i2p for UNIX

The following page contains a detailed guide for installing and configuring the software, required to connect a UNIX computer to the invisible internet project, i2p.

  1. Background
  2. Install
  3. Configure

Background

A brief description: i2p is an implementation of an anonymous, de-centralized network. Over a single layer, applications transmit anonymous and secure messages to one other. All communications are encrypted end-to-end, and 4 layers of encryption surround the sending and receiving of messages. A client application uses its own i2p router to lay-down a number of in-bound and out-bound tunnels to other applications, and these peer-applications transmit messages to/from the client. Each peer on the i2p network selects the length of its tunnels. The longer the tunnel, the greater the anonymity but the higher the latency and the lower the throughput. Hence, there's an inverse relationship between anonymity and latency AND throughput. Initially - when a client attempts to contact its peers, a distributed hash table (DHT), containing the details of connected peers, is queried - but no further queries are required to establish subsequent connections. So, i2p queries - for bringing about connections - differ both from Tor's hidden services and clearnet DNS.

i2p is rumored to have a higher network latency but to be more capable of preserving a user's anonymity than Tor's hidden services. However - regarding the latter point, there's fierce dispute. On i2p, peers communicate over numerous protocols, including http, IRC and BitTorrent. Finally, i2p domains are assigned the pseudo (non-world routable) Top Level Domain (TLD) of .i2p, and - to connect to them, a proxy is required.

For a technical description of i2p, consult: https://geti2p.net/docs.

Installation

First - with the package manager of your operating system, install a Java Runtime Environment. It's best to install the JRE system-wide (but not the i2p router, below). IcedTea JRE 7, OpenJDK JRE 7 or non-free Oracle JRE 7 function quite well. Avoid any version less than 6.

Grab the latest Linux/BSD, i2p router installer: https://geti2p.net/download.

Install it as a non-root user. A GUI utility will be brought up. The command is:

$ java -jar i2pinstall_X.X.XX.jar

Follow the prompts, but change "the installation path" to your $HOME/i2p, as pictured below.

is

After executing the following command, the i2p router will start, and the "I2P ROUTER CONSOLE" will pop up in your default browser.

$ ~/i2p/i2prouter start

note
If the i2prouter does not start due to a "**Failed to load the wrapper**" error, execute the command below to bring up i2p. (Follow this link for an explanation on how to compile a compatible wrapper - as a viable, permanent solution.)

$ ~/i2p/runplain.sh

Configuration

Firewall

At the firewall, open a non-privileged port (i.e. choose one in the 8000-30000 range) for BOTH TCP and UDP traffic. For security reasons, never disclose this port number to anyone. If your machine is connected to a LAN, you will need to open up the port and forward it to the IP address of your LAN machine.

i2p port configuration

In a browser, bring up the Network Configuration page: http://localhost:7657/confignet.

Under "IP and Transport Configuration", change the "UDP port" and the "Externally reachable TCP port" to the port number you've selected above.

Browser

Configure your browser to use the built-in, http proxy. This proxy lives on the address of 127.0.0.1 bound to port 4444.

For chrome - on the command-line, the command is:

$ google-chrome --proxy-server="http://127.0.0.1:4444" --proxy-bypass-list="localhost,127.0.0.1"

With Firefox, set up the http proxy in Preferences -> Advanced -> Connection -> Settings. Select "Manual Configuration", enter "127.0.0.1" into the "HTTP Proxy field" and set the "port" to "4444". Enter "localhost,127.0.0.1" in the "No Proxy for:" field.

Using a remote http proxy

If the http proxy resides on a remote machine (say, on your lan), it can be accessed by forwarding a local to remote port with ssh, then connecting to the remote port locally with Chrome or Firefox - using the same proxy configuration as above.

$ ssh -N -L 4444:127.0.0.1:4444 [email protected]_host


note
By configuring a browser for an i2p proxy, clearnet sites will not be reachable. To access both i2p and the clearnet and avoid using multiple browsers, look into privoxy.

Finally - in the footer and on this page are sets of links to i2p (eepsites) sites. Copy and paste a link's location into the address bar of (or click on a link in) your i2p-configured browser.

Further reading
https://geti2p.net/docs
http://killyourtv.i2p.us
http://how-to.linuxcareer.com/i2p-anonymity-for-the-masses
http://www.reddit.com/r/i2p