Today is the day
2010-12-05
Today is the day my hardware project will be complete enough to risk using it personally
on an everyday basis. It will free up some time for software.
Hardware failure, jwebcache private key gone
2010-02-27
Sorry, but my server experienced disk problems.
Since the disk was encrypted, and backups were not as good as meant to be,
small amounts of data were lost. One thing I had forgotten to backup
was unfortunately the private key of my "jwebcache" service.
Back for a longer while
2009-12-25
Sorry for still being passive. Will regroup and join the activity.
Construction work is a massive temptation, and easily distracts me
from coding, but eventually, it will reach a phase when one can sit down,
think "what next?" and remember coding, not casting concrete or welding.
P.S. Sorry for letting my GPG key expire, new key available
and signed with my old key.
I2P 0.7.4 is available
2009-06-12
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.7.4
=====================
I2P version 0.7.4 introduces notable new features
like GeoIP capability and UPnP support. While the former
can become a basis for geographically aware tunnel-building,
the latter should immediately enable more routers to accept
inbound TCP connections, helping distribute workload more evenly.
Inbound NTCP is now enabled automaticaly if the router
does not appear firewalled, and default bandwidth limits
for new installations are increased.
In addition, multiple bugfixes and updates are included,
addressing issues with the NTCP transport, BOB protocol,
connection limiting, behaviour of new I2PTunnel options
and the SusiDNS user interface. Improvements to the Router Console
are likewise included. Updating is recommended.
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
8d2fd8b2e5ee75f60322e727e4086548fd7a7e2b i2pheadless-0.7.4.tar.bz2
63f0a78a7b9a43e62a5fc0f5e1c6115dca275419 i2pinstall-0.7.4.exe
d2bdf6311b00994fd49adeb2c15f2e2ed2834f24 i2psource-0.7.4.tar.bz2
53059774c901f741a4be9a63a2446fdf79dde872 i2pupdate-0.7.4.zip
dd491e7cb91059783aa895bf321d848b806a5738 i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkox/koACgkQ+h38a3n8zjPuQwCdELT2aXTVYeLNLrsrEVkZx1PQ
gc8An3/HFievfAvorlpm2GzzZE57KVIy
=xe6x
-----END PGP SIGNATURE-----]]>
I2P 0.7.3 is available
2009-05-16
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.7.3
=====================
I2P version 0.7.3 contains several buxfixes and improvements,
includes a lot of maintenance work and new versions of
both the SAM and BOB application gateway protocols.
A patch to I2P's internal web server Jetty is included
to correct SusiDNS behaviour on Windows. The way I2P nodes
volunteer to participate in the Network Database is changed
to avoid too many doing this simultaneously, and creation
of new participating tunnels is now throttled before messages
in existing tunnels start to get dropped.
Multiple improvements to the Router Console and other components
are included, I2PSnark can handle bigger torrents and more files,
while work continues on the experimental desktop interface.
Updating is recommended.
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
267cca04edd2ebf41adc0cfcfde8d1784df58bad i2pheadless-0.7.3.tar.bz2
4f096812bdb7ab86be36ce16590dbd7d0e2c7d12 i2pinstall-0.7.3.exe
3632f6c7c6d7165dafb992a5d39bc32969c061cb i2psource-0.7.3.tar.bz2
a3ca23ae3cbee273f27aea8e525b4958c41171fd i2pupdate-0.7.3.zip
cec64fbae310898b129570d1d88e1bd215af5f20 i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoPIBIACgkQ+h38a3n8zjN8nQCfbLp5i+SyXMnwhVAMwl9rYtOK
Cy0An372IlJMf/E+dHE9ssiH4DoTi57q
=7SfN
-----END PGP SIGNATURE-----]]>
I2P 0.7.2 is available
2009-04-18
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.7.2
=====================
The 0.7.2 release fixes multiple bugs and potential problems
in I2P, while preparing ground for new functionality.
Threading issues with the SimpleTimer class should no longer occur,
the NTCP transport should no longer encounter null pointer exceptions,
and "abandoned" tunnels should finish operation correctly.
Support is added for accessing the Router Console over IPv6,
a new message type enables I2CP applications to query
the router's bandwidth limits, an experimental desktop interface
for managing the router is included for the first time
(but not enabled automatically yet) and participation of a single peer
in too many tunnels is prevented to improve reliability and safety.
Besides other maintenance work, several old statistics calculators
are dropped to make router profiles smaller and quicker, while
new build scripts are supplied for I2P's big integer math library.
Updating is highly recommended.
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
068512a688a793ee8ad55e4de8fd82417d4d9f98 i2pheadless-0.7.2.tar.bz2
1f7376855f69c6f0a663d4b4128260a41a09b602 i2pinstall-0.7.2.exe
83e2a63db3d0a5db8e610df9e52ad538febe5e6d i2psource-0.7.2.tar.bz2
febe153072a107c6aa285d51f20217d90531644c i2pupdate-0.7.2.zip
b7313803bba86432f895a215096fb472d2677689 i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAknqW5oACgkQ+h38a3n8zjNBPwCeK7Hd4+iJa1myZhc7MPYHvMwR
HZMAn15tFbcHh2xE+HyZOT1EOctYZHK/
=RpcD
-----END PGP SIGNATURE-----]]>
Latest version strongly recommended (vulnerability in 0.7)
2009-04-08
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
As mentioned in the "news.xml" file, a vulnerability
was found in the I2P version 0.7 and upgrading
is strongly recommended (0.7.1 is resistant to it).
