I2P


Introduction

I2P is an anonymous network that can be used to access certain secure pages and services. I'm not going to fully explain how that works, you can check the links below. It is not an Onion Router style network like TOR, though it does offer many of the same advantages. In a nutshell I2P allows encrypted access to other users of I2P without sharing your IP addresses directly. Users run websites, file-sharing networks, and other services and through I2P. Privoxy or another proxy server can be run to allow non-I2P programs to interface more smoothly with I2P.

Requirements

Since I2P requires Java you will need Universe enabled to continue. You also need universe for Privoxy if you decide to go that route. Do the following:

  1. System: Administration: Synaptic Package Manager
  2. Settings: Repositories
  3. Make sure there's a check mark in front of the "universe" and "multiverse" options
  4. Click Reload
  5. Close Synaptic

This allows you to install extra packages that aren't official supported by Canonical Ltd.

Installing I2P

I2P is a Java program, but they named the file *.exe so that Windows users would have less problems making it work. It's really just a *.jar, though, so do the following:

  1. Open a Terminal
  2. sudo apt-get install sun-java6-jre

  3. get the latest install package from http://www.i2p2.de/download

  4. java -jar i2pinstall-x.x.x.jar

  5. Follow the prompts

This ends up installing to ~/i2p. If you had run it as root you could install to /usr/local so all users could use it, but that causes problems of it's own. This is best.

Configuring I2P

I2P automatically starts as soon as the installation is complete. I2P is configured using any web browser by connecting to http://localhost:7657. Click the "Configure" link on the left to configure the options. You shouldn't need to change anything.

Startup Automatically

Single User Mode

The easiest way to make i2p startup automatically is to add it to your Gnome Session Startup. This, unfortunately, means i2p will only be running when you're logged in, so you might want to research another method if your on a multiuser system.

  1. System: Preference: Sessions
  2. Startup Programs: Add
  3. Without quotes, enter "~/i2p/i2prouter start" and click ok.

Multi-User Mode

INIT.D Script

Note: Assuming sudo -i for all successive commands. This presumes a multi-user environment.

Create the init.d script file:

vi /etc/init.d/i2p

Assuming that you installed in /usr/local/i2p:

#### BEGIN INIT INFO
# Provides:          i2p
# Required-Start:    $syslog $time $local_fs $remote_fs
# Required-Stop:     $syslog $time $local_fs $remote_fs
# Default-Start:     2 3 4 5
# Default-Stop:      S 0 1 6
# Short-Description: i2p anonymous proxy
# Description:       Debian init script for i2p
### END INIT INFO

set -e

PATH=$PATH:/usr/local/i2p
DAEMON=/usr/local/i2p/i2prouter

test -x $DAEMON || exit 0

. /lib/lsb/init-functions

case "$1" in
    start)
        log_daemon_msg "Starting i2p proxy" "i2p"
        $DAEMON start
        log_end_msg $?
    ;;
  stop)
        log_daemon_msg "Stopping i2p proxy" "i2p"
        $DAEMON stop
        log_end_msg $?
    ;;
  force-reload|restart)
    $0 stop
    $0 start
    ;;
  status)
    $DAEMON status
    ;;
  *)
    echo "Usage: /etc/init.d/i2p {start|stop|restart|force-reload}"
    exit 1
    ;;
esac

exit 0

Now update the RC links.

update-rc.d i2p defaults

i2p should now be available for all users after each successive system reboot.

PortForwarding

This isn't necessary anymore as I2P now has some technology to bypass NAT Routers, but will improve performance. This is a router issue and not something you can configure in I2P itself. Forward both UDP and TCP port 8887 to your local machine if your behind a router. PortForward.com might be able to help.

Setting up Privoxy

At this point you could stop. In order to access I2P websites you would need to tell Firefox to use "localhost:4444" as its proxy server. However, that also means that you won't be able to access normal websites until you undo this setting. Using privoxy we can have it decide based on the URL.

  1. Open Terminal
  2. sudo apt-get install privoxy

  3. gksudo gedit /etc/privoxy/config

  4. Add the following lines at the BOTTOM of the config file:
    • #this forwards all requests to .i2p domains to the local i2p
      #proxy without dns requests
      forward .i2p localhost:4444
  5. Close GEdit and save the file
  6. sudo /etc/init.d/privoxy restart

Setup Firefox to use Privoxy

  1. Edit: Preferences
  2. On the General tab click the Connection Settings button

  3. Click Manual proxy configuration and enter localhost with a port of 8118

  4. No Proxy for: "localhost, 127.0.0.1"

With this setup you should be able to browse both normal websites and .i2p pages.

(You can also get the same functionality using the FoxyProxy Add-on, which is easier to configure.)

Troubleshooting

The first thing you can do to improve the quality of your I2P experience is to leave I2P running for a long period of time. If you have broadband, connect it and leave it running overnight. This will help ensure you're connected to enough peers to make a tunnel to your destination. The second thing you can do is turn off unwanted services. By default, I2P runs eeproxy to let you connect to other peoples anonymous websites (eepsites). It also runs some anonymous mail servers, an IRC proxy, and your own personal eepsite. Since I was only concerned with viewing other people's eepsites, I turned off everything except eeproxy. To do this:

  1. Open http://localhost:7657

  2. Click "Configuration" on the top left of the page.
  3. Where it says "Network | Service | Update... " click Tunnels.
  4. At the bottom of this page, click "i2ptunnel page"
  5. Click the stop button next to services you wish to disable.
  6. If you wish to permanently disable these services, click the service name and then uncheck the "Auto Start"

External Links

http://en.wikipedia.org/wiki/Onion_Router

http://www.i2p2.de

http://www.privoxy.org/


CategoryInternet CategoryNetworking

I2P (last edited 2013-10-17 19:19:51 by vineg)