ricochet support

Please try this on Whonix-Gateway.

sudo systemctl stop onion-grater
sudo -u onion-grater /usr/lib/onion-grater --debug --listen-interface eth1 --complain
1 Like

Log output after adding contact. (Not much to work with or understand what’s happening):

user@host:~$ sudo -u onion-grater /usr/lib/onion-grater --debug --listen-interface eth1 --complain
IP address for interface eth1 : 10.152.152.10
Tor control port filter started, listening on 10.152.152.10:9051
Serving Thread started
10.152.152.11:53598 (filter: 30_autogenerated) connected: loaded filter: 30_autogenerated
Final rules:
commands:
  ADD_ONION:
  - {pattern: 'NEW:(\S+) Port=9878,\S+:(\S+)', replacement: 'NEW:{} Port=9878,{client-address}:{}'}
  - {pattern: '(\S+):(\S+) Port=9878,\S+:(\S+)', replacement: '{}:{} Port=9878,{client-address}:{}'}
  DEL_ONION:
  - {pattern: .+}
  GETCONF:
  - {pattern: DisableNetwork}
  - {pattern: (__owningcontrollerprocess)}
  GETINFO:
  - {pattern: status/circuit-established}
  - {pattern: version}
  - pattern: net/listeners/socks
    response:
    - {pattern: 250-net/listeners/socks=".*", replacement: '250-net/listeners/socks="127.0.0.1:9150"'}
  - {pattern: consensus/valid-after}
  - {pattern: consensus/valid-until}
  - {pattern: consensus/fresh-until}
  - pattern: status/circuit-established status/bootstrap-phase net/listeners/socks
    response:
    - {pattern: 250-status/bootstrap-phase=*, replacement: 250-status/bootstrap-phase=NOTICE
        BOOTSTRAP PROGRESS=100 TAG=done SUMMARY="Done"}
    - {pattern: 250-net/listeners/socks=".*", replacement: '250-net/listeners/socks="127.0.0.1:9150"'}
  SIGNAL:
  - {pattern: NEWNYM}
events:
  CONF_CHANGED: {suppress: true}
  SIGNAL: {suppress: true}
  STATUS_CLIENT: {suppress: true}
  STATUS_SERVER: {suppress: true}
restrict-stream-events: false

10.152.152.11:53598 (filter: 30_autogenerated): -> PROTOCOLINFO 1
10.152.152.11:53598 (filter: 30_autogenerated): <- 250-PROTOCOLINFO 1
10.152.152.11:53598 (filter: 30_autogenerated): <- 250-AUTH METHODS=NULL
10.152.152.11:53598 (filter: 30_autogenerated): <- 250-VERSION Tor="0.3.5.8"
10.152.152.11:53598 (filter: 30_autogenerated): <- 250 OK
10.152.152.11:53598 (filter: 30_autogenerated): -> AUTHENTICATE
10.152.152.11:53598 (filter: 30_autogenerated): <- 250 OK
10.152.152.11:53598 (filter: 30_autogenerated): -> GETCONF DisableNetwork
10.152.152.11:53598 (filter: 30_autogenerated): <- 250 DisableNetwork=0
10.152.152.11:53598 (filter: 30_autogenerated): -> SETEVENTS STATUS_CLIENT
10.152.152.11:53598 (filter: 30_autogenerated): subscribed to event 'STATUS_CLIENT'
10.152.152.11:53598 (filter: 30_autogenerated): <- 250 OK
10.152.152.11:53598 (filter: 30_autogenerated): -> GETINFO status/circuit-established status/bootstrap-phase net/listeners/socks
10.152.152.11:53598 (filter: 30_autogenerated): rewrote response:
    250-status/circuit-established=1
    250-status/bootstrap-phase=NOTICE BOOTSTRAP PROGRESS=100 TAG=done SUMMARY="Done"
    250-net/listeners/socks="127.0.0.1:9050" "10.152.152.10:9050" "10.152.152.10:9100" "10.152.152.10:9101" "10.152.152.10:9102" "10.152.152.10:9103" "10.152.152.10:9104" "10.152.152.10:9105" "10.152.152.10:9106" "10.152.152.10:9107" "10.152.152.10:9108" "10.152.152.10:9109" "10.152.152.10:9110" "10.152.152.10:9111" "10.152.152.10:9112" "10.152.152.10:9113" "10.152.152.10:9114" "10.152.152.10:9115" "10.152.152.10:9116" "10.152.152.10:9117" "10.152.152.10:9118" "10.152.152.10:9119" "10.152.152.10:9120" "10.152.152.10:9121" "10.152.152.10:9122" "10.152.152.10:9123" "10.152.152.10:9124" "10.152.152.10:9125" "10.152.152.10:9150" "10.152.152.10:9152" "10.152.152.10:9153" "10.152.152.10:9154" "10.152.152.10:9155" "10.152.152.10:9156" "10.152.152.10:9157" "10.152.152.10:9158" "10.152.152.10:9159" "10.152.152.10:9160" "10.152.152.10:9161" "10.152.152.10:9162" "10.152.152.10:9163" "10.152.152.10:9164" "10.152.152.10:9165" "10.152.152.10:9166" "10.152.152.10:9167" "10.152.152.10:9168" "10.152.152.10:9169" "10.152.152.10:9170" "10.152.152.10:9171" "10.152.152.10:9172" "10.152.152.10:9173" "10.152.152.10:9174" "10.152.152.10:9175" "10.152.152.10:9176" "10.152.152.10:9177" "10.152.152.10:9178" "10.152.152.10:9179" "10.152.152.10:9180" "10.152.152.10:9181" "10.152.152.10:9182" "10.152.152.10:9183" "10.152.152.10:9184" "10.152.152.10:9185" "10.152.152.10:9186" "10.152.152.10:9187" "10.152.152.10:9188" "10.152.152.10:9189" "127.0.0.1:9100" "127.0.0.1:9101" "127.0.0.1:9102" "127.0.0.1:9103" "127.0.0.1:9104" "127.0.0.1:9105" "127.0.0.1:9106" "127.0.0.1:9107" "127.0.0.1:9108" "127.0.0.1:9109" "127.0.0.1:9110" "127.0.0.1:9111" "127.0.0.1:9112" "127.0.0.1:9113" "127.0.0.1:9114" "127.0.0.1:9115" "127.0.0.1:9116" "127.0.0.1:9117" "127.0.0.1:9118" "127.0.0.1:9119" "127.0.0.1:9120" "127.0.0.1:9121" "127.0.0.1:9122" "127.0.0.1:9123" "127.0.0.1:9124" "127.0.0.1:9125" "127.0.0.1:9150" "unix:/var/run/tor/socks"
    250 OK
to:
    250-status/circuit-established=1
    250-status/bootstrap-phase=NOTICE BOOTSTRAP PROGRESS=100 TAG=done SUMMARY="Done"
    250-net/listeners/socks="127.0.0.1:9150"
    250 OK
10.152.152.11:53598 (filter: 30_autogenerated): <- (multi-line)
    250-status/circuit-established=1
    250-status/bootstrap-phase=NOTICE BOOTSTRAP PROGRESS=100 TAG=done SUMMARY="Done"
    250-net/listeners/socks="127.0.0.1:9150"
    250 OK
10.152.152.11:53598 (filter: 30_autogenerated): -> ADD_ONION RSA1024:<snip> Port=9878,10.152.152.11:38967
10.152.152.11:53598 (filter: 30_autogenerated): <- (multi-line)
    250-ServiceID=<snip>
    250 OK
1 Like

