to encourage people to set up their own servers. Follow this principle and a lot of arguments and stress will be more easily avoided.
diff --git a/website/EN/homeserver.html b/website/EN/homeserver.html index cfbda0ed..317d699d 100644 --- a/website/EN/homeserver.html +++ b/website/EN/homeserver.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - -
+
Home Server
Home Server
+The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router.
@@ -256,9 +164,10 @@ First install freedombone onto your local system (not the target hardware that ysudo apt-get install git dialog build-essential git clone https://github.com/bashrc/freedombone -cd freedombone +cd freedombone git checkout stretch sudo make install freedombone-image --setup debian @@ -271,9 +180,10 @@ Or on Arch/Parabola:+sudo pacman -S git dialog git clone https://github.com/bashrc/freedombone -cd freedombone +cd freedombone git checkout stretch sudo make install freedombone-image --setup parabola @@ -286,17 +196,16 @@ Now prepare your local system to talk to the freedombone by running the followin+-freedombone-client--
+
The version in which sites are available only via onion addresses is the easiest to get started with, since you can evaluate the system without committing to buying an ICANN domain name or needing to get involved with SSL/TLS certificates at all. However, if you do want your sites to be available typically as subdomains of a domain name which you own then remove the –onion-addresses-only yes option from the last command shown above. Also see the guide on setting up an ICANN domain name. @@ -310,13 +219,11 @@ The onion-addresses-only option does not mean that everything gets If you want to create images for microSD cards used within various single board computers then replace the i386 with beaglebone / cubieboard2 / cubietruck / a20-olinuxino-lime / a20-olinuxino-lime2 / a20-olinuxino-micro or apu.
---
+
This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image. @@ -327,6 +234,7 @@ List what drives are on your system with:
+@@ -340,8 +248,9 @@ You can now copy the image to the USB thumb drive, replacing sdX with thels /dev/sd*-@@ -354,6 +263,7 @@ As the system boots for the first time the login is:dd if=/dev/zero of=/dev/sdX bs=1M count=8 -dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync + +dd if=/dev/zero of=/dev/sdX bs=1M count=8 +dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync+username: fbone password: freedombone@@ -364,6 +274,7 @@ If you're installing from a microSD card on a single board computer without a sc+@@ -385,6 +296,7 @@ When it's installed on your local system open a terminal and verify the ssh servssh fbone@freedombone.local -p 2222+@@ -393,19 +305,18 @@ When it's installed on your local system open a terminal and verify the ssh serv This will show the hash code for the public ssh key of the Freedombone system. -freedombone-client --verify--
+
Open another terminal window then run:
++freedombone-client ssh myusername@freedombone.local -p 2222@@ -415,25 +326,21 @@ ssh myusername@freedombone.local -p 2222 Use the password you wrote down earlier to log in. Select the administrator control panel with up and down cursor keys, space bar and enter key. You should see something like this, and you might need to re-enter your password. ---
+
Then select About. You'll see a list of sites and their onion addresses.
---
+
The About screen contains the ssh server public key hashes and you can compare the relevant one with the previous terminal window to verify that they're the same. If they're not then you might have a machine-in-the-middle snooping on you. @@ -447,13 +354,11 @@ You have now confirmed a secure connection. Probably. If you're still sceptical Press any key to exit from the About screen. You can then select Add/Remove apps and add whatever applications you wish to run. Note that some apps will only run on x86 systems, but most will install and run on ARM single board computers. More details on particular apps can be found here.
---
+
Once your apps have installed you can go back to the About screen, pick an onion address and try it within a Tor compatible browser. You'll need to know the login passwords and those can be found within the Passwords section of the administrator control panel. An axiom of the Freedombone system is that if given the choice users will usually use insecure passwords, so on this system passwords are generated randomly. If you need to then you can transfer the passwords into your favourite password manager and remove them from the server by going to the Security Settings section of the administrator control panel and choosing Export passwords and Password storage. @@ -472,16 +377,19 @@ Of course, this is just one way in which you can install the Freedombone system.
+-man freedombone-image++This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,66 +144,66 @@ for the JavaScript code in this tag.-+- ---
- +Installation
-+-Installation
++-Building an image for a Single Board Computer or Virtual Machine
-++-Building an image for a Single Board Computer or Virtual Machine
+You don't have to trust images downloaded from random internet locations signed with untrusted keys. You can build one from scratch yourself, and this is the recommended procedure for maximum security. For guidance on how to build images see the manpage for the freedombone-image command.
@@ -305,12 +213,13 @@ Install the freedombone commands onto your laptop/desktop:-+sudo apt-get install git build-essential dialog + +sudo apt-get install git build-essential dialog git clone https://github.com/bashrc/freedombone -cd freedombone +cd freedombone git checkout stretch sudo make install -@@ -318,8 +227,9 @@ Then install packages needed for building images:
-+ +freedombone-image --setup debian -freedombone-image --setup debian +@@ -327,8 +237,9 @@ or on an Arch/Parabola system:
-+ +freedombone-image --setup parabola -freedombone-image --setup parabola +@@ -336,8 +247,9 @@ A typical use case to build an 8GB image for a Beaglebone Black is as follows. Y
-+ +freedombone-image -t beaglebone -s 8G -freedombone-image -t beaglebone -s 8G +@@ -345,8 +257,9 @@ If you prefer an advanced installation with all of the options available then us
-+ +freedombone-image -t beaglebone -s 8G --minimal no -freedombone-image -t beaglebone -s 8G --minimal no +@@ -354,8 +267,9 @@ To build a 64bit Qemu image:
-+ +freedombone-image -t qemu-x86_64 -s 8G -freedombone-image -t qemu-x86_64 -s 8G +@@ -367,72 +281,86 @@ If the image build fails with an error such as "Error reading from server. Re
-+ +freedombone-image -t beaglebone -s 8G -m http://ftp.de.debian.org/debian -freedombone-image -t beaglebone -s 8G -m http://ftp.de.debian.org/debian +-Checklist
-++-Checklist
+Before installing Freedombone you will need a few things.