Full information will follow when enough time has passed
or the number of 0.7 routers has dropped low enough.
Thanks to the people who noticed it, and apologies
for its existence. It was not something one can
notice immediately, with the limited testing
capability we have available.
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkndGPYACgkQ+h38a3n8zjNTEgCdHSD57jb0+nXj4DHQMw57XIt2
RG8AnRpiemMIlueoFm9Ax+149ncQtbso
=V2Hy
-----END PGP SIGNATURE-----]]>
I2P 0.7.1 is available
2009-03-29
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.7.1
=====================
The 0.7.1 release optimizes I2P towards better performance
and introduces new features.
Multiple bugs are fixed, replacements to the SimpleTimer class
should waste less time on object locking. Some old components
are dropped and several classes refactored to avoid repeating code.
Support for encrypted LeaseSets (for creation of links over I2P
which an adversary cannot obstruct by attacking its gateways)
becomes more complete. New tunnel types like IRC server tunnels
and new options like delayed start and idling of tunnels
also gain support, along with improved usability of the I2P
Socks proxy mechanism.
Work continues on streamlining and expanding the Router Console,
on the BOB protocol, on I2P ports for Debian and Slackware Linux,
on the I2PSnark client, on TCP connection properties
and multiple other fronts. Updating is highly recommended.
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
16fd61d0d00f96af43b02e81234f56c648d41a1e i2pheadless-0.7.1.tar.bz2
e06edca6391eba5bfac31bfd1cd4b9155a82d4b5 i2pinstall-0.7.1.exe
cabb2725ccd666d0bbbf344823ff9f62cb9e477d i2psource-0.7.1.tar.bz2
94e7678442aa37e2297830950c63e9e26f77de1f i2pupdate-0.7.1.zip
4155b392a619c2c68c1e81d21c7558588818652d i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAknP3UQACgkQ+h38a3n8zjNTwwCcCBDoS6Lqz7rpuNFx4ilSO6fb
7DcAn1hXp0ENXXR1wpfnodKjXRgFNYc1
=BBsy
-----END PGP SIGNATURE-----]]>
I2P 0.7 is available
2009-01-24
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.7
=====================
The 0.7 release adds stability and flexibility to I2PSnark,
which can hopefully be used to distribute I2P updates in future.
The I2P router gets fixes and optimizations to various
transport-level and streaming issues, network exploration,
NetDB performance and the UDP introducer system. Among other features,
the new release offers better connection limiting, higher tolerance
to "out of memory" exceptions in helper applications, and an
experimental new address system using Base32 hashes
of destination keys (".b32.i2p" URLs).
Both the BOB and SAM protocols are improved upon,
more old components dropped, Router Console features added
and a possible latency measurement attack mitigated.
- From this release onwards, block lists for misbehaving peers
are activated by default.
It seems worthwhile to remind that already since
the last release, I2P requires Java 1.5 or higher.
If you are uncertain about your Java version, you can verify
by opening a terminal window or command prompt, and entering
the command "java -version". If you have an older Java installed,
please update it first!
This release is backward compatible: if you already have
0.6.1.31 or greater installed, it will recognize the signature
on the signed update file, and you can update automatically.
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
7b569ba3511a466732f9a41f7890f97826ce6eed i2pheadless-0.7.tar.bz2
67777b620d2b004938c11956324e6a326bcc9d26 i2pinstall-0.7.exe
1255e5eee870152276535e8e22cf859dcd8f2f6a i2psource-0.7.tar.bz2
f09553859bddb59bf7530913a556ef73136bf2cf i2pupdate-0.7.zip
61dde0d79ec666cb2a2acef8663748a6ccebe7a2 i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkl7sFQACgkQ+h38a3n8zjMArgCfQCc2ashzAIN6ZVNsl40BB4cj
UkgAn1HqnG8FOuN84l3gShE3PVfDAVNS
=TxoZ
-----END PGP SIGNATURE-----]]>
I2P 0.6.5 is available
2008-12-03
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.6.5
=====================
The 0.6.5 release introduces new components,
drops some old ones (like the old TCP transport)
and has been optimized to perform better.
The BOB (Basic Open Bridge) protocol is introduced,
for use by client applications which cannot import
I2CP libraries directly. This deprecates the old
SAM protocol which was previously used in such cases.
For now however, BOB is not started automatically yet on
new installations, and SAM remains active on old installations.
Improved code should be better at preventing congestion
by probabalistically dropping participating traffic,
and likewise behave better when congestion occurs.
The floodfill NetDB should operate more reliably,
the streaming library should choose better message sizes,
offer a socket timeout function, and work proceeds
on the "hidden" mode of operation for I2P routers.
- From this release onward, I2P requires Java 1.5 or higher.
If you are uncertain about your Java version, you can verify
by opening a terminal window or command prompt, and entering
the command "java -version". If you have an older Java installed,
please update it first!
This release is backward compatible: if you already have
0.6.1.31 or greater installed, it will recognize the signature
on the signed update file, and you can update automatically.
