I2P Running on Whonix Gateway

I’ve Done both

ok , going to try that

This is on my Todolist

I got a lot of stuff sorted out today and the Guide shrunk quite significantly.
I added the I2P-Whonix and a I2P-Tor-Whonix Init.d scripts (to forward the Ports from the Workstation to the Gateway) to my Repo https://github.com/cle4r/var (if you want to take a look)
So we’re getting closer to a Finished I2PBox
I’m done for today after 5h debugging and researching my head hurts .

Heres a Screenshot of my running Test Setup (as a little preview )

snapshot1.png1600×900 455 KB

Short Update :
I just found out that there is already a lot of work done by the tails guys (and now even with a new i2p maintainer pr0ng)
https://git-tails.immerda.ch/tails/log/?qt=grep&q=i2p
After going through their changes I’m pretty happy , because they solved most problems I was left thinking about . So its now only a matter of changing the tails specific files to whonix needs.
This just made my day and ruined yesterday at the same time, oh well

short question :
which script is used to display the Tor connection message when you start sys.whonix ? I am unable to find it.

whonixcheck /usr/lib/whonixcheck/check_tor_bootstrap.bsh

https://github.com/Whonix/whonixcheck/blob/04c2ac6a53873b925dd1a736821c879af445ed46/usr/lib/whonixcheck/check_tor_bootstrap.bsh#L112

https://github.com/Whonix/whonixcheck/blob/41eb9e1eba1b1e45c39ff20b3730bf184d6432fe/usr/bin/whonixcheck#L106

Since I can speculate where you question is coming from… I thought it would be a good idea to write down my long term thoughts on whonixcheck…
whonixcheck Whonix 14 ideas

…And… In meanwhile, if you want to implement “Connecting to i2p…”, “Connected to i2p.” passive popups and “i2p connection failed.” active popup, what about in meanwhile to implement that as a separate whonixcheck module? (That only gets used in i2pBOX configuration - that’s easy.) Would not be great to have duplicate passive popups for both Tor and i2p but since this would not be on by default I would be fine with it as a first iteration since it may maybe still be improved later on. It should also be doable but a bit harder to combine these passive popups.

Your right

I’m looking into it

I can’t think of another way that is not more intrusive on the user than this little popup, any idea ?

You mean by having a popup for both or by having a module that handles these popups ?
The first would likely be a problem because I2P takes a longer time to establish a client tunnel than Tor .

Passive popups (connecting; connected): blessed as not being intrusive by @bnvk. So the passive popup is okay in that regard. However, 4 passive popups (both for Tor and i2p) would not be great.

For both Tor and i2p, yes, that was what I meant.

“Somewhat maybe yes.”

Hm. I see.

In summary: No idea. You tell me. Up to you.

ok , I’m going to go with the popups first and then we can figure out a more nice way when I’ve got a decent working setup

Update:
I’m still fiddling with the Reseed Process (It works kinda but fails to import routers keys)
I’ve added a install and a config( both work in progress) script that sets all needed settings and installs I2P.
Added Notification (took the easy route for now libnotify , going to change later)
I’ve changed the Tails I2P scripts to whonix needs (not finished either )
The Scripts are in no way done so there will be a lot of change soon.(once i get my vacation )
I’m still looking for ways to make this better and easier.
So this is just a short update that there is progress but slow.

@HulaHoop
are you using I2P atm ?
if so are you running it on the gateway or workstation?

(I’m asking because I’m planning to setup a KVM test machine soon)

Yes on the workstation. I also authored the I2P install guide on the wiki

wow , i totally missed that page
Nice work, have you ever tried running it on the whonix gateway ?

For reference:

I was hoping you would document I2P on Whonix-Gateway here some day:
https://www.whonix.org/wiki/I2P#Installing_I2P_on_Whonix-Gateway_.28i2p_and_Tor_simultaneously.29

I’m going to, I just don’t want to post it before its easy and failsafe, the manual guide is almost finished (I need to fix the Reseed issue before that and update it to my current progress ).
Testing it atm…

wow , i totally missed that page
Nice work, have you ever tried running it on the whonix gateway ?

Thanks.

No I hadn’t experimented with it on the Gateway because I didn’t want to risk leaks because of misconfigurations.

Its really good what you are doing. You’re turning Whonix into a anonymity network agnostic OS and expanding our userbase while also growing the I2P network.

@HulaHoop Maybe change the 4. step "Adjust I2P Settings:"
to :
###change Tunnel length :
sudo sed -i "s/\(.*outbound.length=\).*/\10/g;s/\(.*inbound.length=\).*/\10/g" "/var/lib/i2p/i2p-config/i2ptunnel.config"
###change router config :
sudo su -c “cat > “/var/lib/i2p/i2p-config/router.config” << EOF
i2np.laptopMode=true
i2np.ntcp.enable=true
i2np.ntcp.autoip=false
i2np.ntcp.ipv6=false
i2np.ntcp.maxConnections=20
i2np.udp.enable=false
i2np.udp.addressSources=hidden
i2np.udp.ipv6=false
i2np.upnp.enable=false
router.isHidden=true
router.sharePercentage=0
router.updateDisabled=true
time.disabled=true
time.sntpServerList=127.0.0.1
EOF”

Edit: the Forum striped some chars from the command, I changed that now on the Wiki (sorry I should have tested it after posting here)

Excellent changes. Added.

Related:

Can you please add comments for why each and every setting is changed? (For technical design explanations.)