Installing an OTR chat server on the Raspberry Pi

Aug 11 2013

So as many of you may know by now, the NSA has this little thing called “PRISM“, in which it can allegedly not only monitor and capture meta data, it may also have the ability to monitor our communications in real-time. Knowing that, and recently attending Defcon 21, it opened my eyes the land of encrypted communication, and especially OTR. So, after leaving Defcon I wanted to do something to help provide people with an encrypted way to chat. I also wanted this to be a very cost effective way to set up your “own” encrypted chat server, and this is why I decided to use the ever-so-cheap Raspberry Pi.

For this tutorial we’re just going to use the stock Raspbian image provided on raspberrypi.org. Personally I would suggest using something like Arch Linux if you’re comfortable with Linux and the command line. So first thing first, install your freshly downloaded Raspbian image to an SD card (at least 2gb in size). After that let’s boot up the Pi. In my case I just have the Pi connected to my router via ethernet. By default my router assigns an IP address of 10.0.0.123 via DHCP. After seeing this I wanted to assign my Pi an static IP address of 10.0.0.122. This is in case I need to reboot the Pi at some point it will always grab 10.0.0.122 from the router. So now I’ve got my Raspberry Pi setup with a static IP address let’s SSH into it. By default the Raspbian image has an openssh server running on port 22, and a default user: pi and password: raspberry. So now all we need to do is connect to it. To do this from windows you could use a client like PuTTY, on Mac or Linux you simply open up a terminal session.

chz@cmdlist ~ $ ssh pi@10.0.0.122

You should now be prompted to run raspi-config, to do so run sudo raspi-config. Go through the settings and adjust them to your location, time, hostname, and don’t forget to CHANGE YOUR PASSWORD. After you’re done and you exit raspi-config you’ll be asked if you want to reboot. Go ahead and do so, so that our changes (partition table) will be setup correctly. Once your Raspberry Pi has rebooted just SSH back into your box with the NEW PASSWORD you created. Then we’ll want to update the Raspberry Pi repos and check to see if there are any new packages available. To do this run sudo apt-get update && sudo apt-get upgrade. Next we’ll go ahead and setup our Jabber server. To do this run sudo apt-get install ejabberd (as seen in the screenshot below).

Installing ejabberd

Alright so now we’ve got a new Jabber server install, but it’s not exactly ready to take any connections. We’ll need to configure the jabber server to fit our local settings. First off I would suggest you head to noip.com and set up an account with them. They will provide you with a hostname to use in your ejabberd.cfg file. So, now you’ve got your own domain setup to run your server on. Let’s configure ejabberd.cfg file and change it’s settings to reflect our new hostname. To do this run sudo nano /etc/ejabberd/ejabberd.cfg, this will open up the config file with nano and allow us to make the changes we need. If you look at the screenshot below you’ll notice the areas I’ve changed. Under %%Admin user I’ve added my user chz between the “” and my hostname where “hostname” use to be. On the next line %%Hostname I added , “crypto.sytes.net”. This allows our users to connect to our newly created dynamic DNS hostname. To exit press ctrl+x.

ejabberd config file

Alright moving on. Now we need to get some users created for our new ejabber server. To do this it’s pretty simple. Just run the command sudo ejabberdctl register username hostname.noip.com topsecretpassord. As the screenshot below depicts.

adding ejabber user

So now we’ve created a couple of accounts on our ejabber server. Let’s restart the ejabberd service it so all our ejabberd.cfg modifications will be used. To do this simply run sudo service ejabberd restart. As depicted by the screenshot below your ejabber server should restart without any errors. If you do encounter an error, it’s like to do with something in the /etc/ejabberd/ejabberd.cfg file.

restarting the ejabber server

We’re almost done. Now we need to go to our router page and port forward two ports for our ejabber server to allow connections from outside our network. In my case I forwarded both port 5222 and 5223 to 10.0.0.122. If you don’t do this then you’re not going to be able to connect from outside of your local network. Which is perfectly fine if you just plan on running the server internally. Let’s say your company needs a small internal chat server, then you could have users connect directly to 10.0.0.122 with their assigned username and password.

So where is this OTR encryption you speak of? Well, it’s built into several chat clients already, either natively or via a plugin. Including pidgin, empathy, xabber, and a slew of other clients. For a list of clients you can use check out the OTR site and find the client that’s right for you. Once you’ve got your client up and running and you’re connected to the server, and chatting with a friend, choose “Off the record”. You’ll be prompted to create a secret question only your friend would know, exchange keys, etc. Once this is done you’ll be chatting off-the-record through an encrypted server running on your very own Raspberry Pi. Well, that pretty much sums it up. While this is just the first step in setting up your own personal jabber server, there are several other things you can do with jabber, and I encourage you all to learn more about it.