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
ba37303108297601614468643dc3886683a5cf07 i2pheadless-0.6.5.tar.bz2
a161f3e8ab3fc4a25d216b331173fbf76e68c102 i2pinstall-0.6.5.exe
0c135d8ad96401d38285cb931a8bf0f248ba74fc i2psource-0.6.5.tar.bz2
f04c095da352a4e8b938db4a9f820902cf1f1614 i2pupdate-0.6.5.zip
c66465d614b9e669ccda155b8098052d74c90024 i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkkzOqQACgkQ+h38a3n8zjNSlACfUsxikszaXu/opRpwMmPBbAQq
clQAnRbuoYUa8qPiea7fCxOsGKsJMMCL
=STLb
-----END PGP SIGNATURE-----]]>
I2P 0.6.3 is available
2008-08-24
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.6.3
=====================
The 0.6.3 release introduces multiple bugfixes, optimizations
and security improvements. Routers will start monitoring the number
of well-behaved NetDB peers, volunteering as one if a shortage develops
and they can. Well-behaved NetDB nodes are preferred stronger,
and ill-behaved nodes blacklisted more effectively.
LeaseSets are handled more efficiently, new fixes should enable
the correct operation of UDP introducers. I2P also gains
preliminary support for permanent IP blocklists, and a new
peer connection limiter. Improvements to the Router Console
should make configuring client applications easier and I2PSnark
will now resist corrupt data better.
This release is backward compatible: if you already have
0.6.1.31 or greater installed, it will recognize the signature
on the signed update file, and you can update automatically.
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
6874bb777a85567f1dedbc764798c113335ec9fc i2pheadless-0.6.3.tar.bz2
69b0ce4f9d08745f94cfe4957dff40152d9cc51a i2pinstall-0.6.3.exe
4a53ffbdbf52a210514f737915234e61aa9860d2 i2psource-0.6.3.tar.bz2
9b61fe5e467341f05f35cf75e5b07c0c80480c87 i2pupdate-0.6.3.zip
1acae1e39454a6c6aabc6ed9a3db1661d7eaaa58 i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIsTvl+h38a3n8zjMRAi2GAJ9HAwg9JBWIjkHcvR8SHw95FcYnngCfQL+w
1mtf+iIPehoqxYgnky4cexs=
=5P8t
-----END PGP SIGNATURE-----]]>
I2P 0.6.2 is available
2008-06-07
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.6.2
=====================
The 0.6.2 release delivers performance and anonymity improvements.
LeaseSet data is no longer added to every end-to-end message,
reducing protocol overhead.
Unreachable peers are avoided as inbound tunnel gateways,
which helps reliability and makes it possible to use
persistent Lease selection, which in turn helps performance
by reducing out-of-order message delivery.
The sequence of peers in a tunnel is now kept in a strict order
according to XOR distance from a random value, to make it harder
for an adversary to gather statistics for a predecessor attack.
Improvements to applications like I2PSnark and the Router Console
are also introduced.
This release is backward compatible: if you already have
0.6.1.31 or greater installed, it will recognize the signature
on the signed update file, and you can update automatically.
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
9eb2558c484c56fa3f2623e473327ffee19b8b87 i2pheadless-0.6.2.tar.bz2
2161705ea9d57c05806b312179be524029ad8c92 i2pinstall-0.6.2.exe
ef73b46d080ca5467eb5792f3fca62ed86852f85 i2psource-0.6.2.tar.bz2
455bc05cd20df32ce60174c796d32234f72155cd i2pupdate-0.6.2.zip
7da3777591f7f9f00d9e24182e973408484aee6e i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFISwCz+h38a3n8zjMRAvg6AJ0cM526cZK1jus2MGGlkxW73cWeHwCfU88Z
AqL1Wz/jN7hRUPXLRhPJTGw=
=u9me
-----END PGP SIGNATURE-----]]>
I2P 0.6.1.33 is available
2008-04-26
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.6.1.33
=====================
The 0.6.1.33 release contains several important bug fixes
and performance improvements in SSU reachability detection,
floodfill peer selection, tunnel peer selection, tunnel testing,
NTCP idle detection, the streaming lib, and news fetching.
It also adds secondary tracker support to i2psnark, and verification
of downloaded Jetty libraries when building from source.
Please upgrade as soon as you can, as these fixes
should improve the reliability of the whole network.
This release is backward compatible: if you already have
0.6.1.31 or greater installed, it will recognize the signature
on the signed update file, and you can update automatically.
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
74e94871dca130bde0e49c0855ed8156c4012270 i2pheadless-0.6.1.33.tar.bz2
61a333820e5f8726391b22ba8cd55e0a5430c812 i2pinstall-0.6.1.33.exe
ca73e5cf57d57c7de4b49ae41b2890f890d5d0bb i2psource-0.6.1.33.tar.bz2
8f0baefd50ee87bd876d25ca4af38479c0b2599b i2pupdate-0.6.1.33.zip
8922e04a3c2f4a83e5e27c6b32912ccdcf53abd3 i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIE7tU+h38a3n8zjMRAtlfAJ44/kO8VuAsQKj1bsEH8QB4Fwb7ygCfU1/z
cgl7qzx0CFmusyzKuwhCiTI=
=wR82
-----END PGP SIGNATURE-----]]>
I2Phex testing binary release (build 0)
2008-04-04
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2Phex testing binary release (build 0)
========================================
I apologize for the massive delay. This really took a while.
