FRONTED-MEEK

[kurniawan]

Hi

what is FRONTED-MEEK capabilities?

if i make psiphon private server, will my server have this capabilities?

thanks

[Adam Kruger]

Hi. You can read about meek and fronting here: https://trac.torproject.org/projects/tor/wiki/doc/meek

You can find our fork of meek-server and meek-client here: https://bitbucket.org/psiphon/psiphon-circumvention-system/src/default/go/?at=default

If you want to front your own private server, you will need to obtain your own fronting service (ie. a CDN).

If you simply want to encapsulate the obfuscated SSH protocol in HTTP, and don't need a front, you can make an UNFRONTED-MEEK server.

--
You received this message because you are subscribed to the Google Groups "psiphon3-developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-develo...@googlegroups.com.
To post to this group, send email to psiphon3-...@googlegroups.com.
Visit this group at http://groups.google.com/group/psiphon3-developers.
For more options, visit https://groups.google.com/d/optout.

[kurniawan]

i'd like to use a248.e.akamai.net like psiphon. can you tell me how to do this?

On Friday, August 29, 2014 1:31:58 AM UTC+8, A Kruger wrote:

Hi. You can read about meek and fronting here: https://trac.torproject.org/projects/tor/wiki/doc/meek

You can find our fork of meek-server and meek-client here: https://bitbucket.org/psiphon/psiphon-circumvention-system/src/default/go/?at=default

If you want to front your own private server, you will need to obtain your own fronting service (ie. a CDN).

If you simply want to encapsulate the obfuscated SSH protocol in HTTP, and don't need a front, you can make an UNFRONTED-MEEK server.

On Thu, Aug 28, 2014 at 1:18 PM, kurniawan <danab...@gmail.com> wrote:

Hi

what is FRONTED-MEEK capabilities?

if i make psiphon private server, will my server have this capabilities?

thanks

--
You received this message because you are subscribed to the Google Groups "psiphon3-developers" group.

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-developers+unsub...@googlegroups.com.

[Adam Kruger]

Roughly, these are the steps:

- obtain an Akamai service contract (see the tor meek wiki for info on Akamai resellers)

- configure your Akamai account to map a hostname to your private server's IP address

- run meek-server and the obfuscated sshd on your private server

- run meek-client and plonk, connecting to akamai and passing your hostname into the host header

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-develo...@googlegroups.com.

[kurniawan]

thank you very much :)

On Friday, August 29, 2014 3:13:24 AM UTC+8, A Kruger wrote:

Roughly, these are the steps:

- obtain an Akamai service contract (see the tor meek wiki for info on Akamai resellers)

- configure your Akamai account to map a hostname to your private server's IP address

- run meek-server and the obfuscated sshd on your private server

- run meek-client and plonk, connecting to akamai and passing your hostname into the host header

On Thu, Aug 28, 2014 at 2:07 PM, kurniawan <danab...@gmail.com> wrote:

i'd like to use a248.e.akamai.net like psiphon. can you tell me how to do this?

On Friday, August 29, 2014 1:31:58 AM UTC+8, A Kruger wrote:

Hi. You can read about meek and fronting here: https://trac.torproject.org/projects/tor/wiki/doc/meek

You can find our fork of meek-server and meek-client here: https://bitbucket.org/psiphon/psiphon-circumvention-system/src/default/go/?at=default

If you want to front your own private server, you will need to obtain your own fronting service (ie. a CDN).

If you simply want to encapsulate the obfuscated SSH protocol in HTTP, and don't need a front, you can make an UNFRONTED-MEEK server.

On Thu, Aug 28, 2014 at 1:18 PM, kurniawan <danab...@gmail.com> wrote:

Hi

what is FRONTED-MEEK capabilities?

if i make psiphon private server, will my server have this capabilities?

thanks

--
You received this message because you are subscribed to the Google Groups "psiphon3-developers" group.

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-developers+unsubscribe...@googlegroups.com.

To post to this group, send email to psiphon3-...@googlegroups.com.

Visit this group at http://groups.google.com/group/psiphon3-developers.
For more options, visit https://groups.google.com/d/optout.

[Francis]

how about we use cloudflare as a CDN? are we required to upgrade to use it? or just the free one would be enough? trying to setup my own fronted meek using cloudflare but no luck stack in connecting only... any tutorials for using cloudflare in my private server?

