08-21-2018, 03:02 AM
Decentralize common Fedora apps with Cjdns
<div style="margin: 5px 5% 10px 5%;"><img src="http://www.sickgaming.net/blog/wp-content/uploads/2018/08/decentralize-common-fedora-apps-with-cjdns.png" width="300" height="221" title="" alt="" /></div><div><p>Are you worried about a <a href="https://staltz.com/the-web-began-dying-in-2014-heres-how.html">few huge corporations controlling the web</a>? Don’t like censorship on centralized social media sites like facebook and twitter? You need to decentralize! The internet was designed to be decentralized. Many common activities, from social media to email to voice calls, don’t actually require a centralized service.</p>
<p><span id="more-22337"></span></p>
<p>The basic requirement for any peer to peer application is that the peers be able to reach each other. This is impossible today for most people using IP4 behind NAT (as with most household routers). The IP4 address space was exhausted over a decade ago. Most people are in “IP4 NAT Jail.”</p>
<p>Your device is assigned a private IP, and translated to the public IP by the router. Without port forwarding to a specific private IP, incoming TCP connections or UDP sessions can’t tell where to forward to, and are dropped. As a result, nothing can connect to your device. You must connect to various public servers to do anything. IP4 NAT Jail forces centralization.</p>
<p>The simplest solution to this problem is IPv6. However, most US consumer internet providers do not offer usable IPv6. For instance, if the IPv6 prefix changes every few days, the devices are not addressable except via a dynamic DNS server. Furthermore, on a mobile device like a laptop, most WiFi does not offer IPv6 either. So you can’t use <a href="https://en.wikipedia.org/wiki/Mobile_IP">Mobile IP6</a> to have a stable address.</p>
<p>You can work around this using a VPN like OpenVPN (included in Fedora) to a centralized server with a public IP4 — perhaps one you provide yourself by renting a Virtual Personal Server. But then packets to and from your device have to travel to and from the VPN server first. You can also use a tunnel broker like <a href="https://tunnelbroker.net/">he.net</a>.</p>
<p>If you and your peers already have stable IPv6 addresses, you can use these for the sample applications to be showcased. But most people need to use something else.</p>
<p>DNS is also essentially a centrally controlled service, so this article’s two sample applications avoid the use of DNS. Email and SIP applications have built-in address books that work just as well. Think of your stable IPv6 address as a “phone number.”</p>
<h2>IPv6 Overlay Mesh VPN with Cjdns</h2>
<p>The Cjdns package (included in Fedora) implements a <a href="http://www.fc00.org/">global IPv6 mesh</a> by connecting to several peers instead of a centralized server. Each node has a public/private key pair. The IPv6 is the truncated SHA512 hash of the public key, preventing spoofing.</p>
<ul>
<li>Packets are end to end encrypted — relays can be untrusted.</li>
<li>Packets are source routed, allowing seamless upgrades of and experimentation with routing algorithms. (This is safe thanks to anti-spoofing.)</li>
<li>The data for routing comes from a <a href="https://en.wikipedia.org/wiki/Distributed_hash_table">Distributed Hash Table</a> listing the peers of each node.</li>
<li>Peers can be explicitly configured as UDP tunnels, or auto-configured on ethernet via layer 2 protocol <i>0xfc00</i>.</li>
</ul>
<p>With Cjdns installed, you have a stable, “<a href="https://en.wikipedia.org/wiki/IP_address_spoofing">unspoofable</a>” (standard cryptographic caveats apply) IPv6 address that can be used with any IPv6 ready application. Your recipient must also use the Cjdns protocol, but this isn’t much of an obstacle since it’s easier to install Cjdns than convince US ISPs to provide usable IPv6.</p>
<h2>Install Cjdns</h2>
<p>To install and enable the Cjdns service persistently, run these commands:</p>
