I've been working for a few weeks on a TKLPatch for Psiphon. From their website:
Psiphon is content delivery technology that makes it possible for:
- Individuals to access Internet content anywhere, and anytime.
- Media producers, corporations, community groups to reach their audiences.
This is my take: it's an anonymous, SSL'd proxy server by which to circumvent autocrats' attempts at depriving citizens of information.
I discovered Psiphon about 5 years ago, when it ran on Windows. I fell in love with the software, its mission, and the priniciples driving the project - commitment to an open and accessible internet despite the urgent efforts of autocrats and oppressive regimes.
After it disappeared, I kept looking for signs of its reemergence. Finally it's back. They're not naive about the dangers one exposes oneself to by making a Psiphon instance available and they are tremendously honest about the software's weaknesses and the risks one runs by accessing or running an instance.
For the conf script, I'm using a modified version of their install script. Psiphon downloads, installs, and configures a customized Apache2 and its own MySQL instance.
I'm able to script the addition of the admin user and will be able to use an inithook to set the password (sha1(salt.password)). However, the first time it's accessed, it wants to be accessed from the localhost. For now, I'm installing lynx; from that first access, you configure a new proxy with the IP address that will be used for psiphon. I've looked at the pythonic mechanism confconsole uses to reckon the IP address, but I'm not sure how take advantage of that.
I'm handling the certificate generation through an inithook as well: it prompts for an IP address, and I can't seem to give an automated response to the request (the default is 127.0.0.1 - I just need to give it a carriagea return. I don't understand openssl well enough to parse the command that issues the prompt.
Any suggestions would be so very welcome. I'm eager apply this patch and make my first deployment to amazon.
I wish there were nobody who could benefit from it.
Couple of links:
Update: Intended to be applied to Core 11.1. Revision R: Admin interface now somewhat intelligently configures admin access on every boot (in the event of IP change). Service now runs from init.d/psiphon rather /etc/rc.local. Revision Q: Administrative access now automatically configured for eth0's ip address on first boot. Revision P: Postfix seems in tests to be configured to work and send mail from the Psiphon interface. Revision N: User creates Psiphon admin password on first boot! yay. Revision M - Creation of db user and password, creation of cert, MySQL root password all created on first boot. /usr/local/bin has a script for reconfiguring postfix (cause I sure am having no success with it: mailconf.sh). Webmin modules for Apache2, postfix, phpini, and mysql are included.
- Configure webmin for the custom apache and php installations
- phpmyadmin - can't figure out how to get it working without conflicting somehow with a the oddball apache2 psiphon compiles from source. I tried installing from source, tried from the package manager, but it just wasn't working. Strike it. Seems unnecessary.
Postfix - Psiphon has a feature to mail out invitations to use the proxy (individualized urls). I can't get mail out. hrmph
- Mysql - I'd have liked to patch the mysql appliance, but MySQL on the appliance had problems importing one of the sql files as scripted. It returned something along the lines of "key too long". I researched and found solutions, but they didn't help in this case. So I went with what the devs called for.
The devs intended administrators to start with the user name "admin" and the password "admin." Immediately after logging in for the first time, it has the user change the password and set the email. I realize we're trying to avoid default passwords, but ... I need a break before I take on hash and salt and python.
- The first proxy configured is for 127.0.0.1. I'd love for a proxy to be dynamically generated, using whatever voodoo confconsole uses to grab the ip, and then adding it to the MySQL psiphon.proxy table. But that is far beyond my grasp. Update: Now configures management proxy for eth0's ip address on first boot. Now, how to make it do that when the ip changes? Update: now checks on every boot and reconfigures admin access as necessary.
Usage Notes: Apply the patch to Core 11.1. (Consider changing the host name in the conf script - "psiphon" is a bit revealing perhaps.) On first boot, set root password, psiphon mysql password, mysql root password, and run security updates. Before version Q, The only way to access Psiphon was from localhost. 1 strategy is to use lynx: lynx https://127.0.0.1/001/. Another strategy is to add a proxy to the proxy table in the psiphon database - perhaps using Webmin. Both have worked for me.
Upon access, enter user admin and password admin. Upon access, enter username admin and the password you created on first boot. Read notification of what Psiphon does and does not do. After accepting, you'll be asked to change the password for user admin and to set an email address (Psiphon recommends a nice, anonymous gmail account).
This was quite a struggle for me, and is contrary to TurnKey best practice in several ways (default passwords, applications from source, etc. However, I was compelled by my own mission and by Psiphon's compelling mission to make this available. Unfortunately, it looks like a lot of people can benefit from access to an anonymous proxy right now. I certainly wish that weren't the case.