No responses yet

chkconfig – controls services

Feb 05 2013

The chkconfig utility a simple command-line tool for maintaining the /etc/rc[0-6].d(in linux these are runlevels if you don’t know what run levels are please go to www.google.com and it will tell you all that you need to know :) ) directory hierarchy by relieving system administrators of the task of directly manipulating the numerous symbolic links in those directories. The chkconfig has five distinct functions: adding new services for management, removing services from management, listing the current startup information for services, changing the startup information for services, and checking the startup state of a particular service.

[root@localhost vsftpd]# chkconfig 
auditd         	0:off	1:off	2:on	3:on	4:on	5:on	6:off
cgconfig       	0:off	1:off	2:off	3:off	4:off	5:off	6:off
cgred          	0:off	1:off	2:off	3:off	4:off	5:off	6:off
crond          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
ip6tables      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
iptables       	0:off	1:off	2:off	3:off	4:off	5:off	6:off
lvm2-monitor   	0:off	1:on	2:on	3:on	4:on	5:on	6:off
netconsole     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
netfs          	0:off	1:off	2:off	3:on	4:on	5:on	6:off
network        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
postfix        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
rdisc          	0:off	1:off	2:off	3:off	4:off	5:off	6:off
restorecond    	0:off	1:off	2:off	3:off	4:off	5:off	6:off
rsyslog        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
saslauthd      	0:off	1:off	2:off	3:off	4:off	5:off	6:off
sshd           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
udev-post      	0:off	1:on	2:on	3:on	4:on	5:on	6:off
vsftpd         	0:off	1:off	2:off	3:off	4:off	5:off	6:off

 

Checking the runlevels on a specific service, For example the vsftpd service

[root@localhost vsftpd]# chkconfig --list vsftpd 
vsftpd         	0:off	1:off	2:off	3:off	4:off	5:off	6:off

 

Resetting runlevels for a service, The chkconfig reset flag resets the on/off state for all runlevels for the service to whatever is specified in the init script of the service

[root@localhost vsftpd]# chkconfig vsftpd reset 

 

The resetpriorities flag resets the start/stop priorities for the service to whatever is specifed in the init script of the particular service.

chkconfig vsftpd resetpriorities

 

Configuring a Service to start at boot in linux

chkconfig vsftpd on 

 

Configuring a Service to not start at boot in linux

chkconfig vsftpd off

 

Configuring a Service to start up on certain runlevels in linx

[root@localhost vsftpd]# chkconfig --level 35 vsftpd on 

 

For More information on the chkconfig command run the following command

man chkconfig 

 

No responses yet

tty-clock – a simple digital clock for your console

Feb 03 2013

While there are several ways one can tell time on the linux console. Not many are as pretty as using tty-clock. I personally use tmux, so I don’t really have a need for tty-clock since I my tmux.conf displays a clock within my theme. However I have been known at times just to use tty-clock in a tmux pane to free up room for other things in my tmux.conf. Using tty-clock is pretty simple and straight forward. Let’s do this.

 

First let’s start off by just executing the app without any flags. As you can see by default tty-clock uses 24hr mode, it’s green, and it is left justified in our window. Let’s say we’re not satisfied with the green color. All you need to is just press a number between 0-7 to toggle to the color you like most.

chz@rpi ~ $ tty-clock

Screenshot - 02032013 - 08:59:40 PM

 

Now let’s change it up a bit. In our original example we just ran tty-clock without any additional flags. Now let’s add a few more flags to make our clock look a little nicer. First we’ll by adding -s to display seconds. Secondly we’ll add -t to switch to 12hr mode, and finally we’ll add -c to center the clock on our terminal.

chz@rpi ~ $ tty-clock -stc

Screenshot - 02032013 - 09:15:31 PM

 

So that is pretty much it with tty-clock. Short and sweet. There are a few more interesting flags to play with as well. To get more information on them just run the command below

chz@rpi ~ $ tty-clock -h

No responses yet

espeak – open source software speech synthesizer

Jan 27 2013

So in a couple of my previous posts I mentioned using espeak to pull a prank on your co-workers. While it’s obviously super fun to do that, espeak also has some other cool uses. espeak uses “formant synthesis”, which means the speech is clear and can be used at high speeds. However, it’s not like some of the larger synthesizer applications that actually sample human speech recordings. It can however be used in conjunction with something like asterisk to provide text to speech for voip calls. Maybe even just listening to your favorite blog without having to read a single word. So enough jibber jabber, let’s do this.