<pre>$ <strong>sudo dnf install cjdns cjdns-tools cjdns-selinux</strong> $ <strong>sudo systemctl enable --now cjdns</strong></pre>
<pre>$ <strong>peerStats</strong> 18:03:14:56:c2:1e v20.0000.0000.0000.0019.681v1s7k3af1q2cf09txpw309zdf4q0mn7mtq0wr544dz98stwr0.k ESTABLISHED in 6kb/s out 15kb/s LOS 8 "outer"</pre>
<p>This generates a <i>/etc/cjdroute.conf</i> file, pre-populated with random keys and passwords. If there’s already a Cjdns node on your LAN as above, you’re done. But more likely, there was no output from peerStats. In that case you now need to configure one or more UDP tunnels. First, you must discover the random UDP port used.</p>
<pre>$ <strong>sudo grep bind /etc/cjdroute.conf</strong> // Port to bind the admin RPC server to. "bind": "127.0.0.1:11234", "bind": "0.0.0.0:26041", "bind": "[::]:26041", // Alternatively bind to just one device "bind": "all",</pre>
<p>In this example, the random UDP port is 26041 for both IPv6 and IPv4. Your port will be different. Allow incoming sessions for this port.</p>
<pre>$ <strong>sudo firewall-cmd --zone=public --add-port=26041/udp</strong> success $ <strong>sudo firewall-cmd --runtime-to-permanent</strong> success</pre>
<p>Now you need to edit the config to add a peer. Hopefully, you are somewhat familiar with configs using <a href="https://www.tutorialspoint.com/json/json_syntax.htm">JSON syntax</a>. You must add an entry for a UDP peer using your favorite text editor, such as <em>vim</em>. Here is one provided on a VPS. Search for IPv4, and add the indicated stanza after <em>connectTo</em>, inside the braces:</p>
<pre>$ <strong>sudo vim /etc/cjdroute.conf</strong> "168.235.90.18:26041": { "login": "fedora", "password":"zvkxv604fqx0zn9trhw5hjxwp3u4v2u", "publicKey":"lhj54c2xnczfurpw42d0h1bvc4qquclb4dw72q50tc83ucmm9zt0.k", "peerName":"nyc.gathman.org" },</pre>
<p>For the changes to take effect, restart cjdns.</p>
<pre>$ <strong>sudo systemctl restart cjdns</strong> $ <strong>peerStats</strong> 168.235.90.18:26041 v20.0000.0000.0000.0017.lhj54c2xnczfurpw42d0h1bvc4qquclb4dw72q50tc83ucmm9zt0.k ESTABLISHED in 0kb/s out 0kb/s "nyc.gathman.org" $ <strong>ping h.sea.gathman.org</strong> PING h.sea.gathman.org(h.sea.gathman.org (fceb:7fc0:c62c:9cd9:2971:e3ff:aee2:6e08)) 56 data bytes 64 bytes from h.sea.gathman.org (fceb:7fc0:c62c:9cd9:2971:e3ff:aee2:6e08): icmp_seq=1 ttl=42 time=87.6 ms</pre>
<p>You can now ping any node in the global IPv6 mesh. CAUTION: All those nodes can now directly connect to your device. The default Fedora firewall will block all incoming connections be default — but be careful what you allow in. Be sure to consult <a href="https://src.fedoraproject.org/rpms/cjdns/blob/master/f/cjdns.README_Fedora.md">the package README</a> for additional security notes.</p>
<p>The <em>fedora</em> password to this <em>nyc</em> VPS may not be up indefinitely, so you need some more peers. Consult a <a href="https://github.com/hyperboria/peers">list of public peers</a> or peer with your Fedora friends.</p>
<h2>Decentralize Email applications</h2>
<p>You can decentralize almost any email client included in Fedora that supports IPv6, such as alpine or Thunderbird. This example uses <em>mailx</em>, a bare bones CLI mail client designed for teletypes. This makes configuration and use easy to show.</p>
<p>Similarly, you can use any of the MTAs supplied with Fedora, but this example uses <em>opensmtpd</em>, as it is simple, small, and secure. By default, opensmtpd stores incoming email in <i>/var/spool/mail</i>, which is perfect for personal decentralized use. You can, of course, use any mail store and client you prefer.</p>
<pre>$ <strong>sudo dnf install mailx opensmtpd</strong> $ <strong>cat >~/.mailrc <<EOF</strong> set from="mylogin@[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678] (Real Name)" set smtp=localhost EOF</pre>
<p>Of course, you need to use your own local login, IPv6 and name.</p>