I have reached a stage in I2Phex development where I am
confident enough in its behaviour to publish a binary release.
I still consider I2Phex experimental and likely to contain
serious bugs -- however, it should now be at least as safe
as the old I2Phex was (and hopefully a bit better).
Precautions
============
The configuration directory of this I2Phex release
conflicts with the configuration directory of the old I2Phex.
To ensure a smooth install, I recommend moving the old
configuration directory entirely aside and letting the new I2Phex
create its own configuration directory from zero.
You can find the old directory at the following locations.
Linux:
/home/username/.i2phex
Windows:
C:\Documents and Settings\username\Application Data\I2Phex
After you move this directory elsewhere (keep it at first,
in case something goes wrong and you want to revert back),
your library of shared files will need to be redefined,
and hashing files will take some time.
Install procedure
==================
On Linux, please use the "i2phex_3.2.0.103.0.tgz" archive.
On Windows, please use the "i2phex_3.2.0.103.0.zip" archive.
The files are identical, but the .tgz file preserves file attributes
which means that Linux users won't need to "chmod" their runner script
to make it executable. On Windows, this is not needed.
* You can extract the archive anywhere in your filesystem.
* Your I2P router should be running, with its I2CP listener
available on its default port (7654) and eepproxy also
available on its default port (4444).
* On Windows, you can start I2Phex by double-clicking "run.bat".
* On Linux, you can start I2Phex by double-clicking "run.sh".
* If your system configuration has unforeseen differences
from what I've tested against, this may not work.
If runner scripts fail for you, please report
so I can improve them.
For the time being, you can find the files at:
http://complication.i2p/i2phex/3.2.0.103.0/
Others may be able to mirror them later on.
As usual, for those who can't check my GPG signature,
supplied below are the SHA1 hashes of the archives.
The third is a source tarball, which I haven't properly tested.
I recommend using the Phex SVN repository instead.
f9affad13ec721371c390d79957da89b9ec3e5a9 i2phex_3.2.0.103.0.tgz
e80e9520b29939a93edeacc879af717ad05daa83 i2phex_3.2.0.103.0.zip
9cde0929cf2a446d6d010749fafe41d6d0f340c1 i2phex_3.2.0.103.0_src.zip
I hope this works,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH9poQ+h38a3n8zjMRAgq7AJ0YWi8grgSYIxez8uQjtUKW2GTq/QCdHsZS
sVjgTlctys3KXPyh9eeTqE0=
=MQ0k
-----END PGP SIGNATURE-----]]>
I2P 0.6.1.32 is available
2008-03-08
Since forum.i2p is currently experiencing hardware issues
(badger mentioned on IRC, backups exist but their use will take some time)
this release announcement is currently not mirrored there.
I will post on the forum when it becomes accessible again.
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I2P release 0.6.1.32
=====================
The 0.6.1.32 release contains several bugfixes,
a new tunnel build algorithm from zzz which regulates
the intensity of tunnel building according to previous levels
of tunnel build success, and other performance improvements.
This release is backward compatible, and if you already have
0.6.1.31 installed, it will recognize the signature
on the signed update file (so you can update automatically).
However, to ensure better distribution of load
between our 3 signed update servers, I recommend that you
perform the following optional check:
* Open the update configuration page on:
http://localhost:7657/configupdate.jsp
* If you see 3 update URLs, no action is needed.
If you see one update URL, open the advanced configuration
page on http://localhost:7657/configadvanced.jsp
and delete the configuration entry beginning with
"router.updateURL=". Then click "Apply", and default
configuration should take effect for update URLs.
* Please note that since 0.6.1.31, configuration entries
may span multiple lines, so please double-check
where the next entry begins, to avoid damaging it!
As customary, for people who don't have the option
of checking GPG signatures, supplied below are the
SHA1 hashes of released files:
dec477401dc4f5ac98a5e50e107fe2ccc1431ce5 i2pinstall-0.6.1.32.exe
a385d6456df6835d4dc6aec146a51e266e91fbe6 i2pheadless-0.6.1.32.tar.bz2
0c2eac42c21bdbc7c877dfc0b4e9430a34f7457f i2psource-0.6.1.32.tar.bz2
5b3157096ac5a7af81e9b0555aadc7738c22d79d i2pupdate-0.6.1.32.zip
c8300278277e5769d542864b821045c5e9285da2 i2pupdate.sud
Best wishes,
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH0uMZ+h38a3n8zjMRAu11AJ4zcKwS7flj2aGEJOhA/uuvzfE7OgCfdZZD
E+npcvwX3Y4q5oAD4t9RUBI=
=EaFf
-----END PGP SIGNATURE-----]]>
Monotone transition guide
2008-02-10
The Monotone transition guide which I've been writing,
is for most purposes complete. Since it contains keys, I have signed it,
but the keys included in it are signed by their owners too.
This document is fresh, and likely contains mistakes.
Please report if you notice them.
Transition guide
Upcoming 0.6.1.31 release
2008-02-05
A new I2P release is being prepared, so that I2P development could continue.
