Opened 7 years ago

Last modified 5 years ago

#731 accepted defect

Multi user support

Reported by: DISABLED Owned by: zzz
Priority: minor Milestone:
Component: apps/console Version: 0.9.2
Keywords: multi user unix linux Cc:
Parent Tickets: Sensitive: no

Description

If two users are using the same system at the same time, they both use the same i2p console. This means that they cannot keep, for example, their torrents and bote keys separate. All user's torrents will go into the first user's home directory, and there is no anonymity between users. i realise that this is probably a long term goal, but better multi user support would really be a plus for adoption on, for example, VPS's for hosting and in other places. if you cannot trust the other users of the system, then what you do isn't anonymous as they can capture it before it is proxied through i2p.

Subtickets

Change History (10)

comment:1 Changed 7 years ago by Eche|on

Milestone: 0.9.30.9.4

comment:2 Changed 7 years ago by zzz

Component: unspecifiedapps/console

You mean when I2P is running as a service, or each user running their own?

If each is running their own, then they each have their own directories for torrents and bote.

Console port definitely a problem. At the least we need it to retry on a different port if that's busy. Make sure we use the PortMapper? code to find the current console port.

Some sort of simple config to set up passwords, port switching, etc on multiple-user systems would be good.

comment:3 Changed 7 years ago by zzz

todo:

  • retry on different port in RouterConsoleRunner?
  • UrlLauncher? gets actual console port from PortMapper? and magically substitutes
  • Change I2CP port conflict so it isn't a fatal error any more since most clients are internal; either fall back to random port, or disable, or even disable by default
  • Set I2CP password by default
  • make a PasswordManager? to salt and hash passwords, don't store plaintext passwords in router.config; make a configpasswords.jsp page

what else?

comment:4 Changed 7 years ago by zzz

Owner: set to zzz
Status: newaccepted

some progress:

PasswordManager? implemented in i2p.i2p.zzz.test branch.

Jetty passwords moved to MD5 a la RFC 2617.

Console password form added to /configui

I2CP passwords moved to salted SHA-256 hash.

what else? HTTP Proxy password moved from basic to digest, and port retry

comment:5 Changed 7 years ago by zzz

HTTP and CONNECT proxies converted to RFC 2617 digest authentication in i2p.i2p.zzz.test

comment:6 Changed 7 years ago by zzz

Milestone: 0.9.40.9.5
  • Digest auth and /configui password form in 0.9.3-1. Ticket #652 is related.

To do still:

  • I2CP PW and port conflicts
  • HTTP proxy port conflicts
  • Eepsite port conflicts
  • Console port conflicts

comment:7 Changed 7 years ago by str4d

Milestone: 0.9.5

comment:8 Changed 5 years ago by zzz

Priority: majorminor

comment:9 Changed 5 years ago by str4d

Related: #1149

comment:10 Changed 5 years ago by user

what if it is running as a service?
Shouldn't in theory the service just provide a service (as the name suggests), like anonymous downloads, but the actual downloaded data is user data ….
Maybe too hard. Likely not really an issue. How many people use i2p on multiuser systems?

Note: See TracTickets for help on using tickets.