<p>To receive email, you will need to edit the opensmtpd config in <i>/etc/opensmtpd/smtpd.conf</i>. Here is a sample. (Note this article may wrap some of the “preformatted” lines, so use your head):</p>
<pre># This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. # To accept external mail, replace with: listen on all listen on fc02:fefe:dead:beef:cafe:babe:1234:5678 hostname "[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678]" listen on localhost # If you edit the file, you have to run "smtpctl update table aliases" table aliases file:/etc/aliases # Uncomment the following to accept external mail for domain "example.org" #accept from any for domain "example.org" alias deliver to mbox accept from any for domain "[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678]" alias deliver to mbox accept for local alias deliver to mbox accept for any relay hostname "[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678]" </pre>
<p>Use your actual Cjdns IP, of course. When the opensmtpd config is ready, start it so you can receive emails. If your recipient is offline, opensmtpd stores your letter and retries periodically.</p>
<pre>$ <strong>sudo systemctl enable --now opensmtpd</strong> $ <strong>sudo firewall-cmd --zone=public --add-service=smtp</strong> $ <strong>sudo firewall-cmd --runtime-to-permanent</strong></pre>
<p>Now send the author a dex (decentralized) email:</p>
<pre>$ <strong>mailx -s "Fedora Article" \ "stuart@[IPv6:fcbc:b27:be6f:94dd:4225:792:c988:8ace]" <<EOF</strong> > Great article! > EOF</pre>
<p>That sends an email to the author’s <em>nyc</em> vps — so don’t be surprised if you get a reply!</p>
<p>Alpine is a full featured console email client. After you install and run it the first time, you can decentralize it by editing <i>~/.pinerc</i> and changing these basic config items:</p>
<pre># Sets domain part of From: and local addresses in outgoing. user-domain=[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678] # List of SMTP servers for sending mail. smtp-server=localhost</pre>
<h2>Decentralize SIP applications</h2>
<div id="attachment_22344" style="width: 310px" class="wp-caption alignnone"><img class="wp-image-22344 size-medium" src="http://www.sickgaming.net/blog/wp-content/uploads/2018/08/decentralize-common-fedora-apps-with-cjdns.png" alt="Linphone call screen" width="300" height="221" /></p>
<p class="wp-caption-text">Linphone call screen</p>
</div>
<p>Using Cjdns for your voice calls gives you privacy and authentication. You can use any sip client that supports IP6. This example uses the <em>linphone</em> app included in Fedora.</p>
<pre>$ <strong>sudo dnf install linphone</strong> $ <strong>sudo firewall-cmd --zone=public --add-service=sip --add-port=7078/udp --add-port=9078/udp</strong> $ <strong>sudo firewall-cmd --runtime-to-permanent</strong></pre>
<div id="attachment_22343" style="width: 310px" class="wp-caption alignright"><img class="wp-image-22343 size-medium" src="http://www.sickgaming.net/blog/wp-content/uploads/2018/08/decentralize-common-fedora-apps-with-cjdns-1.png" alt="Linphone network config screen" width="300" height="264" /></p>
<p class="wp-caption-text">Linphone network config screen</p>
</div>
<p>Run linphone on your desktop, and skip the account wizard. You don’t need logins and accounts with peer to peer. Select <em>Options</em>, <em>Preferences</em> and select <em>Use IPv6 instead of IPv4</em> and <em>Direct connection to internet</em>. Enter your Cjdns IPv6 in <em>Public IP address</em>. Now select <em>Options</em>, <em>Quit</em> to completely exit linphone.</p>
<p>The version in Fedora doesn’t provide a way to configure your peer to peer contact, so you need to edit the config file. Find the <em>[sip]</em> section and change <em>guess_hostname</em> and <em>contact:</em></p>
<pre>$ <strong>vim ~/.linphonerc</strong> guess_hostname=0 contact="Real Name" <sip:mylogin@[fc02:fefe:dead:beef:cafe:babe:1234:5678]></pre>
<p>Now start linphone again, and add a Fedora friend with Cjdns to the addressbook using the same address syntax. Try a text message first, then give them a call.</p>