Since jrandom is not available to sign it, and the old server is not available
to host it, you will need to evaluate whether you trust me or Zzz
to sign the updater.
If you do, you'll need to make changes in your router's configuration:
- by configuring a new news URL
- by introducing new update verification keys
(the public halves of update signing keys)
- by randomly selecting one of 3 new update URLs
Zzz has posted a description of how to get started:
http://forum.i2p/viewtopic.php?t=2532
My monotone repository is deprecated now
2008-02-01
My monotone repository, having been a temporary replacement,
is deprecated now. Everyone is kindly recommended to consider
"mtn.i2p2.i2p" (which does not need anonymity for itself,
and can therefore afford using faster 0-hop tunnels).
Unless you already have it, the destination key
of "mtn.i2p2.i2p" is the following:
G6VmsrLYbdcxBq585OUcQn7wbwC7J5jfXDWWL6lPBw5iq68VxqxibraiPwwF6NM2aHV8BkqyCKYSL9fUuYWoeUc1zL~2l1DX2x~LfyItGJKDIUGImWQivXF1w7EGYMhjq4UCmPKTsnl4G86oKW8PGaaF8mzjjUKW1R7G7941my~mnbeTrhjlLgaMK-tauVodgTPIYkxfMJaq3zWuirztuUgDcXXIbkpzaA2Iben0VqbjbMJisj4fFh0EvqNkYAG54YBc26~W6SPWyBgZilXvFlcizF90Q5NkIGMMHXTq46qEYHkpQC3CoaH6PMNVDetDPmFc3QXmc68cNcj~VPh4XVsn3qiKhXuRdXggEC3RoTcxqaeassfIG5xhRdnJzGSVhYUE3At~8wI-AuRV~AglV1Q-AZTWT~9VxBzcxfI1PpfzeA-5z5T4542bh1e-RM9tzXEx5ErPCt6M~zJ2~4-tz-aBsZEhBkn0iDi8pazshg6lTl1~hCnueZBxYICqPrlBAAAA
I am currently writing a more comprehensive guide
about using Monotone for access to I2P and Syndie sources
(and development). Until then, you can find lots of helpful material
on zzz's site.
Syndie monotone repository
2008-01-22
A monotone repository (with the recommended name "syndie.mtn.complication.i2p")
is running somewhere, and serving the Syndie source code. Its destination key
is provided below.
mqKg7wcn9vDoaeRJppPs7cAFCGHASFrmvn7wm0PSiC89jPXcOycdZnMarhBEXZ8EkbGQ0gphM1EPZoKJbcJv-C0xcbPfTguIZdjO02NjOc3GEMzeO2wHNixTco5BlLnpczmBOQmTZtagRRVLIWW3d9IF5U7Swrk-NzO~iP3IL7yDaeo4lrb6Gr8w6esQ31dgdoQ~C8FCZmqJ1GX9esNXFyWWbPxLXmiM0V1bpZSs1WukDp6nHAfFDSdNNBZqybBVc7yHAeCI6gjRyCH5yZg8InW2CsbVOmuJLK0Tdif4nhJu0m5rI-Vnym3Y0Q2XUqCL7l9uIHi2IpQggH9wTc4PmndkQXqVhIjDRs9Fg01ukZ~2KDckvgwwChjio3m7oocpWY4ISzgsPHgPUJtxkj3ruG3qP191HY9JfvmgG7F1wS8NGOJZKY0ZpSKoXeO2SFwNkDxU2FafpfX03kYex3-QvKZQRrO-Oe4X4at4NSTiYImnbfPbO~Qeb5E82qBysVdIAAAA
If you want Syndie sources, you need to:
Create a standard client tunnel (bulk profile)
pointing at the above destkey, listening locally on port 8998.
Change into a directory where you like the monotone database
and Syndie source directory to appear.
Issue "mtn db init --db=syndie.mtn" to initialize the database.
Issue "mtn genkey yourname@someplace" to generate your key.
An example might be "complication@mail.i2p" for a commit key
and "complication-transport@mail.i2p" for a transport key.
I'll explain about transport and commit keys below.
No, it doesn't need to match a real e-mail address.
Issue "mtn --db=syndie.mtn pull 127.0.0.1:8998 syndie"
to pull the database from the server to your local repository.
Issue "mtn --db=syndie.mtn checkout --branch=syndie"
to check out a working copy from your local repository.
I have not registered the above destkey with name services yet,
but will do that eventually. You can find instructions which jrandom wrote
for Monotone use over here.
Remember, a transport keypair is something you use to "push" or "pull"
changes between a remote and local repository. Oppositely, a commit keypair
is something you use to sign changes to code.
Transport keypairs are often not password-protected,
commit keypairs generally are. To contribute to Syndie development,
you need to send the public halves of both a a transport
and commit key to the person running the repository (for this repository, me).
Source tarball signature found
2008-01-22
The source tarball signature was found!
Many thanks for your help, Kailash!
Now everyone can obtain and verify the last source version signed by jrandom
(and we have a point against which to check in future).
