可能不少人听说过chaosvpn这个东西,还有相关的其他东西比如(.loky .clos 甚至Mariana)但是转了一圈除了网上传的玄之又玄的都市传说之外没有发现有价值的中文资料…

ChaosVPN配置方法

//*ChaosVPN是一个连接黑客和黑客空间的工具,以及。。进入某些网络的前置条件

简单介绍一下配置方法,以及可能遇到的错误和解决方法:

以下操作均在Linux下完成

测试采用的是Parrot OS

安装依赖 

apt-get install tinc iproute2
apt-get install build-essential git bison flex libssl-dev zlib1g-dev debhelper devscripts

//如果tinc已经自带可以直接跳过安装,可能会遇到错误: 

E: 软件包 bison 没有可安装候选

不影响,继续

添加chaosvpn的软件源: 

vi /etc/apt/sources.list:

添加: 

deb http://debian.sdinet.de/ stable chaosvpn
deb-src http://debian.sdinet.de/ stable chaosvpn

然后 

apt-get update

可能会提示GPG 错误

ChaosVPN 

 apt-get install chaosvpn

如果提示错误无法安装

ChaosVPN 

 vi /etc/apt/sources.list

添加: 

 deb http://security.debian.org/debian-security wheezy/updates main

安装之前缺失的依赖 

 apt-get update apt-get install libssl1.0.0

然后 

apt-get install chaosvpn

安装完成后

进行tinc和chaosvpn的对接操作 

mkdir -p /etc/tinc/chaos
tincd --ne=chaosvpn --generate-keys=2048

可能会提示 

 Error opening file `/etc/tinc/=chaosvpn/rsa_key.priv': No such file or directory

输入 

mkdir /etc/tinc/chaos/ecdsa_key.priv

再执行 

tincd --ne=chaosvpn --generate-keys=2048

两次选择路径保存公钥和私钥(写信时候需要) 

![A7]8VENV}T8$127UB9%GMJ.png

之后: 

vi /etc/tinc/chaosvpn.conf

修改参数 

$ my_vpn_ip = 172.31<your Subnet>。[1-255]

只能使用a-z,0-9和下划线

ip地址要改为172.31.x.x

保存退出,到此配置文件结束。

ChaosVPN

ps:你要加入chaosVPN还必须写一封介绍信来表明你的动机,发送邮件到 

chaosvpn-join@hamburg.ccc.de

如果成功加入,在终端输入chaosvpn,可以看一些信息(由于我懒得写介绍信了这里就不截图了有兴趣同学可以自己搞)

介绍信的内容为: 

[<nodename>]

sponsor= # Name a person/nickname/nodename or organisation/hackerspace already on ChaosVPN that will # vouch for you getting access. gatewayhost=<clienthost> # This should be the external hostname or ip address of the client host, not a VPN address. # If the client is not reachable over the internet leave it out and set hidden=1 below. # If possible supply a hostname (even dyndns) and not an ip address for easier changing # from your side without touching the central config. network=<ipv4 subnet in the vpn>
network6=<ipv6 subnet in the vpn> # (mandatory, must include) # this may be more than one, IPv4 or IPv6, network6 with  IPv6 is optional # # These subnets must be unique in our vpn, # simply renumber your home network (or use something like NETMAP) with a network block that is still free. # # Please use the list of assigned networks on ChaosVPN:IPRanges, and add yourself there. owner= # (mandatory, must include) # Admin of the VPN gateway, with email address - a way to contact the responsible # person in case of problems with your network link. port=4712 # (optional) # if not specified tinc works on tcp+udp port 655 # it is better if everyone chooses a random port for this. # either this specified port or port 655 should accept TCP and UDP traffic from internet. hidden=0 # (optional) # "I cannot accept inbound tunnel connections, I can only connect out." # (e.g. behind a NAT) silent=0 # (optional) # "I cannot connect out, but you can connect to me." # Only ONE of hidden=1 or silent=1 is possible.  Ed25519PublicKey=<something> # (optional) # tinc 1.1pre11+ only, contents of your /etc/tinc/chaos/ed25519_key.pub -----BEGIN RSA PUBLIC KEY-----
....
-----END RSA PUBLIC KEY----- # (mandatory) # rsa-public-key - contents of your /etc/tinc/chaos/rsa_key.pub

ps:你要删除那些#号开头的行,那些只是介绍。

最后

启动chaosvpn 

/etc/init.d/chaosvpn start

提示ok即代表启动成功

ChaosVPN

查看chaosvpn网络端口 

route -n

*本文作者:Akira