<p>Of course, there are many potential issues with audio and video in a VoIP app, which are not covered here. Usually, however, linphone just works. If you don’t have any friends, you can reach out to the author via dex email at the <em>nyc</em> node above.</p>
</div>
<div style="margin: 5px 5% 10px 5%;"><img src="http://www.sickgaming.net/blog/wp-content/uploads/2018/08/decentralize-common-fedora-apps-with-cjdns.png" width="300" height="221" title="" alt="" /></div><div><p>Are you worried about a <a href="https://staltz.com/the-web-began-dying-in-2014-heres-how.html">few huge corporations controlling the web</a>? Don’t like censorship on centralized social media sites like facebook and twitter? You need to decentralize! The internet was designed to be decentralized. Many common activities, from social media to email to voice calls, don’t actually require a centralized service.</p>
<p><span id="more-22337"></span></p>
<p>The basic requirement for any peer to peer application is that the peers be able to reach each other. This is impossible today for most people using IP4 behind NAT (as with most household routers). The IP4 address space was exhausted over a decade ago. Most people are in “IP4 NAT Jail.”</p>
<p>Your device is assigned a private IP, and translated to the public IP by the router. Without port forwarding to a specific private IP, incoming TCP connections or UDP sessions can’t tell where to forward to, and are dropped. As a result, nothing can connect to your device. You must connect to various public servers to do anything. IP4 NAT Jail forces centralization.</p>
<p>The simplest solution to this problem is IPv6. However, most US consumer internet providers do not offer usable IPv6. For instance, if the IPv6 prefix changes every few days, the devices are not addressable except via a dynamic DNS server. Furthermore, on a mobile device like a laptop, most WiFi does not offer IPv6 either. So you can’t use <a href="https://en.wikipedia.org/wiki/Mobile_IP">Mobile IP6</a> to have a stable address.</p>
<p>You can work around this using a VPN like OpenVPN (included in Fedora) to a centralized server with a public IP4 — perhaps one you provide yourself by renting a Virtual Personal Server. But then packets to and from your device have to travel to and from the VPN server first. You can also use a tunnel broker like <a href="https://tunnelbroker.net/">he.net</a>.</p>
<p>If you and your peers already have stable IPv6 addresses, you can use these for the sample applications to be showcased. But most people need to use something else.</p>
<p>DNS is also essentially a centrally controlled service, so this article’s two sample applications avoid the use of DNS. Email and SIP applications have built-in address books that work just as well. Think of your stable IPv6 address as a “phone number.”</p>
<h2>IPv6 Overlay Mesh VPN with Cjdns</h2>
<p>The Cjdns package (included in Fedora) implements a <a href="http://www.fc00.org/">global IPv6 mesh</a> by connecting to several peers instead of a centralized server. Each node has a public/private key pair. The IPv6 is the truncated SHA512 hash of the public key, preventing spoofing.</p>
<ul>
<li>Packets are end to end encrypted — relays can be untrusted.</li>
<li>Packets are source routed, allowing seamless upgrades of and experimentation with routing algorithms. (This is safe thanks to anti-spoofing.)</li>
<li>The data for routing comes from a <a href="https://en.wikipedia.org/wiki/Distributed_hash_table">Distributed Hash Table</a> listing the peers of each node.</li>
<li>Peers can be explicitly configured as UDP tunnels, or auto-configured on ethernet via layer 2 protocol <i>0xfc00</i>.</li>
</ul>
<p>With Cjdns installed, you have a stable, “<a href="https://en.wikipedia.org/wiki/IP_address_spoofing">unspoofable</a>” (standard cryptographic caveats apply) IPv6 address that can be used with any IPv6 ready application. Your recipient must also use the Cjdns protocol, but this isn’t much of an obstacle since it’s easier to install Cjdns than convince US ISPs to provide usable IPv6.</p>
