69 lines
2.2 KiB
Org Mode
69 lines
2.2 KiB
Org Mode
#+TITLE:
|
|
#+AUTHOR: Bob Mottram
|
|
#+EMAIL: bob@freedombone.net
|
|
#+KEYWORDS: freedombone, profanity
|
|
#+DESCRIPTION: How to use the Profanity XMPP client
|
|
#+OPTIONS: ^:nil toc:nil
|
|
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
|
|
|
|
#+attr_html: :width 80% :height 10% :align center
|
|
[[file:images/logo.png]]
|
|
|
|
* Profanity
|
|
|
|
To install this app you will first need to install the [[./app_xmpp.html][XMPP server]].
|
|
|
|
The [[https://profanity.im][Profanity]] shell based user interface and is perhaps the simplest way to use XMPP from a laptop. It's also a good way to ensure that your OTR keys are the same even when logging in from different laptops or devices, and it also means that if those devices later become compomised then there are no locally stored OTR keys to be found.
|
|
|
|
#+BEGIN_SRC bash
|
|
ssh username@domain -p 2222
|
|
#+END_SRC
|
|
|
|
Then select *Run App* and then *profanity*.
|
|
|
|
Generate an [[https://en.wikipedia.org/wiki/Off-the-Record_Messaging][OTR]] key with:
|
|
|
|
#+BEGIN_SRC bash
|
|
/otr gen
|
|
#+END_SRC
|
|
|
|
Then to start a conversation using OTR:
|
|
|
|
#+BEGIN_SRC bash
|
|
/otr start otherusername@otheruserdomain
|
|
#+END_SRC
|
|
|
|
or if you're already in an insecure chat with someone just use:
|
|
|
|
#+BEGIN_SRC bash
|
|
/otr start
|
|
#+END_SRC
|
|
|
|
Set a security question and answer:
|
|
|
|
#+BEGIN_SRC bash
|
|
/otr question "What is the name of your best friends rabbit?" fiffi
|
|
#+END_SRC
|
|
|
|
On the other side the user can enter:
|
|
|
|
#+BEGIN_SRC bash
|
|
/otr answer fiffi
|
|
#+END_SRC
|
|
|
|
For the most paranoid you can also obtain your fingerprint:
|
|
|
|
#+BEGIN_SRC bash
|
|
/otr myfp
|
|
#+END_SRC
|
|
|
|
and quote that. If they quote theirs back you can check it with:
|
|
|
|
#+BEGIN_SRC bash
|
|
/otr theirfp
|
|
#+END_SRC
|
|
|
|
If the fingerprints match then you can be pretty confident that unless you have been socially engineered via the question and answer you probably are talking to who you think you are, and that it will be difficult for mass surveillance systems to know the content of the conversation. For more details see [[https://www.profanity.im/otr.html][this guide]]
|
|
|
|
When accessed via the user control panel the client is automatically routed through Tor and so if you are also using OTR then this provides protection for both message content and metadata.
|