-
- Have some domains, or subdomains, registered with a dynamic DNS service. For the full install you may need two "official" purchased domains or be using a subdomain provider which is supported by Let's Encrypt.
-- System with a new installation of Debian Stretch or a downloaded/prepared disk image
-- Ethernet connection between the system and your internet router
-- That it is possible to forward ports from the internet router to the system, typically via firewall settings
-- Have ssh access to the system, typically via fbone@freedombone.local on port 2222
+- Have some domains, or subdomains, registered with a dynamic DNS service. For the full install you may need two "official" purchased domains or be using a subdomain provider which is supported by Let's Encrypt. +
+- System with a new installation of Debian Stretch or a downloaded/prepared disk image +
+- Ethernet connection between the system and your internet router +
+- That it is possible to forward ports from the internet router to the system, typically via firewall settings +
+- Have ssh access to the system, typically via fbone@freedombone.local on port 2222 +
-Installation
-++Installation
+-There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine.
-On a Laptop, Netbook or Desktop machine
-++-On a Laptop, Netbook or Desktop machine
+If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Stretch onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
-+su + +su apt-get update apt-get -y install git dialog build-essential git clone https://github.com/bashrc/freedombone -cd freedombone +cd freedombone git checkout stretch make install freedombone menuconfig --On a single board computer (SBC)
-++-On a single board computer (SBC)
+Currently the following boards are supported:
-
- Beaglebone Black
-- Cubieboard 2
-- Cubietruck (Cubieboard 3)
-- PCDuino3
-- olinuxino Lime
-- olinuxino Lime2
-- olinuxino Micro
+- Beaglebone Black +
+- Cubieboard 2 +
+- Cubietruck (Cubieboard 3) +
+- PCDuino3 +
+- olinuxino Lime +
+- olinuxino Lime2 +
+- olinuxino Micro +
@@ -440,8 +368,9 @@ If there is no existing image available then you can build one from scratch. See
-+ +gpg --verify filename.img.asc -gpg --verify filename.img.asc +@@ -449,8 +378,9 @@ And the hash with:
-+ +sha256sum filename.img -sha256sum filename.img +@@ -458,8 +388,9 @@ If the image is compressed then decompress it with:
-+ +unxz filename.img.xz -unxz filename.img.xz +@@ -467,8 +398,9 @@ Then copy it to a microSD card. Depending on your system you may need an adaptor
-+ +sudo dd bs=1M if=filename.img of=/dev/sdX conv=fdatasync -sudo dd bs=1M if=filename.img of=/dev/sdX conv=fdatasync +@@ -476,8 +408,9 @@ Where sdX is the microSD drive. You can check which drive is the microSD
-+ +ls /dev/sd* -ls /dev/sd* +@@ -489,8 +422,9 @@ With the board connected and running you can ssh into the system with:
-+ +ssh fbone@freedombone.local -p 2222 -ssh fbone@freedombone.local -p 2222 +@@ -499,16 +433,17 @@ Using the password 'freedombone'. Take a note of the new login password and then
-As a Virtual Machine
-++-As a Virtual Machine
+Qemu is currently supported, since it's s fully free software system. You can run a 64 bit Qemu image with:
-+ +qemu-system-x86_64 -m 1G filename.img -qemu-system-x86_64 -m 1G filename.img +@@ -518,42 +453,42 @@ The default login will be username 'fbone' and password 'freedombone'. Take a no
-Social Key Management - the 'Unforgettable Key'
-++Social Key Management - the 'Unforgettable Key'
+-During the install procedure you will be asked if you wish to import GPG keys. If you don't already possess GPG keys then just select "Ok" and they will be generated during the install. If you do already have GPG keys then there are a few possibilities
-You have the gnupg keyring on an encrypted USB drive
-++-You have the gnupg keyring on an encrypted USB drive
+If you previously made a master keydrive containing the full keyring (the .gnupg directory). This is the most straightforward case, but not as secure as splitting the key into fragments.
-You have a number of key fragments on USB drives retrieved from friends
-++-You have a number of key fragments on USB drives retrieved from friends
+-If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more Keydrives. +If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more Keydrives.
-You can specify some ssh login details for friends servers containing key fragments
-+-+You can specify some ssh login details for friends servers containing key fragments
+Enter three or more sets of login details and the installer will try to retrieve key fragments and then assemble them into the full key. This only works if you previously were using remote backups and had social key management enabled.
-Final Setup
-++-Final Setup
+Any manual post-installation setup instructions or passwords can be found in /home/username/README.