On Friday, August 29, 2014 3:13:24 AM UTC+8, A Kruger wrote:

Roughly, these are the steps:

- obtain an Akamai service contract (see the tor meek wiki for info on Akamai resellers)

- configure your Akamai account to map a hostname to your private server's IP address

- run meek-server and the obfuscated sshd on your private server

- run meek-client and plonk, connecting to akamai and passing your hostname into the host header

On Thu, Aug 28, 2014 at 2:07 PM, kurniawan <danab...@gmail.com> wrote:

i'd like to use a248.e.akamai.net like psiphon. can you tell me how to do this?

On Friday, August 29, 2014 1:31:58 AM UTC+8, A Kruger wrote:

Hi. You can read about meek and fronting here: https://trac.torproject.org/projects/tor/wiki/doc/meek

You can find our fork of meek-server and meek-client here: https://bitbucket.org/psiphon/psiphon-circumvention-system/src/default/go/?at=default

If you want to front your own private server, you will need to obtain your own fronting service (ie. a CDN).

If you simply want to encapsulate the obfuscated SSH protocol in HTTP, and don't need a front, you can make an UNFRONTED-MEEK server.

On Thu, Aug 28, 2014 at 1:18 PM, kurniawan <danab...@gmail.com> wrote:

Hi

what is FRONTED-MEEK capabilities?

if i make psiphon private server, will my server have this capabilities?

thanks

--
You received this message because you are subscribed to the Google Groups "psiphon3-developers" group.

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-developers+unsubscribe...@googlegroups.com.

To post to this group, send email to psiphon3-...@googlegroups.com.

Visit this group at http://groups.google.com/group/psiphon3-developers.
For more options, visit https://groups.google.com/d/optout.

[Francis]

and one more thing about the installation meek server and ossh... they are at same server or different server?

[Adam Kruger]

Hi. The free CloudFlare account should work (now that even free accounts get SSL). The basic functionality is described here: https://trac.torproject.org/projects/tor/wiki/doc/meek#CloudFlare

Your meek-server should be running on port 443 in TLS mode. If you have meek-server running, you can add LogFilename to the config so that you can monitor inbound test connections.

In your CloudFlare account, configure one hostname to map to your meek-server IP address. Then you can test fronting with wget:

wget -d --no-check-certificate https://cloudflare.com/ --header="Host: <your hostname>"

If your fronting is correctly set up, you should see an error show up in your meek-server log, something like "Invalid GET request".

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-develo...@googlegroups.com.

[Adam Kruger]

On Thu, Oct 23, 2014 at 9:14 AM, Francis <mp3s...@gmail.com> wrote:

and one more thing about the installation meek server and ossh... they are at same server or different server?

They should be on the same server. I think they can be on different servers, but haven't tested that. 

[Francis]

there is no other configuration after setting you own meek server version?

[Francis]

also is apache or nginx required for the server? after running meek.exe and plonk (psiphon version) its giving me 521 error and if i install apache or nginx it give 404 error this error can be seen on the client generated by meek.exe

[Adam Kruger]

On Thu, Oct 23, 2014 at 9:54 AM, Francis <mp3s...@gmail.com> wrote:

there is no other configuration after setting you own meek server version?

Are you asking about the CloudFlare configuration? You might want to disable all security settings.

[Adam Kruger]

On Thu, Oct 23, 2014 at 10:07 AM, Francis <mp3s...@gmail.com> wrote:

also is apache or nginx required for the server? after running meek.exe and plonk (psiphon version) its giving me 521 error and if i install apache or nginx it give 404 error this error can be seen on the client generated by meek.exe

No, you do not need to run any web server. You should have meek-server listening on port 443, and your obfuscated ssh server running on any other port. Cloudflare will connect directly to meek-server.

[Francis]

still no luck im trying to connect the meek.exe client will generate an error "error in handling request: status code was 521, not 200" when i check meek server log it's empty...

[Adam Kruger]

First make sure that CloudFlare is forwarding your requests to your meek-server. You can use wget or curl, and you should see something (an error) appear in the meek-server log.

Once you're sure that the forwarding is working, if you are still seeing problems, you'll have to carefully check your plonk command line options.

--

You received this message because you are subscribed to the Google Groups "psiphon3-developers" group.

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-develo...@googlegroups.com.

[Francis]

all sorted now thanks...

On Thursday, October 23, 2014 11:07:24 PM UTC+8, A Kruger wrote:

First make sure that CloudFlare is forwarding your requests to your meek-server. You can use wget or curl, and you should see something (an error) appear in the meek-server log.

Once you're sure that the forwarding is working, if you are still seeing problems, you'll have to carefully check your plonk command line options.

On Thu, Oct 23, 2014 at 10:31 AM, Francis <mp3s...@gmail.com> wrote:

still no luck im trying to connect the meek.exe client will generate an error "error in handling request: status code was 521, not 200" when i check meek server log it's empty...