Available on http://www.i2p2.de and:
http://complication.i2p/i2p/0.6.1.30/i2p-0.6.1.30.tar.bz2
http://complication.i2p/i2p/0.6.1.30/i2p-0.6.1.30.tar.bz2.sig
Nearly complete mirror
2008-01-21
Copy of: http://forum.i2p/viewtopic.php?t=2500
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We have a nearly-complete website mirror,
created by "welterde" from the IRC channel.
http://www.i2p2.de
Using the new mirror should reduce load on Tino's inproxy,
leaving it more capacity to work as a proxy.
This mirror contains the graphical and headless installer
(links to other binaries may be broken). If you want to ascertain
the integrity of files, verify their hashes or signatures
against information provided above, or obtained elsewhere.
On related notes, the possibility of finding a new server
with root access is being studied, but that is not certain yet.
A repeated request for assistance: if anyone has the file
"i2p-0.6.1.30.tar.bz2.sig", please mention!
That file is missing but important!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHk9ZX+h38a3n8zjMRAh6yAJ41yJFSLlfYDEFOU0voqpOs/vhb8gCfQatd
Yjw5OU7IR1ESiJiB8b9Y9Tw=
=0ivB
-----END PGP SIGNATURE-----]]>
Even more direct reseed URL
2008-01-20
Just for info, the fastest reseed URL currently should be:
http://i2pdb.tin0.de/netDb/
Alternative outproxies
2008-01-20
Due to squid.i2p disappearing, two server operators have stepped forth
to provide alternative outproxies. To my best knowledge,
their destination keys are as follows.
Let us use these outproxies politely and sparingly - their operators
are taking an elevated risk for our convenience, without asking anything in return.
To start using one of these outproxies:
- open SusiDNS ( http://localhost:7657/susidns/index.jsp )
- save the name and destination key into your router address book
- open I2PTunnel ( http://localhost:7657/i2ptunnel/index.jsp )
- stop your "eepproxy" tunnel
- open its configuration page
- replace "squid.i2p" in the "Outproxies" box with the new outproxy's name
- save tunnel configuration
- restart your "eepproxy" tunnel
krabs.i2p
(name: certain, "sponge" named it so)
k6qIwzff6s1RiRQQy9O6cliBTfHffKZ2F~pVG8nmCqMxEpPnywynFa9XVS6VBbhxGRAMG~PIb2IaFRYS5GFdM3fnnJ~Cn2AbN-qsqbl6cXExj5Fy9Cd-aPR44XW0NE9qjFPiN~6JUOg0fitF65RmsMrFvHq9LM2zOFxOfnPKVsBJGRpjhp6EPRNrkXvzQTw7x6~kqUJ-VGW0avjrz4EmgT6Wias5z0EPioneKOhG-1NepL8HqEv9ryGt31~kmI1-B0cS8v1riaXH0rZWjJ0VvUFEoJ3sHCir4vsnSf1YQIKMUO~zKlgTVZBsw8P2ILFFihs0g9KMIWVjJqqo0PzCM1O-LW90hirn~Ryh4zOZI-orIiV9Oqu96Fj2bvBYSka11TY7erLOCk64tc5NwxvlJQ3F-lk0ZFGvYuU~l45mi0khFLnDnzhDFtcY6YNLRG8hmv9IR2MrG9TJFfSwXdx11LI-57tkRi9Jw4s8OjLijNNDOJX~rVgwZVVIEQcOhGxkAAAA
betrue2yourself.i2p
(name: uncertain, the operator did not name their destkey)
Jeb1Ctlh55wWezbA~sCxYQsreDPS~qFJ6DeNMPl7~Kx0w1Odh8YE3QKrZS7WlNqeoRNJLyPgf7h19Tosb-ATZOPDH7B4pQvI4CdlTv-Uimq4dI71PRRZQr3mCBihW~WtVReDOO3JiDf1Bx225xhTmWp0KYo5AM91EW0TcHi8immHBFB9jcjekPoU~zlVAqy5S07LnS7f7rWtC7kno983Dyi9arWDPmnnzu2QD4mMrH0EkuuoBqwUi1HBUNhTn~lL8KqfSpg9j9q-eqd~eixF3nOlsrxMFuWVV1HOUtyMUTRGEX4i4IDPWmRQeFZ0gmfeBYdad~nG1X7uBVeeEtGSrggnegXoSE4oaIuONNXYORsevZn8UahC~kkNWg1wPQtr57TirhLirkF2qHUuwAqe5G00PIhC0-J8K5Ye0QDd5a1coQT87kBgcqLcbSR1oGIjxv2Ma6970Fv65a2a~YKqZZbuGof5-5-7X48SVhOigmo2c-COyt2rXoQlGQpBWtDsAAAA
Installer mirror updated
2008-01-20
Copy of: http://forum.i2p/viewtopic.php?t=2500
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Edited
======
This post replaces its previous version from 2008-01-18,
which referred to installer components on Tino's site
as version 0.6.1.28.
Since Tino found archives for 0.6.1.30, I edited my post
and naturally re-signed it. You can still read
my old post on my eepsite.
