qubes + i2p

346 views
Skip to first unread message

J.M. Porup

unread,
Sep 23, 2015, 3:20:16 PM9/23/15
to qubes...@googlegroups.com
What is the optimum way to configure i2p in Qubes?

Except for a passing reference on qubes-devel from 2014, there is little
information on this subject.

If you've got a well-developed setup, would you mind sharing?

thanks
Jens

Anonymous

unread,
Nov 1, 2015, 6:45:50 PM11/1/15
to qubes-users


Bomp



I have some torrenting and media streaming activities that I would like to anonymize and secure using I2P. My goal is to set up an I2P ProxyVM and use it the same way that I use my Whonix-Gateways and VPN-VMs. My assumption on how to accomplish this, would be to use the TorVM instructions as a baseline, and then adjust it for the I2P router. Then in my AppVM, in my Torrent software proxy settings, I will point it at the I2P-VM address:port.

As the i2p network doesn't have "exit nodes", I assume that there is no such thing as transparent eepification.


Anyone have any information on any of this?

b.hick...@gmail.com

unread,
Jan 11, 2016, 9:37:05 PM1/11/16
to qubes-users

I think you will find using a TorVM template is an incorrect approach. The i2p network does not use standard ports. Basically, i2p is a closed network that (ideally) uses no exit nodes. I've been using i2p for some time and the following seems reasonable to me:

1. I use a dedicated AppVM based on the Debian template with Oracle Java 8 and the unlimited JCE policy for Oracle Java 8. Using Debian allows me to avoid the Fedora issue with ECDSA signatures (still unsupported out the box last I checked) and Unlimited JCE policy helps with enabling SSL in the i2p interface. *This version of Java is recommended by the Freenet Project, as well.*

2. You can use Tor Browser. You can disable vidalia at Tor Browser startup using a config file. I don't know how easily that will apply to Qubes and it's workings. If you do this. you can set the proxy settings to what i2p needs, there is a plugin in i2p to enable Tor. It is called Orchid, I think.

2a. Or, use FoxyProxy as an add-on with Tor Browser. There is a custom script if you do not know how to build one floating around reddit.

3. In the AppVM firewall, feel free to disable DNS requests. Make sure to forward your ports. BOTH TCP and UDP.

BTW, torrent software has to be i2p-aware to use the i2p net. Unless you use Vuze or an experimental Transmission client (that I believe is now quite old) you should stick to an i2p-only client.

Reply all
Reply to author
Forward
0 new messages