@@ -566,128 +501,129 @@ On your internet router, typically under firewall settings, open the following p- + - + - Service -Ports +Service +Ports - HTTP -80 +HTTP +80 - HTTPS -443 +HTTPS +443 - SSH -2222 +SSH +2222 - DLNA -1900 +DLNA +1900 - DLNA -8200 +DLNA +8200 - XMPP -5222..5223 +XMPP +5222..5223 - XMPP -5269 +XMPP +5269 - XMPP -5280..5281 +XMPP +5280..5281 - IRC -6697 +IRC +6697 - Git -9418 +Git +9418 - 25 +25 - 587 +587 - 465 +465 - 993 +993 - VoIP -64738 +VoIP +64738 - VoIP -5060 +VoIP +5060 - Tox -33445 +Tox +33445 - Syncthing -22000 +Syncthing +22000 -Keydrives
-++Keydrives
+-After installing for the first time it's a good idea to create some keydrives. These will store your gpg key so that if all else fails you will still be able to restore from backup. There are two ways to do this:
-Master Keydrive
-++-Master Keydrive
+This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be done from the Disk Utility application. Then plug it into the Freedombone system, then from your local machine run:
-+ +ssh myusername@mydomainname -p 2222 -ssh myusername@mydomainname -p 2222 +@@ -695,16 +631,17 @@ Select Administrator controls then Backup and Restore then Back
-Fragment keydrives
-+-+Fragment keydrives
+This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this can be done from the Disk Utility application. Plug it into the Freedombone system then from your local machine run the following commands:
-+ +ssh myusername@mydomainname -p 2222 -ssh myusername@mydomainname -p 2222 +@@ -717,45 +654,52 @@ Fragments are randomly assigned and so you will need at least three or four keyd
-On Client Machines
-++-On Client Machines
+You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security.
-+sudo apt-get update + +sudo apt-get update sudo apt-get install git dialog haveged build-essential git clone https://github.com/bashrc/freedombone -cd freedombone +cd freedombone git checkout stretch sudo make install freedombone-client --Administering the system
-+diff --git a/website/EN/installmethods.html b/website/EN/installmethods.html index 75a9791f..b60e8710 100644 --- a/website/EN/installmethods.html +++ b/website/EN/installmethods.html @@ -4,7 +4,7 @@+Administering the system
+To administer the system after installation log in via ssh, become the root user and then launch the control panel.
-+ +ssh myusername@freedombone.local -p 2222 -ssh myusername@freedombone.local -p 2222 +Select Administrator controls then from there you will be able to perform various tasks, such as backups, adding and removing users and so on. You can also do this via commands, which are typically installed as /usr/local/bin/freedombone* and the corresponding manpages.
--Return to the home page - +++<center> +Return to the <a href="index.html">home page</a> +</center> +
+ +- + @@ -145,13 +145,11 @@ for the JavaScript code in this tag. ---
Most people don't have a static external IP address, so you will need to have an account on a dymanic DNS service. FreeDNS is the one recommended, but others are available. diff --git a/website/EN/mesh.html b/website/EN/mesh.html index dd0cf430..da58c248 100644 --- a/website/EN/mesh.html +++ b/website/EN/mesh.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,35 +144,38 @@ for the JavaScript code in this tag.-+- ---
+ Mesh Network
+Mesh Network
++The Freedombone Mesh is a wireless solution for autonomous or internet connected communication that can be rapidly deployed in temporary, emergency or post-disaster situations where internet access is unavailable or compromised.
-
-- Philosophic
-- Capabilities
-- Disk images and how to build them
-- Customisation
-- How to use it
+- Philosophic +
+- Capabilities +
+- Disk images and how to build them +
+- Customisation +
+- How to use it +
--
+
Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to or reliant upon the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small businesses who don't want the overhead of server maintenance, protests, remote areas of the world, temporary "digital blackouts", scientific expeditions and off-world space colonies. @@ -282,12 +193,14 @@ Systems only need to be within wifi range of each other for the mesh to be creat Like LibreMesh, this system uses a combination of batman-adv on network layer 2 and BMX on layer 3. Routing protocols OLSR2 and Babel are also selectable.
-++This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,42 +144,59 @@ for the JavaScript code in this tag.-+- ---
+ Mesh Network: Capabilities
++Mesh Network: Capabilities
++The mesh system has the following capabilities:
-
- Discovery of other users on the network
-- Text based chat, one-to-one and in groups
-- Voice chat (VoIP) and video calls
-- Private and public sharing of files
-- Blogging
-- Collaborative editing of documents and presentations
-- Creating and broadcasting audio media/podcasts
-- Social network stream. Follow/unfollow other peers
-- No network administration required
-- No servers
-- Internet connection is optional
-- Works from bootable USB drives or microSD drives
-- Data is mesh routed between systems
-- Private communications is end-to-end secured and forward secret
-- Publicly shared data is content addressable
+- Discovery of other users on the network +
+- Text based chat, one-to-one and in groups +
+- Voice chat (VoIP) and video calls +
+- Private and public sharing of files +
+- Blogging +
+- Collaborative editing of documents and presentations +
+- Creating and broadcasting audio media/podcasts +
+- Social network stream. Follow/unfollow other peers +
+- No network administration required +
+- No servers +
+- Internet connection is optional +
+- Works from bootable USB drives or microSD drives +
+- Data is mesh routed between systems +
+- Private communications is end-to-end secured and forward secret +
+- Publicly shared data is content addressable +
This system should be quite scalable. Both qTox and IPFS are based upon distributed hash tables (DHT) so that each peer does not need to store the full index of data for the entire network. Gossiping between SSB peers may be slower, but the small world effect will presumably still make for quite efficient delivery in a large network. Caching or pinning of IPFS data and its content addressability means that if a file or blog becomes popular then performance should improve as the number of downloads increases, which is the opposite of the client/server paradigm.
