Untochat

Secure and Anonymous Chat Infrastructure

Introduction

The initial Untochat release based on Fedora 28 happened back in October 2018. Thinking about it now, we still think that the system was all right considered from a strictly technical point of view, and hence the basic structure of Untochat remains largely unchanged. It still uses Fedora, Tor, SELinux, modified IRC software, and its own restricted shell. Simplicity is what we strive for, but that is not always possible when trying to maximize security and anonymity.

Unfortunately the initial release suffered from one major drawback: Even though we had semi-automated the installation procedure with a customizable kickstart file and Ansible tasks, it required too much expertise to be practical. Having worked intensely on the Untochat project trying to get the system itself as secure and anonymous as possible, we did not pay enough attention to the installation procedure. The initial Fedora 28 based installation procedure is almost embarrassing, because like we already admitted, it just expects way too much from the casual users.

The goal of Untochat is to serve as many people as possible, so something had to done about it.

As of now (May 6th, 2019) Fedora 30 is already out, and Fedora 28 is nearing the end of its support cycle, we were forced to re-think Untochat's installer. We are happy to announce that the installation procedure is now very much easier than before. Instead of requiring many steps from the users, we now offer a bootable ISO-image file that can be used for installing Untochat to the hard drive.

The ISO-image boots as Live Linux (modified Fedora Xfce Spin), but we do not support running Untochat from the Live Image. It just might work, but we think all changes (i.e. user database) will not persist. The recommended way of installing Untochat is to:

We recommend using virtual guest machine for running Untochat. The host machine can be Linux, *BSD, macOS, or even Windows. Oracle's VirtualBox is a free virtualization tool that anyone can use. QEMU + KVM + libvirt is also a good combination on Linux hosts.

Technical documentation

When Untochat was first released, we also published pretty comprehensive documentation describing its chat infrastructure. The document was called Building a secure chat infrastructure. The good news is that it is still mostly valid except for the section 6. Applying theory into practice. The new ISO-image based installation procedure makes the old Fedora 28 related installation instructions completely obsolete. But if you are interested in the Untochat system overview and technical details, then we recommend reading that document.

Future plans

From now on, Untochat releases will be Fedora Remixes with custom software and configurations added. We have absolutely no intention to go through any formal Red Hat procedures to become an "official" Spin. Untochat will be a special-purpose chat infrastructure and Untochat releases will follow Fedora releases. For example, Untochat based on Fedora 30 will be called Untochat 30, and so on.


Untochat 30 changes


Installing Untochat 30

Obtaining Unto Sten's GPG public key

Let's get started with the installation and configuration. Use GNU Privacy Guard gpg to find Unto Sten's GPG public key. You need it to verify files. Issue command:

gpg --keyserver pgp.mit.edu --search-keys sten.unto@gmail.com

You should see a reply like the following. Type Q to quit.

gpg: searching for "sten.unto@gmail.com" from hkp server pgp.mit.edu
(1) Unto Sten <sten.unto@gmail.com>
4096 bit RSA key 4D26FE36, created: 2018-08-02
Keys 1-1 of 1 for "sten.unto@gmail.com". Enter number(s), N)ext, or Q)uit >

Download and import Unto's public key:

gpg --keyserver pgp.mit.edu --recv-keys 4D26FE36

Reply should be like:

gpg: requesting key 4D26FE36 from hkp server pgp.mit.edu
gpg: /home/kalevi/.gnupg/trustdb.gpg: trustdb created
gpg: key 4D26FE36: public key "Unto Sten <sten.unto@gmail.com>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

NOTE: If you do not have PGP/GPG software, you can verify the Untochat installation ISO-image by comparing SHA1 and SHA256 hashes, but be warned: DOING SO COULD BE LESS SECURE! Always use the PGP/GPG verification method when possible!

Downloading and verifying installer ISO-image

Download:

If you have no PGP/GPG software, download SHA1 and SHA256 hashes:

PGP/GPG verification:

gpg --verify untochat-30-1.iso.asc untochat-30-1.iso

Expect to see a reply like this:

gpg: Signature made Mon 06 May 2019 05:36:37 PM EEST
gpg: using RSA key 2714E1D3A85254E87D938758988ED9904D26FE36
gpg: Good signature from "Unto Sten <sten.unto@gmail.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2714 E1D3 A852 54E8 7D93 8758 988E D990 4D26 FE36

You can ignore the "This key is not certified with a trusted signature!" warning. It means only that nobody has signed our key.

WARNING! IF THE SIGNATURE VERIFICATION FAILS, FIRST CHECK YOUR gpg --verify COMMAND. IT IS A COMMON MISTAKE TO GIVE THE FILENAMES IN A WRONG ORDER.

IF THE COMMAND IS CORRECT AND VERIFICATION STILL FAILS, DO NOT USE THE INSTALLER!

If you use hash verification instead of PGP/GPG, on Linux, *BSD or macOS, you can do:

diff <(cut -d' ' -f1 SHA1SUM-untochat-30-1) <(sha1sum untochat-30-1.iso | cut -d' ' -f1) && echo SAFE || echo DANGEROUS

diff <(cut -d' ' -f1 SHA256SUM-untochat-30-1) <(sha256sum untochat-30-1.iso | cut -d' ' -f1) && echo SAFE || echo DANGEROUS

Installing

We recommend that you use VirtualBox or some other virtualization technology. We use QEMU + KVM + libvirt on Linux. It is a good choice to run Untochat in a dedicated guest virtual machine that you can destroy anytime at will. Remember that while running Untochat straight from ISO-image's Live Linux might work, it is not supported.

Due to some strange bug, at least VirtualBox 6.0.6 is painfully slow to boot Untochat with its default graphics controller. It can take between 10-30 minutes, so the problem is serious. Until the bug is fixed, choose Settings, then Display and change Graphics Controller to type VBoxSVGA.

Recommended resources for the Untochat guest virtual machine:

Next:

After succesful installation to hard drive, restart your guest virtual machine with ISO-image removed. When Untochat is up and running, login to Xfce desktop. Then open a terminal window and issue command:

sudo untochat-enable-firewall

This manual step is necessary because Red Hat's Anaconda installer gets stuck if firewalld is in a disabled state.

Untochat Administration

See section 7. Untochat administration in document Building a secure chat infrastructure and section 8.2.2 tor daemon for configuring Untochat as Tor Onion Service.

Good luck and have fun.


Kalevi Kolttonen <kalevi@kolttonen.fi>
Unto Sten <sten.unto@gmail.com>
Helsinki, Finland
May 6th, 2019

Brought to you by Ciconia