My friends and I have had for a long time the intention of creating our own not-megacorporation-based communications services (i.e. chat, video, etc). Today we got around to a first version of that, and since during the course of investigations leading to getting the server to work I saw people having trouble, I thought it might be worth posting my experience.
The basic characteristics of our chat server setup are:
- A dedicated machine as the SSH/Ytalk server (a Raspberry pi in our case)
- The server has a user account for every person taking part in the chat.
- Password logins are not allowed. Authentication is based on RSA identities.
- Chat activity actually takes place among SSH sessions within the server. That is, the chat is among local user accounts of the server.
I will try to be both concise but explicit enough so that you can reproduce our results. So, for the sake of the explanation, say we are three people wanting to chat: alice, bob and myself, luis. In my server, a raspberry pi, I start with the default user account pi, which has superuser priviledges. The base system is Debian 7.0. The procedure is divided in the following sections:
- Software installation and setup
- User accounts creation and configuration
- Trial of the chat server
Software installation and setup
- As usual, start by upgrading your system:
sudo apt-get update
sudo apt-get upgrade
- Now proceed with the actual packages. I include the SSH server for completeness:
apt-get will ask your confirmation on installing additional packages, in particular, openbsd-inetd and talkd. This is fine.
sudo apt-get install ytalk openssh-server
- Here comes the interesting part: The stock talkd configuration for inetd makes a few assumptions that impede ytalk working right after installation. First, we need to create a dummy user account, belonging to the tty group:
sudo usermod -a -G tty talkd
- Then you need to update the /etc/inetd.conf configuration file of inetd so that it invokes talkd in the proper way. The lines:
Must be turned into:
talk dgram udp wait nobody.tty /usr/sbin/in.talkd in.talkd
ntalk dgram udp wait nobody.tty /usr/sbin/in.ntalkd in.ntalkd
(Thanks to this bug report and this tutorial for their illuminating details!)
talk dgram udp4 wait talkd.tty /usr/sbin/in.talkd in.talkd
ntalk dgram udp4 wait talkd.tty /usr/sbin/in.ntalkd in.ntalkd
- For sanity, check that the file /etc/hosts assigns the IP address 127.0.0.1 to your hostname, which you can find in the file /etc/hostname.
- Finally enable inetd:
sudo service openbsd-inetd restart
- To disable password-based logins into the server, add/modify the following lines in your /etc/ssh/sshd_config file:
(Taken from this blog post). This will force all chat users (and the server owner as well!) to register their SSH public keys, putting them into their user’s ~/.ssh/authorized_keys file.
User accounts creation and configuration
- The machine owner will have to create the user accounts for each chat participant, and place their individual public keys into their home directories. The creation is very simple:
sudo adduser alice
- Then comes the registration of the user’s public key to enable logging into the server. The user (i.e. alice) needs to send the contents of its local ~/.ssh/id_rsa.pub file (the public key) to the server owner, through any means available (email, etc). The server owner then does:
sudo -u alice -i
chmod og-wrx ~/.ssh
vim/nano/emacs ~/.ssh/authorized_keys #The contents of the public key are inserted into this file
Trial of the chat server
Usage of the server is very simple: Log into the machine and do:
Your partner will receive a ytalk notification. To reply, your partner only needs to do:
And now both you and your partner will be chatting together. Pressing the escape key at any moment will bring up ytalk‘s menu. For more information, read the man pages.