@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,16 +144,16 @@ for the JavaScript code in this tag.-+- ---
+ Mesh Network: Customisation
++Mesh Network: Customisation
++If you want to make your own specially branded version, such as for a particular event, then to change the default desktop backgrounds edit the images within img/backgrounds and to change the available avatars and desktop icons edit the images within img/avatars. Re-create disk images using the instructions shown previously.
@@ -254,6 +162,8 @@ If you want to make your own specially branded version, such as for a particular If you need particular dconf commands to alter desktop appearance or behavior then see the function mesh_client_startup_applications within src/freedombone-image-customise.@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,23 +144,23 @@ for the JavaScript code in this tag.-+-+ +
+-Mesh Network: Images
- - Mesh Network: Images
-Pre-built Disk Images
----Writing many images quickly
-++Pre-built Disk Images
+++-Writing many images quickly
+There may be situations where you need to write the same disk image to multiple drives at the same time in order to maximize rate of deployment. In the instructions given below the dd command is used for writing to the target drive, but to write to multiple drives you can use a tool such as GNOME MultiWriter.
@@ -262,6 +170,7 @@ For example on Arch/Parabola:+@@ -271,6 +180,7 @@ Or on Debian based systems:sudo pacman -S gnome-multi-writer+@@ -280,22 +190,21 @@ The MultiWriter tool is also available within mesh client images, so that you casudo apt-get install gnome-multi-writer-Client images
--+-+Client images
+--
+
"Client" isn't exactly the right term, but it's a mesh peer with a user interface. These images can be copied to a USB drive, then you can plug it into a laptop/netbook/desktop machine and boot from it. You will probably also need an Atheros USB wifi dongle (the black protruding object on the left side of the netbook in the picture above), because most built-in wifi usually requires proprietary firmware. In the commands below substitute /dev/sdX with the USB drive device, excluding any trailing numbers (eg. /dev/sdb). The USB drive you're copying to will need to be at least 16GB in size.
+@@ -317,6 +226,7 @@ If you're in an emergency and don't have Atheros wifi dongles then there is alsosudo apt-get install xz-utils wget wget https://freedombone.net/downloads/current/freedombone-meshclient-i386.img.xz wget https://freedombone.net/downloads/current/freedombone-meshclient-i386.img.xz.sig @@ -303,8 +212,8 @@ gpg --verify freedombone-meshclient-i386.img.xz.sig sha256sum freedombone-meshclient-i386.img.xz 49391230de6a4f1966db091813deb8f9d93c947677f5483baa52400d7fcba7d3 unxz freedombone-meshclient-i386.img.xz -sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8 -sudo dd bs=1M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync +sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8 +sudo dd bs=1M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync+sudo apt-get install xz-utils wget wget https://freedombone.net/downloads/current/freedombone-meshclient-insecure-i386.img.xz wget https://freedombone.net/downloads/current/freedombone-meshclient-insecure-i386.img.xz.sig @@ -324,36 +234,35 @@ gpg --verify freedombone-meshclient-insecure-i386.img.xz.sig sha256sum freedombone-meshclient-insecure-i386.img.xz c11783741e66df5072ffcbef8d9b04260a2298d84e33c72fefa4bb539d094810 unxz freedombone-meshclient-insecure-i386.img.xz -sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8 -sudo dd bs=1M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync +sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8 +sudo dd bs=1M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync-Router images
-++Router images
+-Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
-Beaglebone Black
--+-+Beaglebone Black
+--
+
The above picture shows a Beaglebone Black with the image copied onto a microSD card (there's no need to do anything with the internal EMMC). A USB Atheros wifi adaptor with a large antenna is attached and in this case power is from the mains, although it could be from a battery or solar power system capable of supplying 5 volts and maybe 1A (depending upon how active the router is).
+@@ -377,9 +286,9 @@ There is still a software freedom issue with the Beaglebone Black, but it doesn'sudo apt-get install xz-utils wget wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz.sig @@ -361,7 +270,7 @@ gpg --verify freedombone-mesh_beaglebone-armhf.img.xz.sig sha256sum freedombone-mesh_beaglebone-armhf.img.xz ad8f22c0d46c98a80aa47b5809402971cf5cf26ebf587c59a667307b2386c3d2 unxz freedombone-mesh_beaglebone-armhf.img.xz -sudo dd bs=1M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync +sudo dd bs=1M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync-Building Disk Images
-++Building Disk Images
+It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.
