Return | |
##115 2021-02-07(Sun)17:36:24 (archived 2021-08-11(Wed)09:00:30) | |
_____________________________________________________________________ | |
Wut r the security standards for gopher? | |
_____________________________________________________________________ | |
__[2021-02-11(Thu)02:21:45 #1091]_____________________________________ | |
there are none | |
__[2021-02-15(Mon)00:08:04 #1093]_____________________________________ | |
#1091 said: | |
>there are none | |
So everything is being sent totally clear text? lol. | |
__[2021-02-15(Mon)09:02:36 #1095]_____________________________________ | |
Yes, gopher is an old protocol so it doesn't have any encryption | |
by default | |
__[2021-02-16(Tue)02:10:32 #1099]_____________________________________ | |
#1095 said: | |
>Yes, gopher is an old protocol so it doesn't have any encryption | |
>by default | |
Ideas for midigation? I already use lokinet, but, just out of | |
curiosity. SSH? Or is that stupud? | |
__[2021-02-16(Tue)20:04:34 #1100]_____________________________________ | |
Probably Gooher wrapped over TLS 1.3 would be ideal. Any software | |
patches/plugins for this? I use Motsognir as server. | |
__[2021-02-17(Wed)08:15:20 #1102]_____________________________________ | |
How about this? | |
__[2021-02-17(Wed)10:07:19 #1103]_____________________________________ | |
#1102: Any details on its specifications or how it is implemented | |
server-side? | |
__[2021-02-17(Wed)22:47:06 #1104]_____________________________________ | |
some holes have TLS. others use for, running gopher onion sites. | |
__[2021-02-18(Thu)02:49:23 #1106]_____________________________________ | |
#1104: Yeah, though I wanna know how to set up TLS for my gopher | |
server? | |
__[2021-02-18(Thu)08:42:06 #1108]_____________________________________ | |
The SSL here on port 105 is just a stunnel proxy. There's some | |
issues if you want both secured and unsecured, because gopher "links" | |
are absolute including the port, but with the right server/scripts | |
that can be fixed. | |
__[2021-02-18(Thu)08:46:58 #1109]_____________________________________ | |
# xinetd | |
service ssl-gopher | |
{ | |
flags = IPv6 | |
socket_type = stream | |
wait = no | |
user = bucktooth | |
server = /usr/bin/stunnel | |
server_args = /etc/stunnel/buckd.conf | |
} | |
# buckd.conf | |
exec = /usr/local/bin/buckd_ssl | |
cert = /path/to/ssl/cert | |
key = /path/to/ssl/key | |
buckd_ssl is just the Bucktooth server script modified to use port | |
105 as the default instead of 70, but still points to the same | |
gopher root directory as the normal one. | |
__[2021-02-18(Thu)11:26:50 #1110]_____________________________________ | |
So just run the gopher connection via stunnel? Can I do this with | |
Motsognir or Gophernicus? | |