On Thursday, October 23, 2014 10:10:25 PM UTC+8, A Kruger wrote:

On Thu, Oct 23, 2014 at 10:07 AM, Francis <mp3s...@gmail.com> wrote:

also is apache or nginx required for the server? after running meek.exe and plonk (psiphon version) its giving me 521 error and if i install apache or nginx it give 404 error this error can be seen on the client generated by meek.exe

No, you do not need to run any web server. You should have meek-server listening on port 443, and your obfuscated ssh server running on any other port. Cloudflare will connect directly to meek-server.

--

You received this message because you are subscribed to the Google Groups "psiphon3-developers" group.

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-developers+unsub...@googlegroups.com.

[Francis]

what compiler to use to compile your version of plonk inside the potty-61 folder?

On Thursday, October 23, 2014 11:07:24 PM UTC+8, A Kruger wrote:

First make sure that CloudFlare is forwarding your requests to your meek-server. You can use wget or curl, and you should see something (an error) appear in the meek-server log.

Once you're sure that the forwarding is working, if you are still seeing problems, you'll have to carefully check your plonk command line options.

On Thu, Oct 23, 2014 at 10:31 AM, Francis <mp3s...@gmail.com> wrote:

still no luck im trying to connect the meek.exe client will generate an error "error in handling request: status code was 521, not 200" when i check meek server log it's empty...

On Thursday, October 23, 2014 10:10:25 PM UTC+8, A Kruger wrote:

On Thu, Oct 23, 2014 at 10:07 AM, Francis <mp3s...@gmail.com> wrote:

also is apache or nginx required for the server? after running meek.exe and plonk (psiphon version) its giving me 521 error and if i install apache or nginx it give 404 error this error can be seen on the client generated by meek.exe

No, you do not need to run any web server. You should have meek-server listening on port 443, and your obfuscated ssh server running on any other port. Cloudflare will connect directly to meek-server.

--

You received this message because you are subscribed to the Google Groups "psiphon3-developers" group.

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-developers+unsub...@googlegroups.com.

[Adam Kruger]

Hi. Try using Visual Studio Express.

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-develo...@googlegroups.com.

[Francis]

what version of visual studio express did you use if you don't mind?

On Friday, October 24, 2014 11:03:29 PM UTC+8, A Kruger wrote:

Hi. Try using Visual Studio Express.

On Fri, Oct 24, 2014 at 3:43 AM, Francis <mp3s...@gmail.com> wrote:

what compiler to use to compile your version of plonk inside the potty-61 folder?

On Thursday, October 23, 2014 11:07:24 PM UTC+8, A Kruger wrote:

First make sure that CloudFlare is forwarding your requests to your meek-server. You can use wget or curl, and you should see something (an error) appear in the meek-server log.

Once you're sure that the forwarding is working, if you are still seeing problems, you'll have to carefully check your plonk command line options.

On Thu, Oct 23, 2014 at 10:31 AM, Francis <mp3s...@gmail.com> wrote:

still no luck im trying to connect the meek.exe client will generate an error "error in handling request: status code was 521, not 200" when i check meek server log it's empty...

On Thursday, October 23, 2014 10:10:25 PM UTC+8, A Kruger wrote:

On Thu, Oct 23, 2014 at 10:07 AM, Francis <mp3s...@gmail.com> wrote:

also is apache or nginx required for the server? after running meek.exe and plonk (psiphon version) its giving me 521 error and if i install apache or nginx it give 404 error this error can be seen on the client generated by meek.exe

No, you do not need to run any web server. You should have meek-server listening on port 443, and your obfuscated ssh server running on any other port. Cloudflare will connect directly to meek-server.

--

You received this message because you are subscribed to the Google Groups "psiphon3-developers" group.

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-developers+unsubscribe...@googlegroups.com.

To post to this group, send email to psiphon3-...@googlegroups.com.
Visit this group at http://groups.google.com/group/psiphon3-developers.
For more options, visit https://groups.google.com/d/optout.

[Adam Kruger]

I think we used 2012 for the latest binaries checked into bitbucket.

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-develo...@googlegroups.com.

[Francis]

ok thanks, how about visual studio 2012 ultimate edition?

[Adam Kruger]

Hi. I'm sure that should work. Did you try it?

To unsubscribe from this group and stop receiving emails from it, send an email to psiphon3-develo...@googlegroups.com.

[Francis]

all working fine now... i now have my own fronted-meek server and my own compiled plonk.exe... thanks...