@@ -389,6 +298,7 @@ First you will need to create an image. On a Debian based system (tested on Debi+sudo apt-get -y install git wget build-essential wget https://freedombone.net/downloads/current/freedombone.tar.gz wget https://freedombone.net/downloads/current/freedombone.tar.gz.sig @@ -396,7 +306,7 @@ gpg --verify freedombone.tar.gz.sig sha256sum freedombone.tar.gz afbb536564140aa28c6491d45b7474ced5a0b018539ffd3e96b13b242a41792e tar -xzvf freedombone.tar.gz -cd freedombone +cd freedombone git checkout stretch sudo make install freedombone-image --setup debian @@ -409,6 +319,7 @@ If you don't have Atheros or free software compatible wifi adapter then you can+@@ -422,6 +333,7 @@ List what drives are on your system with:freedombone-image -t i386 -v meshclient --insecure yes+@@ -435,8 +347,9 @@ You can now copy the image to the USB thumb drive, replacing sdX with thels /dev/sd*-@@ -457,6 +370,7 @@ You can also use single board computers (SBCs) such as the BeagleBone Black to msudo dd if=/dev/zero of=/dev/sdX bs=1M count=8 -sudo dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync + +sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8 +sudo dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync+diff --git a/website/EN/mesh_philosophic.html b/website/EN/mesh_philosophic.html index 46858dfc..7021fe66 100644 --- a/website/EN/mesh_philosophic.html +++ b/website/EN/mesh_philosophic.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - -freedombone-image -t beaglebone -v mesh - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,16 +144,16 @@ for the JavaScript code in this tag.-+- ---
+ Mesh Network: Philosophic
+-Mesh Network: Philosophic
++"I see mesh networks naturally evolving to become the dominant form of network over the next few decades, because it’s the most practical solution to a number of problems that will have to be solved in order to build the VR web as well as to connect the entire world to the internet. Centralized networks are only possible in highly developed countries with existing infrastructures like power and telephone grids, as well as roads. You can’t build a tower where you don’t have either power or access. For vast areas of the world, mesh networks will be the only feasible solution." – Valkyrie Ice @@ -255,91 +163,93 @@ for the JavaScript code in this tag.
The Freedombone mesh roughly follows MondoNet's ten social specifications:
+-Decentralized
-++-Decentralized
+The network should not be operated, maintained, or in any way reliant upon a single or minimally differentiated set of entities or technologies. No individual, entity or group should be central to the network to the extent that their absence would measurably impact its functionality or scope. Network participation should not require access to fixed, physical infrastructure of any sort.
-Universally Accessible
-++-Universally Accessible
+The requisite technology and expertise required to participate in the network should be available at minimal cost and effort to every human being on the planet. Furthermore, all users should be able to extend the network’s content and functionality to suit their own needs, or those of others. No aspect of the network’s functioning should be reliant upon proprietary technologies, information or capital.
-Censor-proof
-++-Censor-proof
+The network should be resistant to both regulatory and technical attempts to limit the nature of the information shared, restrict usage by given individuals or communities, or render the network, or any portion of it, inoperable or inaccessible.
-Surveillance-proof
-++-Surveillance-proof
+The network should enable users to choose exactly what information they share with whom, and to participate anonymously if they so desire. Users should only have access to information if they are the designated recipients, or if it has been published openly.
-Secure
-++-Secure
+The network should be organized in a way that minimizes the risk of malicious attacks or engineering failure. Information exchanged on the network should meet or exceed the delivery rate and reliability of information exchanged via the Internet.
-Scalable
-++-Scalable
+The network should be organized with the expectation that its scale could reach or even exceed that of today’s Internet. Special care should be taken to address to the challenge of maintaining efficiency without the presence of a centralized backbone.
-Permanent
-++-Permanent
+The network’s density and redundancy should be great enough that, despite its ad hoc nature, it will persistently operate on a broad scale, and be available in full to any user within range of another peer.
-Fast (enough)
-++-Fast (enough)
+The network should always achieve whatever speed is required for a “bottom line” level of social and cultural participation. At present, we assert that the network’s data transfer rate should, at a minimum, be enough for voice-over-IP (VoIP) communications, and low-bitrate streaming video.
-Independent
-++-Independent
+While the network will have the capacity to exchange information with Internet users and nodes, it should be able to operate independently, as well. A large-scale failure or closure of Internet infrastructure and content should have minimal effect on the network’s operations.
-Evolvable
-++Evolvable
+The network should be built with future development in mind. The platform should be flexible enough to support technologies, protocols and modes of usage that have not yet been developed.
diff --git a/website/EN/meshindex.html b/website/EN/meshindex.html index 30aecd5b..023e83e2 100644 --- a/website/EN/meshindex.html +++ b/website/EN/meshindex.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,27 +144,35 @@ for the JavaScript code in this tag.-+---
- Welcome to the Freedombone Mesh
++Welcome to the Freedombone Mesh
+++The following apps are available: - +
-- +-
-- --
Secure Scuttlebutt-
Tox+++ <center> + <table style="width:80%; border:0"> + <tr> + <td><center><b><a href="ssb.apk"><img src="images/ssb.png"/></a></b><br><a href="ssb.apk">Secure Scuttlebutt</a></center></td> + <td><center><b><a href="trifa.apk"><img src="images/trifa.png"/></a></b><br><a href="trifa.apk">Tox</a></center></td> + </tr> +</table> +</center> +
+ +diff --git a/website/EN/mobile.html b/website/EN/mobile.html index cc71090d..8fea5f2e 100644 --- a/website/EN/mobile.html +++ b/website/EN/mobile.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,50 +144,55 @@ for the JavaScript code in this tag.-+- ---
- +Mobile
-+Mobile
+Mobile phones are insecure devices, but they're regarded as being so essential to modern life that telling people not to use them isn't a viable option. Here are some recommendations on setting up a mobile phone (aka "smartphone") to work with Freedombone.