 

Firstly we’ll need to grab the espeak package. This is the easy part. If you’ve looked at the last couple of post you will notice that I’ve been using espeak as my example package for apt-get and apt-cache. Let’s do this.

chz@rpi ~ $ sudo apt-get install espeak
[sudo] password for chz: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libqt4-dbus qdbus
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
  espeak-data libespeak1 libportaudio2 libsonic0
The following NEW packages will be installed:
  espeak espeak-data libespeak1 libportaudio2 libsonic0
0 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/1,116 kB of archives.
After this operation, 2,313 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Selecting previously unselected package libportaudio2:armhf.
(Reading database ... 60296 files and directories currently installed.)
Unpacking libportaudio2:armhf (from .../libportaudio2_19+svn20111121-1_armhf.deb
) ...
Selecting previously unselected package libsonic0:armhf.
Unpacking libsonic0:armhf (from .../libsonic0_0.1.17-1.1_armhf.deb) ...
Selecting previously unselected package espeak-data:armhf.
Unpacking espeak-data:armhf (from .../espeak-data_1.46.02-2_armhf.deb) ...
Selecting previously unselected package libespeak1:armhf.
Unpacking libespeak1:armhf (from .../libespeak1_1.46.02-2_armhf.deb) ...
Selecting previously unselected package espeak.
Unpacking espeak (from .../espeak_1.46.02-2_armhf.deb) ...
Processing triggers for man-db ...
Setting up libportaudio2:armhf (19+svn20111121-1) ...
Setting up libsonic0:armhf (0.1.17-1.1) ...
Setting up espeak-data:armhf (1.46.02-2) ...
Setting up libespeak1:armhf (1.46.02-2) ...
Setting up espeak (1.46.02-2) ...

 

As you can see from the step above we just simply installed espeak with apt-get. Now that we have our package installed let’s get to work. First let’s add our user to the audio group so that we can access all of our hardware. As you can see below I’m already a member of the audio group, moving on.

chz@rpi ~ $ sudo adduser chz audio
[sudo] password for chz:
The user `chz' is already a member of `audio'.

 

Now it’s time to get our computer talking like Mr. Hawking. Let’s just start with a “i like turtles” quote. As I’m pretty sure he would like turtles. I mean who doesn’t? Stallman?

chz@rpi ~ $ espeak "i like turtles"
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.rear
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.center_lfe
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.side
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.surround40
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.surround41
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.surround50
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.surround51
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.surround71
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.iec958
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.iec958
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.iec958
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.hdmi
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.hdmi
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.modem
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.modem
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.phoneline
ALSA lib pcm.c:2217:(snd_pcm_open_noupdate) Unknown PCM cards.pcm.phoneline
ALSA lib pcm_dmix.c:957:(snd_pcm_dmix_open) The dmix plugin supports only playback stream
ALSA lib pcm_dmix.c:1018:(snd_pcm_dmix_open) unable to open slave
Cannot connect to server socket err = No such file or directory
Cannot connect to server request channel
jack server is not running or cannot be started

 

You’ll notice above on the output, my Raspberry Pi has all of this extra garbage that spews out in the terminal. While this is annoying espeak does still work, we can just ignore this. Yeah, lame. I thought so too. So let’s do a little magic and send the out put into the land of null. Check it.

chz@rpi ~ $ espeak "i like turtles" 2>/dev/null

 

As you can see above the output is much cleaner than before. Now let’s get into the fun bits. As you saw you can simply use espeak “this is my quote” and get an output. You can also tell espeak to just read a simple text file. For this we’ll first create a little text file. From a Stephen Hawking quote of course.

chz@rpi ~ $ nano hawking.txt
I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image.