Tino's mirror
=============
Key installer components of version 0.6.1.30,
with PGP signatures from jrandom, so you could verify.
http://i2p.to/mirror/dev.i2p.net/i2p/
Graphical installer on Tino's mirror
====================================
Download that file and run it. If you're not on windows, you can
type java -jar i2pinstall.exe (yes, really)
http://i2p.to/mirror/dev.i2p.net/i2p/i2pinstall.exe
http://i2p.to/mirror/dev.i2p.net/i2p/i2pinstall.exe.sig
SHA1 929b6646033302bf08e152992f247085924b5c82
Headless installer on Tino's mirror
===================================
Run (tar xjvf i2p.tar.bz2 ; cd i2p ; vi install-headless.txt)
http://i2p.to/mirror/dev.i2p.net/i2p/i2p.tar.bz2
http://i2p.to/mirror/dev.i2p.net/i2p/i2p.tar.bz2.sig
SHA1 50709313a4fedb4fabe684bd9bc40165bee62fc3
Updater on Tino's mirror
========================
This updates an older I2P router to 0.6.1.30.
Copy into your "i2p" directory, restart your I2P router.
Update occurs automatically.
http://i2p.to/mirror/dev.i2p.net/i2p/i2pupdate.zip
http://i2p.to/mirror/dev.i2p.net/i2p/i2pupdate.zip.sig
SHA1 5fe0921ac3a0dfea99eb52f7172031c27151e7e3
Source tarball on my eepsite, via Tino's proxy
==============================================
Extract. Compile with "ant dist" to get binary installers.
You need a JDK and Ant.
WARNING:
I don't have jrandom's signature of this tarball.
If anyone has the file "i2p-0.6.1.30.tar.bz2.sig",
please make it available somehow!
http://complication.i2p.to/i2p/0.6.1.30/i2p-0.6.1.30.tar.bz2
SHA1 6b82dcd305a819a3eb9236a70a9e125897bba048
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHk4ZL+h38a3n8zjMRAkOFAJwLIIEh8QI2C3ecaYmYX5ydV+M9mACfaWw1
FOyNExtt/DE4ZN4t3QXk1lE=
=R7Iw
-----END PGP SIGNATURE-----]]>
Part of www.i2p.net still alive
2008-01-19
Copy of: http://forum.i2p/viewtopic.php?t=2500
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks to Frosk snooping around a little,
it appears that a "shadow" of the old "www.i2p.net"
is still visible on on:
http://66.111.51.110
It is only half of the site - you can browse documentation,
but not download installers. Nobody currently knows if "dev.i2p.net"
can be accessed similarly or not. Therefore, for installers,
you still need to rely on Tino's mirror.
The original CVS repository is available for NON anonymous access.
Instructions for using it are:
1) NON anonymous CVS access
===========================
The I2P sourcecode is kept in a CVS repository.
For those who aren't very familiar with cvs, there is a fantastic book
on the subject (developers only need to deal with the first chapter -
"An Overview of CVS", as subsequent chapters go into some nasty details
very few ever need to touch).
http://cvsbook.red-bean.com/cvsbook.html
Unix CVS
cvs -d:pserver:anoncvs@66.111.51.110:/cvsroot login
Password: anoncvs
cvs -d:pserver:anoncvs@66.111.51.110:/cvsroot co i2p
WinCVS
WinCVS CVSRoot (login then checkout):
anoncvs@cvs.i2p.net:/cvsroot
Password: anoncvs
2) Anonymous UNSECURE CVS access (temporarily needs TOR)
========================================================
Since the CVS server lost its I2P-facing side (the I2P router HF0j
which ran on dev.i2p.net disappeared), you need to break the glass,
and push the big red TOR button.
Torified CVS login and checkout (Unix only) go like this:
torify cvs -d:pserver:anoncvs@66.111.51.110:/cvsroot login
torify cvs -d:pserver:anoncvs@66.111.51.110:/cvsroot co i2p
I have tested to my best ability, and I *think* CVS torifies safely
(meaning I didn't detect any leaks, but they could exist).
WARNING!
Remember that when you use an untrusted outproxy to access CVS,
the outproxy can grab & abuse your login credentials.
Even those who have commit access, currently please login
only as "anoncvs"! Thank you!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHkbvr+h38a3n8zjMRAuVFAJ98woCylWjnH9HKG17Ced852VgB4gCfVo/2
YyKoH62ev0VSA5CZ+YXWKGk=
=FtOO
-----END PGP SIGNATURE-----]]>
Installer mirror
2008-01-18
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
More useful work-arounds:
Tino's mirror
=============
Key installer components of version 0.6.1.28.
Slightly old but authenticated, should work fine.
http://i2p.to/mirror/dev.i2p.net/i2p/
Graphical installer on Tino's mirror
====================================
Download that file and run it. If you're not on windows, you can
type java -jar i2pinstall.exe (yes, really)
http://i2p.to/mirror/dev.i2p.net/i2p/i2pinstall.exe
http://i2p.to/mirror/dev.i2p.net/i2p/i2pinstall.exe.sig
SHA1 c865ce42f91d94dc7ed702eebbbcc11fe4b4b35f
Headless installer on Tino's mirror
===================================
Run (tar xjvf i2p.tar.bz2 ; cd i2p ; vi install-headless.txt)
http://i2p.to/mirror/dev.i2p.net/i2p/i2p.tar.bz2
http://i2p.to/mirror/dev.i2p.net/i2p/i2p.tar.bz2.sig
SHA1 52b7df13cae18037babfc8d5c989e79f44f074be
Source tarball of 0.6.1.30 on my eepsite, via Tino's proxy
==========================================================
Extract. Compile with "ant dist" to get binary installers.