Does connectivity work now?


Commands we get.

Replies by Tor sent back to workstation.

No. Ricochet is online (always was) but it can’t see that someone added it.

1 Like

Ricochet main issue is with Tor 3.x on both sides, as there cant be connection happening between 2 Ricochets connected to Tor 3.x (according to my test) Other ppl tested that as well:

https://github.com/privacytoolsIO/privacytools.io/issues/474#issuecomment-473632617

Thats mean either we patch Ricochet , or wait for someone in couple of years or deprecate it.

2 Likes

Good find. Then there is nothing we can do to fix it in this situation. I nominate it for removal in the next point release (though keep the onion-grater profie around becuase it isn’t visible or takes up space) as keeping broken software will give a bad impression of the distro.

cwtch is promising as a successor but I won’t hold my breath over a Debian package. She releases Docker containers though which are difficult to integrate because you can’t really update them as securely as packages.

2 Likes

Done.

1 Like

As detailed below, the developer mentions many issues with ricochet

and moved to work on cwtch

Cwtch is an extension of the metadata resistant protocol Ricochet to support asynchronous, multi-peer group communications through the use of discardable, untrusted, anonymous infrastructure.

Anyone tried it?

There’s also https://ricochetrefresh.net/, an attempt by others to revive ricochet.

2 Likes

I just see you already mentioned it.

1 Like
1 Like
1 Like

This has been figured out and fixed thanks to @JeremyRand!

So once that is merged and there’s a new ricochet release, ricochet might be again functional inside Whonix.

This also opens the door for considering to re-install ricochet by default inside Whonix if/when ricochet hits the next Debian stable.

1 Like

Is there a good way to install Ricochet Refresh on Whonix 16 (on Qubes 4.04) that avoids the Tor over Tor scenario? The new Ricochet includes its own copy of Tor and I’d prefer not to use that.

Hi, I have been looking at Ricochet Refresh (https://www.ricochetrefresh.net) lately. To me it looks very promising - especially with the file sharing option. Has anyone been playing around with it in whonix yet? And is there a known way to use it safely with whonix?

They haven’t put out a release since June 2021. I guess we’re waiting for the next release to incorporate some of the issues @Patrick linked to above.

I had problems getting the current release to work reliably in Whonix.

Unfortunately the pull request was not merged.

So I’m trying to do as little code churn in Ricochet-Refresh as possible until the backend is replaced with Gosling. We have a ticket tracking this sort of thing here: blueprint-freespeech/gosling#5

As discussed in #101 all work in this space should happen in Gosling. See: #101

I don’t understand. You? @JeremyRand

Hi Patrick, sorry for the delayed reply. I don’t know what the hell is going on at Ricochet/Blueprint, but as of 2022 April 30, they are no longer Freedom Software. This has burned my trust in them as a contributor, and I won’t be sending them any patches in the future. Very disappointing; I honestly do not know what chat application I would recommend instead at this point. :frowning:

EDIT: Gosling is also non-freedom.

3 Likes
2 Likes

As per answer in above ticket, Ricochet Refresh I guess it is safe to predict that Ricochet Refresh will stay non-freedom software.

Whonix documentation updated just now:
Ricochet IM

1 Like

Apparently license was changed back to free.

I failed to find the commit which changed the license back to free because the reasoning would be interesting.

git log --all --grep="Commons Clause"
git log -S'Commons Clause' --source --all
git log -S"commons" --regexp-ignore-case

Maybe this was completely nuked, history rewritten? (git push --force)
license: updated to 3-clause bsd + commons clause · blueprint-freespeech/ricochet-refresh@b0a274c · GitHub (the commit that introduced Commons Clause) shows:

This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.


This one related but it’s not that. But also seems strange.

  • Someone changed the license in a pull request back to free, added REUSE compliance but apparently without prior discussion.
  • Not merged.

Cwtch messaging?

related:
Client-Server Instant Messengers (IM)

1 Like