-- +-
-- -- Open
Use a free and open source operating system. Open means more trustworthy- Remove
If there are any proprietary apps then remove or deactivate them- -- Encrypt
Make sure your phone is encrypted with a password which isn't easy to guess- Apps
Use F-droid to install new apps- -- Lock
Enable a lock screen with a maximum number of password guesses- Onion
Onion route your connections to avoid bulk metadata collection- --
Access webmail in a browser- Services
Connect to the Freedombone services- -- Battery
Avoid battery-eating apps and disable some optimisations- Block
Prevent access to know bad domains++ ++ <center> + <table style="width:80%; border:0"> + <tr> + <td><center><b><h3>Open</h3></b><br>Use a free and open source operating system. Open means more trustworthy</center></td> + <td><center><b><h3>Remove</h3></b><br>If there are any proprietary apps then remove or deactivate them</center></td> + </tr> + <tr> + <td><center><b><h3>Encrypt</h3></b><br>Make sure your phone is encrypted with a password which isn't easy to guess</center></td> + <td><center><b><h3>Apps</h3></b><br>Use F-droid to install new apps</center></td> + </tr> + <tr> + <td><center><b><h3>Lock</h3></b><br>Enable a lock screen with a maximum number of password guesses</center></td> + <td><center><b><h3>Onion</h3></b><br>Onion route your connections to avoid bulk metadata collection</center></td> + </tr> + <tr> + <td><center><b><h3>Email</h3></b><br>Access webmail in a browser</center></td> + <td><center><b><h3>Services</h3></b><br>Connect to the Freedombone services</center></td> + </tr> + <tr> + <td><center><b><h3>Battery</h3></b><br>Avoid battery-eating apps and disable some optimisations</center></td> + <td><center><b><h3>Block</h3></b><br>Prevent access to know bad domains</center></td> + </tr> +</table> +</center> +
--+Open
-+++-Open
+Use a Linux based phone operating system. Typically this will mean Android, but could also mean LineageOS or Replicant. LineageOS is the most preferable, because you can usually get an up to date image with a recent kernel which will give you better security against exploits. If you're buying a phone then look for a model which is supported by LineageOS. Replicant is the most free (as in freedom) but only runs on a small number of phone models. If you have a phone which runs a full GNU/Linux system then that's fantastic, and you can probably use it in much the same way as a desktop system and the rest of the advice on this page won't apply. If you don't have a phone capable of running a Linux based operating system then consider selling, giving away or bartering your existing one.
@@ -294,27 +207,27 @@ In the end it comes down to the fact that if the source code for the device c-Remove
-++-Remove
+So maybe you're running Android and the phone came with some apps already installed. Almost certainly they'll be proprietary. Go to Settings/Apps and then uninstall or deactivate any apps which you really don't need. Mostly preinstalled apps are intended to send your data to companies who will then sell it to advertisers or governments under the business model of surveillance capital. It's not a good idea to get caught up in that, and to avoid becoming addicted to apps which are surveilling you without consent or installing spyware in the background without your knowledge.
-Encrypt
-++-Encrypt
+Encrypt your phone. This can usually be done via Settings/Security and you may need to fully charge the phone first. Encryption means that if you lose your phone or it gets stolen then there is less chance that anyone who picks it up will get access to your data, photos and so on.
-Apps
-++-Apps
+Installing F-droid and only adding any new apps via F-droid will ensure that you are always using free and open source software. Open source is not a panacea, since bugs can and do still occur, but it will help you to avoid the worst security and privacy pitfalls.
@@ -325,18 +238,18 @@ Avoid using the Open Whisper Systems Signal app if you can, no matter what "expe-Lock
-++-Lock
+Add a lock screen, preferably with a password which is not easy for other people to guess or for quicker access with a PIN number. Install an app called Locker, activate it and set the maximum number of password guesses to ten (or whatever you feel comfortable with). If bad people get hold of your phone then they may try to brute force your lock screen password or PIN (i.e. automatically trying millions of common word and number combinations) and the locker app will prevent them from succeeding by resetting the phone back to its factory default condition and wiping the data.
-Onion
-++-Onion
+Both governments and corporations want to compile matadata dossiers about you. Who you communicated with, when and how often. They want this so that they can data mine, simulate, predict and then ultimately influence (sometimes also called "nudge") your actions and preferences in the directions they prefer. By routing your connections through a number of proxy servers (Tor routers) you can make it perhaps not theoretically impossible but at least very hard for them to have a complete and accurate list of who your friends are, your religion, politics, likely health issues, sexual orientation and what news sites or books you read.
@@ -347,26 +260,26 @@ In F-droid under the repositories menu you can enable the guardian pro-++-The easiest way to access email is by installing the Mailpile app. This keeps your GPG keys off of possibly insecure mobile devices but still enables encrypted email communications in an easy way. You can use K9 mail if you prefer, but that will require installing OpenKeychain and having your GPG keys on the device, which is a lot more risky.