You need a JDK and Ant.
WARNING:
I don't have jrandom's signature of this tarball.
If anyone has the file "i2p-0.6.1.30.tar.bz2.sig",
please make it available somehow, it would help a lot!
http://complication.i2p.to/i2p/0.6.1.30/i2p-0.6.1.30.tar.bz2
SHA1 6b82dcd305a819a3eb9236a70a9e125897bba048
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHkSyu+h38a3n8zjMRAgYPAJ9vocNZ/zOnORp+7qS2HnMlqU3pkACfRXVk
50k7RTcbxIQZjhNA1yAanqc=
=2Y5c
-----END PGP SIGNATURE-----]]>
Temporary work-arounds
2008-01-17
Reseeding is still possible, using the help of Tino's inproxy.
You will need to open up Configuration > Advanced:
http://localhost:7657/configadvanced.jsp
Then you will need to enter two lines:
<![CDATA[i2p.reseedURL=http://tino.i2p.to/i2pdb2/
i2p.alwaysAllowReseed=true]]>
Then you need to apply the configuration, and if you click "Reseed"
on the left sidebar of the router console, it will reseed.
If for some reason, Tino's site should fail to provide suitable routerInfos,
as a backup you can try http://complication.i2p.to/i2pdb/ (which is much slower).
Preliminary news about www.i2p.net downtime
2008-01-16
Copy of: http://forum.i2p/viewtopic.php?t=2500
<![CDATA[-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Preliminary news about downtime
Those of you who frequent the IRC channels
will already know this, but many probably don't.
1. The conditions
=================
On January 13, Sagonet, where www.i2p (== dev.i2p == squid.i2p)
is located, experienced a power issue in their datacenter.
This left some of the servers offline, until their owners
issue remote restart commands.
I have no way to issue a remote restart command for www.i2p,
since I don't have login credentials. I have exchanged some e-mail
with Sagonet folks. They did check the router which the server
is connected to, and it seems OK. They did check the server,
and it's online at a login prompt.
But they cannot help beyond this with the server, and it's normal too.
You don't restart your customer's servers at the request
of a complete stranger.
2. The implications
===================
This means that the "public facade" of the I2P project is down for now.
The network itself is fine.
This forum continues to operate, because it's hosted separately
by cervantes, but when cervantes has to change IP address
(not sure when) there's no way to update the DNS entry
to point at this forum, so it may be lost eventually,
and may have to pick a new name outside I2P.
Short of luck (e.g. a cron job left by jrandom restarting the server)
there appears to be no way to get the old server back into service,
and no way (short of jrandom stopping by and supplying login details)
of making full use of it again.
As such, a new server is needed.
3. The changes to expect
========================
A new server will be found, and will be located
at a different DNS name.
It will probably run a web server and a version control server.
I have the necessary files to restore the website,
but not their change history. I also have I2P sources,
but not their change history.
I do have the complete change history for Syndie,
since Syndie uses monotone for its version control,
and every Monotone repository contains everything about a project.
Without the old CVS server becoming usable again,
we cannot probably rescue the complete change history
for "i2p" and "i2pwww". Since CVS as a centralized solution
is a poor platform for projects like I2P anyway,
we might just as well pick a new version control system,
and import the last jrandom-signed source tarball into it.
I will need to talk with more people about version control.
I'm naturally inclined to pick Monotone (distributed development
and strong authentication are benefits, inability to host a repository
on an HTTP server is a shortcoming). I've been also asked
to try out "darcs" and "bazaar". I am testing them.
I have received an offer to host the website by someone
on the IRC channel (I will not be disclosing their nickname
before asking their permission). Perhaps that person can host
the version control system too. What they cannot host,
is an outproxy service like "squid.i2p".
If providing something like "squid.i2p" is required in future,
I guess the requests can be accepted by some I2P server,
and automatically directed where they truly belong,
into a network dedicated to outproxying, namely Tor.
The release process will need to change.
Releases will likely be hosted inside I2P, on multiple servers.
Instead of getting signed by jrandom, they'll be likely signed
either by zzz or myself. We'll describe in more detail
when a replacement website gets up again. You can check for info
either here, on http://zzz.i2p, http://stats.i2p
or http://complication.i2p .
Sorry for the major confusion.
It was not within my ability to foresee.
Complication.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHjbwp+h38a3n8zjMRApHHAJ4rj7GmpOPEAkSBqWyTMo6hDyl28gCfcMr5
55qU3aePBIz/vFE9y6Cq/OI=
=W0Ql
-----END PGP SIGNATURE-----]]>
New public key
2007-11-24
I have a new public key. You can find it signed with my old key
over here (and in the top menu).
Sorry for letting the old one expire before noticing.
0.6.1.10 is coming, be prepared!
2006-02-14
As you surely noticed (jrandom posted on the mailing list,
cervantes posted on the forum) I2P version 0.6.1.10 will be out
later this week, and will be backward incompatible.
The transition should hopefully be smooth.
More info at:
http://forum.i2p/viewtopic.php?t=1506