 

So now that you have your hawking.txt file created let’s play it through espeak.

chz@rpi ~ $ espeak -f hawking.txt 2>/dev/null

 

Alright we’ve got “Hawkin’ talkin’” now, so what if we used a female voice instead of Hawking’s normally awesome manly voice? I don’t know about you, but I’m interested in finding out. While espeak isn’t loaded down with the most amazing voices it does have several to choose from. To do this we’ll add the -v flag. Basically, you guessed it, -v stands for voice. I won’t go through all the voices, but you have en+f1-f4 and en+m1-m6. Obviously the “f” stands for female, and the “m” for male. In the example below we’re going to use en+f1 for the first female English voice.

chz@rpi ~ $ espeak -v en+f1 -f hawking.txt 2>/dev/null

 

Now that we’ve had fun with playing with the various voices espeak has to offer, let’s cover the -s flag. As you would suspect the -s stands for “speed”, or better yet words per minute. The default is 175, and the range is from 80-450. So let’s try this out. This time let’s use en+m3 for our voice.

chz@rpi ~ $ espeak -v en+m3 -s 80 -f hawking.txt 2>/dev/null

 

These really are just some of the basic commands that you can use with espeak. However if you look at the man page you will find several other options. Like writing out to a .wav file, pitch, amplitude, stdin usage, and much much more. So don’t be a sad green bean, and read the man page.

chz@rpi ~ $ man espeak

No responses yet

apt-cache – search and generate information from apt

Jan 21 2013

Since the last command I posted was apt-get. I thought it would only be right to post about apt-cache and its cool uses. The way I think of apt-cache as a quick way to search the repositories to see if there is an application available to install. However, not only can we search for applications, we can also get detailed information on them. For example which dependencies does espeak need to run? One thing I almost forgot to mention, is that you don’t need to be a super user to execute this command. Well let’s get to it already.
To start let’s just search to see if a package is available in our repository. As you can tell from the output below we have several different options to choose from. The one we’re concerned about is just espeak.

chz@rpi ~ $ apt-cache search espeak
asterisk-espeak - eSpeak module for Asterisk
brltty-espeak - Access software for a blind person - espeak driver
espeak - Multi-lingual software speech synthesizer
espeak-data - Multi-lingual software speech synthesizer: speech data files
espeak-dbg - Multi-lingual software speech synthesizer: debugging symbols
espeak-gui - graphical user interface for eSpeak
espeakedit - Multi-lingual software speech synthesizer - editor
espeakup - Connector between speakup kernel modules and espeak
freespeak - GNOME frontend to online translator engines
gespeaker - GTK+ front-end for eSpeak and mbrola
libespeak-dev - Multi-lingual software speech synthesizer: development files
libespeak1 - Multi-lingual software speech synthesizer: shared library
libgnome-speech7 - GNOME text-to-speech library
libperlspeak-perl - Perl Module for text to speech with festival, espeak, cepstral
plasma-widget-translatoid - translation widget for KDE Plasma
python-espeak - Python bindings for eSpeak
python-py - Advanced Python development support library
speechd-up - Interface between Speech Dispatcher and SpeakUp
stardict-plugin-espeak - International dictionary - eSpeak TTS plugin

 

So now that we know our espeak application is available, it’s time to find out a little more information about the espeak package. Let’s check it out. As you can see the output below it tells us the version, architecture, maintainer, installed size, dependencies, project homepage, section, filename, etc.

chz@rpi ~ $ apt-cache show espeak
Package: espeak
Version: 1.46.02-2
Architecture: armhf
Maintainer: Debian Accessibility Team <debian-accessibility@lists.debian.org>
Installed-Size: 227
Depends: libc6 (>= 2.13-28), libespeak1 (>= 1.46.02), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.1.1)
Multi-Arch: foreign
Homepage: http://espeak.sourceforge.net/
Priority: optional
Section: sound
Filename: pool/main/e/espeak/espeak_1.46.02-2_armhf.deb
Size: 75758
SHA256: 56d16f609d6ccd3632a3ca1ff9541aba69b245099817617c60391e682efa9d38
SHA1: 838b0aa85884cf48c7b8f19f9087e056cdf8c9c2
MD5sum: 04ebef8c8430630755184753542b803d
Description: Multi-lingual software speech synthesizer
 eSpeak is a software speech synthesizer for English, and some other
 languages.
 .
 eSpeak produces good quality English speech. It uses a different synthesis
 method from other open source text to speech (TTS) engines, and sounds quite
 different. It's perhaps not as natural or "smooth", but some find the
 articulation clearer and easier to listen to for long periods.
 .
 It can run as a command line program to speak text from a file or from stdin.
 .
   * Includes different Voices, whose characteristics can be altered.
   * Can produce speech output as a WAV file.
   * Can translate text to phoneme codes, so it could be adapted as a front end
     for another speech synthesis engine.
   * Potential for other languages. More than 40 languages are included.
   * Compact size. The program and its data total about 350 kbytes.
   * Written in C++.

 

There are a few other interesting things you can do with apt-cache. To find more information check out the man page.

man apt-cache

No responses yet

Older »