<h2>Install Cjdns</h2>
<p>To install and enable the Cjdns service persistently, run these commands:</p>
<pre>$ <strong>sudo dnf install cjdns cjdns-tools cjdns-selinux</strong> $ <strong>sudo systemctl enable --now cjdns</strong></pre>
<pre>$ <strong>peerStats</strong> 18:03:14:56:c2:1e v20.0000.0000.0000.0019.681v1s7k3af1q2cf09txpw309zdf4q0mn7mtq0wr544dz98stwr0.k ESTABLISHED in 6kb/s out 15kb/s LOS 8 "outer"</pre>
<p>This generates a <i>/etc/cjdroute.conf</i> file, pre-populated with random keys and passwords. If there’s already a Cjdns node on your LAN as above, you’re done. But more likely, there was no output from peerStats. In that case you now need to configure one or more UDP tunnels. First, you must discover the random UDP port used.</p>
<pre>$ <strong>sudo grep bind /etc/cjdroute.conf</strong> // Port to bind the admin RPC server to. "bind": "127.0.0.1:11234", "bind": "0.0.0.0:26041", "bind": "[::]:26041", // Alternatively bind to just one device "bind": "all",</pre>
<p>In this example, the random UDP port is 26041 for both IPv6 and IPv4. Your port will be different. Allow incoming sessions for this port.</p>
<pre>$ <strong>sudo firewall-cmd --zone=public --add-port=26041/udp</strong> success $ <strong>sudo firewall-cmd --runtime-to-permanent</strong> success</pre>
<p>Now you need to edit the config to add a peer. Hopefully, you are somewhat familiar with configs using <a href="https://www.tutorialspoint.com/json/json_syntax.htm">JSON syntax</a>. You must add an entry for a UDP peer using your favorite text editor, such as <em>vim</em>. Here is one provided on a VPS. Search for IPv4, and add the indicated stanza after <em>connectTo</em>, inside the braces:</p>
<pre>$ <strong>sudo vim /etc/cjdroute.conf</strong> "168.235.90.18:26041": { "login": "fedora", "password":"zvkxv604fqx0zn9trhw5hjxwp3u4v2u", "publicKey":"lhj54c2xnczfurpw42d0h1bvc4qquclb4dw72q50tc83ucmm9zt0.k", "peerName":"nyc.gathman.org" },</pre>
<p>For the changes to take effect, restart cjdns.</p>
<pre>$ <strong>sudo systemctl restart cjdns</strong> $ <strong>peerStats</strong> 168.235.90.18:26041 v20.0000.0000.0000.0017.lhj54c2xnczfurpw42d0h1bvc4qquclb4dw72q50tc83ucmm9zt0.k ESTABLISHED in 0kb/s out 0kb/s "nyc.gathman.org" $ <strong>ping h.sea.gathman.org</strong> PING h.sea.gathman.org(h.sea.gathman.org (fceb:7fc0:c62c:9cd9:2971:e3ff:aee2:6e08)) 56 data bytes 64 bytes from h.sea.gathman.org (fceb:7fc0:c62c:9cd9:2971:e3ff:aee2:6e08): icmp_seq=1 ttl=42 time=87.6 ms</pre>
<p>You can now ping any node in the global IPv6 mesh. CAUTION: All those nodes can now directly connect to your device. The default Fedora firewall will block all incoming connections be default — but be careful what you allow in. Be sure to consult <a href="https://src.fedoraproject.org/rpms/cjdns/blob/master/f/cjdns.README_Fedora.md">the package README</a> for additional security notes.</p>
<p>The <em>fedora</em> password to this <em>nyc</em> VPS may not be up indefinitely, so you need some more peers. Consult a <a href="https://github.com/hyperboria/peers">list of public peers</a> or peer with your Fedora friends.</p>
<h2>Decentralize Email applications</h2>
<p>You can decentralize almost any email client included in Fedora that supports IPv6, such as alpine or Thunderbird. This example uses <em>mailx</em>, a bare bones CLI mail client designed for teletypes. This makes configuration and use easy to show.</p>
<p>Similarly, you can use any of the MTAs supplied with Fedora, but this example uses <em>opensmtpd</em>, as it is simple, small, and secure. By default, opensmtpd stores incoming email in <i>/var/spool/mail</i>, which is perfect for personal decentralized use. You can, of course, use any mail store and client you prefer.</p>
<pre>$ <strong>sudo dnf install mailx opensmtpd</strong> $ <strong>cat >~/.mailrc <<EOF</strong> set from="mylogin@[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678] (Real Name)" set smtp=localhost EOF</pre>
