Using Aioe Org Via Tor

From InfoAnarchy
Jump to: navigation, search

Using newsserver with Tor anonymity network advices to use Tor if you wish higher degree of anonymity while posting or reading. This page provides are some example on how to configure Thunderbird and other newsreaders to use Tor.

However, it is very desirable to connect via SSL while using Tor because anyone can install Tor node and watch (or even modify) passing NNTP traffic. To use SSL service via Tor with socat you can run the following shell script

$ cat
# Script to tunnel localhost 31415 via Tor network to NNTP SSL 
# Works under Linux and Windows+Cygwin
nohup socat  TCP4-LISTEN:31416,fork,reuseaddr,socksport=9050  &
nohup socat  TCP4-LISTEN:31415,fork,reuseaddr  SSL:localhost:31416,cafile=aioe.pem &

Because aioe uses self-generated SSL certificate, it won't pass normal SSL verification; you must fetch it and store to aioe.pem manually. Without this step socat will report certificate verification error. To create the file aioe.pem, use the following command:

openssl s_client -connect |tee logfile

Copy lines from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE----- to the file aioe.pem.

After starting the script a newsreader can connect via NNTP to localhost:31415. For a quick test, run telnet localhost 31415. After a few seconds, you should receive an NNTP prompt:

$ telnet localhost 31415
200 InterNetNews NNRP server INN 2.4.4 (20080128 snapshot) ready (posting ok).