-Services
-++-Services
+For information on configuring various apps to work with Freedombone see the usage section. Also see advice on chat apps in the FAQ.
-Battery
-++-Battery
+Even with free software apps it's not difficult to get into a situation where your battery doesn't last for long. To maximize battery life access RSS feeds via the onion-based mobile reader within a Tor-compatible browser and not from a locally installed RSS app.
@@ -385,9 +298,9 @@ It's also recommended to disable battery optimisations for Conversations and Orb-Blocking bad domains
-++Blocking bad domains
+diff --git a/website/EN/release3.html b/website/EN/release3.html index e78b461a..6f006557 100644 --- a/website/EN/release3.html +++ b/website/EN/release3.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -You can block known bad domains by editing the /system/etc/hosts file on your device. It is possible to use extensive ad-blocking hosts files used by other ad-blocking systems such as pi-hole, but merely blocking Facebook and Google Analytics will protect you against much of the corporate surveillance which goes on. Even if you don't have a Facebook account this may still be useful since they will still try to create a "ghost profile" of you, so the less data they have the better.
@@ -405,6 +318,7 @@ On your system (not the device) install the android-tools package. For ex+@@ -414,6 +328,7 @@ Connect the device to your system via a USB cable, then:sudo pacman -S android-tools+adb root adb remount adb pull /system/etc/hosts @@ -425,6 +340,7 @@ Now edit the hosts file which was pulled and append:+127.0.0.1 www.facebook.com 127.0.0.1 facebook.com 127.0.0.1 static.ak.fbcdn.net @@ -449,6 +365,7 @@ Then upload the hosts file back again with:+@@ -457,9 +374,14 @@ Then upload the hosts file back again with: Once that's done you may want to set Root access on the device back to Disabled and turn Android debugging off. -adb push hosts /system/etc/hosts-Return to the home page - +++<center> +Return to the <a href="index.html">home page</a> +</center> +
+ +- - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag. -+- ---
+
- +Building an internet run by the users, for the users
-+-Building an internet run by the users, for the users
++The internet may still be mostly in the clutches of a few giant megacorporations and dubious governments with sketchy agendas, but it doesn't have to remain that way. With the third version of the Freedombone system there is now more scope than before to take back your privacy, have ownership of personal data and run your own online communities without undesirable intermediaries.
@@ -257,18 +163,27 @@ Freedombone version 3 is based on Debian 9 (Stretch). It was released in July 20-
+- Faster initial setup
-- More installable apps, including CryptPad, Koel, NextCloud, PostActiv, Friendica and Matrix/RiotWeb
-- Automated security tests
-- Improved XMPP configuration for support of the Conversations app features
-- Improved blocking controls for a better federated network experience
-- Uses elliptic curve based GPG keys for better performance on low power single board computers
-- Pre-downloaded repos distributed within images for faster and more autonomous app installs
+- Faster initial setup +
+- More installable apps, including CryptPad, Koel, NextCloud, PostActiv, Friendica and Matrix/RiotWeb +
+- Automated security tests +
+- Improved XMPP configuration for support of the Conversations app features +
+- Improved blocking controls for a better federated network experience +
+- Uses elliptic curve based GPG keys for better performance on low power single board computers +
+- Pre-downloaded repos distributed within images for faster and more autonomous app installs +
-Installation
-++-Installation
+The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
@@ -278,9 +193,10 @@ Copy the image to a microSD card or USB thumb drive, replacing sdX with the iden-+ +unxz downloadedimagefile.img.xz -dd bs=1M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync -unxz downloadedimagefile.img.xz +dd bs=1M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync +@@ -296,9 +212,10 @@ As the system boots for the first time the login is:
-+username: fbone + +username: fbone password: freedombone -@@ -306,8 +223,9 @@ If you're installing from a microSD card on a single board computer without a sc
-+ +ssh fbone@freedombone.local -p 2222 -ssh fbone@freedombone.local -p 2222 +@@ -324,9 +242,9 @@ More detailed installation instructions are linked from t
-Upgrading from a previous install
-++Upgrading from a previous install
+To upgrade from the Debian Jessie version first create a master keydrive. Go to the Administrator control panel and select Backup and restore then Backup GPG key to USB (master keydrive). Insert a LUKS encrypted USB drive. When that is done Create a full backup by selecting Backup data to USB drive and using another LUKS encrypted USB drive.
diff --git a/website/EN/security.html b/website/EN/security.html index 4d2656de..b6cd0a5b 100644 --- a/website/EN/security.html +++ b/website/EN/security.html @@ -4,7 +4,7 @@- + @@ -145,13 +145,11 @@ for the JavaScript code in this tag. ---
Authentication with keys
diff --git a/website/EN/socialinstance.html b/website/EN/socialinstance.html index daf25f15..594817b4 100644 --- a/website/EN/socialinstance.html +++ b/website/EN/socialinstance.html @@ -4,7 +4,7 @@- + @@ -145,23 +145,15 @@ for the JavaScript code in this tag. -- ---
-
-+-
- - -Social Instance
-+-Social Instance
++A social instance image allows you to easily set up a fediverse server, which federates using the OStatus or ActivityPub protocol. You will need:
@@ -182,10 +174,12 @@ A social instance image allows you to easily set up a fediverse server, which feThe installation process is the same as usual, with the only difference being that on initial setup it will go straight to the domain setup details for your instance. In summary:
+-Copy the image to the USB drive
-++-Copy the image to the USB drive
+Substitute sdX with the device name for your USB drive.
