ricochet support

How do I disable onion-grater filtering altogether and see if it will work? Just to see if we are looking in the right place.

All Tor related commands are in these files in case you can easily notice what we miss out on.

1 Like

Please try this on Whonix-Gateway.

sudo systemctl stop onion-grater
sudo -u onion-grater /usr/lib/onion-grater --debug --listen-interface eth1 --complain
1 Like

Log output after adding contact. (Not much to work with or understand what’s happening):

user@host:~$ sudo -u onion-grater /usr/lib/onion-grater --debug --listen-interface eth1 --complain
IP address for interface eth1 :
Tor control port filter started, listening on
Serving Thread started (filter: 30_autogenerated) connected: loaded filter: 30_autogenerated
Final rules:
  - {pattern: 'NEW:(\S+) Port=9878,\S+:(\S+)', replacement: 'NEW:{} Port=9878,{client-address}:{}'}
  - {pattern: '(\S+):(\S+) Port=9878,\S+:(\S+)', replacement: '{}:{} Port=9878,{client-address}:{}'}
  - {pattern: .+}
  - {pattern: DisableNetwork}
  - {pattern: (__owningcontrollerprocess)}
  - {pattern: status/circuit-established}
  - {pattern: version}
  - pattern: net/listeners/socks
    - {pattern: 250-net/listeners/socks=".*", replacement: '250-net/listeners/socks=""'}
  - {pattern: consensus/valid-after}
  - {pattern: consensus/valid-until}
  - {pattern: consensus/fresh-until}
  - pattern: status/circuit-established status/bootstrap-phase net/listeners/socks
    - {pattern: 250-status/bootstrap-phase=*, replacement: 250-status/bootstrap-phase=NOTICE
    - {pattern: 250-net/listeners/socks=".*", replacement: '250-net/listeners/socks=""'}
  - {pattern: NEWNYM}
  CONF_CHANGED: {suppress: true}
  SIGNAL: {suppress: true}
  STATUS_CLIENT: {suppress: true}
  STATUS_SERVER: {suppress: true}
restrict-stream-events: false (filter: 30_autogenerated): -> PROTOCOLINFO 1 (filter: 30_autogenerated): <- 250-PROTOCOLINFO 1 (filter: 30_autogenerated): <- 250-AUTH METHODS=NULL (filter: 30_autogenerated): <- 250-VERSION Tor="" (filter: 30_autogenerated): <- 250 OK (filter: 30_autogenerated): -> AUTHENTICATE (filter: 30_autogenerated): <- 250 OK (filter: 30_autogenerated): -> GETCONF DisableNetwork (filter: 30_autogenerated): <- 250 DisableNetwork=0 (filter: 30_autogenerated): -> SETEVENTS STATUS_CLIENT (filter: 30_autogenerated): subscribed to event 'STATUS_CLIENT' (filter: 30_autogenerated): <- 250 OK (filter: 30_autogenerated): -> GETINFO status/circuit-established status/bootstrap-phase net/listeners/socks (filter: 30_autogenerated): rewrote response:
    250-status/bootstrap-phase=NOTICE BOOTSTRAP PROGRESS=100 TAG=done SUMMARY="Done"
    250-net/listeners/socks="" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "unix:/var/run/tor/socks"
    250 OK
    250-status/bootstrap-phase=NOTICE BOOTSTRAP PROGRESS=100 TAG=done SUMMARY="Done"
    250 OK (filter: 30_autogenerated): <- (multi-line)
    250-status/bootstrap-phase=NOTICE BOOTSTRAP PROGRESS=100 TAG=done SUMMARY="Done"
    250 OK (filter: 30_autogenerated): -> ADD_ONION RSA1024:<snip> Port=9878, (filter: 30_autogenerated): <- (multi-line)
    250 OK
1 Like

Does connectivity work now?


Commands we get.


Replies by Tor sent back to workstation.

No. Ricochet is online (always was) but it can’t see that someone added it.

1 Like

Ricochet main issue is with Tor 3.x on both sides, as there cant be connection happening between 2 Ricochets connected to Tor 3.x (according to my test) Other ppl tested that as well:

Thats mean either we patch Ricochet , or wait for someone in couple of years or deprecate it.


Good find. Then there is nothing we can do to fix it in this situation. I nominate it for removal in the next point release (though keep the onion-grater profie around becuase it isn’t visible or takes up space) as keeping broken software will give a bad impression of the distro.

cwtch is promising as a successor but I won’t hold my breath over a Debian package. She releases Docker containers though which are difficult to integrate because you can’t really update them as securely as packages.



1 Like

As detailed below, the developer mentions many issues with ricochet

and moved to work on cwtch

Cwtch is an extension of the metadata resistant protocol Ricochet to support asynchronous, multi-peer group communications through the use of discardable, untrusted, anonymous infrastructure.

Anyone tried it?

There’s also https://ricochetrefresh.net/, an attempt by others to revive ricochet.


I just see you already mentioned it.

1 Like
1 Like
1 Like

This has been figured out and fixed thanks to @JeremyRand!

So once that is merged and there’s a new ricochet release, ricochet might be again functional inside Whonix.

This also opens the door for considering to re-install ricochet by default inside Whonix if/when ricochet hits the next Debian stable.

1 Like

Is there a good way to install Ricochet Refresh on Whonix 16 (on Qubes 4.04) that avoids the Tor over Tor scenario? The new Ricochet includes its own copy of Tor and I’d prefer not to use that.

Hi, I have been looking at Ricochet Refresh (https://www.ricochetrefresh.net) lately. To me it looks very promising - especially with the file sharing option. Has anyone been playing around with it in whonix yet? And is there a known way to use it safely with whonix?

They haven’t put out a release since June 2021. I guess we’re waiting for the next release to incorporate some of the issues @Patrick linked to above.

I had problems getting the current release to work reliably in Whonix.

Unfortunately the pull request was not merged.

So I’m trying to do as little code churn in Ricochet-Refresh as possible until the backend is replaced with Gosling. We have a ticket tracking this sort of thing here: blueprint-freespeech/gosling#5

As discussed in #101 all work in this space should happen in Gosling. See: #101

I don’t understand. You? @JeremyRand

Hi Patrick, sorry for the delayed reply. I don’t know what the hell is going on at Ricochet/Blueprint, but as of 2022 April 30, they are no longer Freedom Software. This has burned my trust in them as a contributor, and I won’t be sending them any patches in the future. Very disappointing; I honestly do not know what chat application I would recommend instead at this point. :frowning:

EDIT: Gosling is also non-freedom.


As per answer in above ticket, Ricochet Refresh I guess it is safe to predict that Ricochet Refresh will stay non-freedom software.

Whonix documentation updated just now:
Ricochet IM

1 Like
[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]