@@ -208,60 +202,54 @@ Also note that if the laptop has a removable SSD drive it's possible to copy the-Connect the laptop to your internet router
-++- -Connect the laptop to your internet router
+-Plug the USB drive into the laptop and connect it to your internet router with the ethernet cable.
--
+
-Boot the laptop from the USB drive
----You may need to alter the BIOS settings to get this to work reliably. -
- -- -----
-
-Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop
+Boot the laptop from the USB drive
--Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings. +You may need to alter the BIOS settings to get this to work reliably.
--
+
-+ +From another machine ssh into the laptop
+Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop
+++Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings. +
+ + ++++
+From another machine ssh into the laptop
+-ssh fbone@freedombone.local -p 2222 @@ -274,44 +262,40 @@ Or alternatively you can log in directly on the laptop. The initial username is-Follow the setup procedure
-++-Follow the setup procedure
+Enter your user details, domain name and dynamic DNS settings.
-When installation is complete
-++-When installation is complete
+Navigate to your domain and register a new user.
---
+
More details about setting up and using Pleroma can be found here.
--
+
@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,21 +144,20 @@ for the JavaScript code in this tag.-+-+ +
+-Support
- - -Support
--Contact details
-++Contact details
+This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
@@ -277,22 +184,21 @@ This site can also be accessed via a Tor browser at -Things which would be nice to have
----Ideas
-++Things which would be nice to have
+++-Ideas
+Know of some fabulous web system which could run on Freedombone, but currently doesn't? Contact the above, and be prepared to make a compelling argument for why it should be included.
-Money
-++Money
+-At the present time this project is not seeking any funding. There is no crowdfunding campaign and no slick marketing video. Those aren't ruled out as future possibilities, but for now they're just not needed.
@@ -303,42 +209,41 @@ If you find this project useful then you may wish to consider donating to-Testing and reporting bugs
-++-Testing and reporting bugs
+Testing of the install on different hardware. Also pentesting on test installations to find vulnerabilities.
-Web design and artwork
-++-Web design and artwork
+A better design for this website would be nice to have. Photos, icons or other artwork are all welcome. I've always liked the cartoon artwork of the Mediagoblin project, and attractive graphics can help to get people initially interested.
-Howto videos
-++-Howto videos
+If you're good at making videos then a howto for installing Freedombone onto various types of hardware, or testing the mesh system in realistic/exotic scenarios would be good. You could even host videos on PeerTube or Mediagoblin.
-More education and promotion
--+-+More education and promotion
++--
+
Many people are unaware that running their own internet services is even a possibility. Many also believe that internet services can be provided only if they're supported by advertising or donations, and that only gigantic data centres have enough computing capacity to serve web pages on a worldwide scale. Others may be fearful of encryption due to misrepresentations or misunderstandings of it in the mainstream media. Some may be intimidated by the apparent complexity and think that you need to be some sort of silicon valley genius in order to run a web service on your own. Even many technically-minded folks often believe that they can't run a home server unless they have a static IP address, which isn't true, and others are put off by thinking that any such server will be immediately pwned by blackhat hackers.
@@ -349,25 +254,30 @@ Raising awareness beyond the near zero current level, overcoming fear and parano-Translations
-++-Translations
+To add translations modify the json files within the locale subdirectory. Then make a pull request on the Github site.
-Packaging
-+diff --git a/website/EN/usage.html b/website/EN/usage.html index 5c35e3ce..a4a6c4f7 100644 --- a/website/EN/usage.html +++ b/website/EN/usage.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -+Packaging
+Helping to package GNU Social and Hubzilla for Debian would be beneficial.
--Return to the home page - +++<center> +Return to the <a href="index.html">home page</a> +</center> +
+ +- - - + + + + - + @@ -235,139 +144,140 @@ for the JavaScript code in this tag. -+- ---
- +Usage
-+-Usage
++-Improving security
-++-Improving security
+It's a lot more secure to log in to the Freedombone system using ssh keys rather than with a password. You can set that up by first running:
+@@ -389,14 +299,15 @@ You'll need to make sure that you have a copy of the ~/.ssh directory on your lofreedombone-client-Administrating the system via an onion address (Tor)
-++-Administrating the system via an onion address (Tor)
+You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following:
+@@ -406,6 +317,7 @@ Select Administrator controls then select "About this system" and look fossh username@freedombone.local -p 2222+@@ -415,6 +327,7 @@ This will set up your ssh environment to be able to handle onion addresses. Thenfreedombone-client+@@ -424,14 +337,15 @@ Subsequently even if dynamic DNS isn't working you may still be able to administssh username@address.onion -p 2222-Adding or removing users
-++Adding or removing users
+Log into the system with:
+@@ -441,6 +355,7 @@ Select Administrator controls then User Management. Depending uponssh username@domainname -p 2222+diff --git a/website/EN/usage_email.html b/website/EN/usage_email.html index 28b814e9..d3216405 100644 --- a/website/EN/usage_email.html +++ b/website/EN/usage_email.html @@ -4,13 +4,13 @@sudo su control@@ -448,7 +363,7 @@ control-
+
- + - - +