<p>Of course, you need to use your own local login, IPv6 and name.</p>
<p>To receive email, you will need to edit the opensmtpd config in <i>/etc/opensmtpd/smtpd.conf</i>. Here is a sample. (Note this article may wrap some of the “preformatted” lines, so use your head):</p>
<pre># This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. # To accept external mail, replace with: listen on all listen on fc02:fefe:dead:beef:cafe:babe:1234:5678 hostname "[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678]" listen on localhost # If you edit the file, you have to run "smtpctl update table aliases" table aliases file:/etc/aliases # Uncomment the following to accept external mail for domain "example.org" #accept from any for domain "example.org" alias deliver to mbox accept from any for domain "[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678]" alias deliver to mbox accept for local alias deliver to mbox accept for any relay hostname "[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678]" </pre>
<p>Use your actual Cjdns IP, of course. When the opensmtpd config is ready, start it so you can receive emails. If your recipient is offline, opensmtpd stores your letter and retries periodically.</p>
<pre>$ <strong>sudo systemctl enable --now opensmtpd</strong> $ <strong>sudo firewall-cmd --zone=public --add-service=smtp</strong> $ <strong>sudo firewall-cmd --runtime-to-permanent</strong></pre>
<p>Now send the author a dex (decentralized) email:</p>
<pre>$ <strong>mailx -s "Fedora Article" \ "stuart@[IPv6:fcbc:b27:be6f:94dd:4225:792:c988:8ace]" <<EOF</strong> > Great article! > EOF</pre>
<p>That sends an email to the author’s <em>nyc</em> vps — so don’t be surprised if you get a reply!</p>
<p>Alpine is a full featured console email client. After you install and run it the first time, you can decentralize it by editing <i>~/.pinerc</i> and changing these basic config items:</p>
<pre># Sets domain part of From: and local addresses in outgoing. user-domain=[IPv6:fc02:fefe:dead:beef:cafe:babe:1234:5678] # List of SMTP servers for sending mail. smtp-server=localhost</pre>
<h2>Decentralize SIP applications</h2>
<div id="attachment_22344" style="width: 310px" class="wp-caption alignnone"><img class="wp-image-22344 size-medium" src="http://www.sickgaming.net/blog/wp-content/uploads/2018/08/decentralize-common-fedora-apps-with-cjdns.png" alt="Linphone call screen" width="300" height="221" /></p>
<p class="wp-caption-text">Linphone call screen</p>
</div>
<p>Using Cjdns for your voice calls gives you privacy and authentication. You can use any sip client that supports IP6. This example uses the <em>linphone</em> app included in Fedora.</p>
<pre>$ <strong>sudo dnf install linphone</strong> $ <strong>sudo firewall-cmd --zone=public --add-service=sip --add-port=7078/udp --add-port=9078/udp</strong> $ <strong>sudo firewall-cmd --runtime-to-permanent</strong></pre>
<div id="attachment_22343" style="width: 310px" class="wp-caption alignright"><img class="wp-image-22343 size-medium" src="http://www.sickgaming.net/blog/wp-content/uploads/2018/08/decentralize-common-fedora-apps-with-cjdns-1.png" alt="Linphone network config screen" width="300" height="264" /></p>
<p class="wp-caption-text">Linphone network config screen</p>
</div>
<p>Run linphone on your desktop, and skip the account wizard. You don’t need logins and accounts with peer to peer. Select <em>Options</em>, <em>Preferences</em> and select <em>Use IPv6 instead of IPv4</em> and <em>Direct connection to internet</em>. Enter your Cjdns IPv6 in <em>Public IP address</em>. Now select <em>Options</em>, <em>Quit</em> to completely exit linphone.</p>
<p>The version in Fedora doesn’t provide a way to configure your peer to peer contact, so you need to edit the config file. Find the <em>[sip]</em> section and change <em>guess_hostname</em> and <em>contact:</em></p>
<pre>$ <strong>vim ~/.linphonerc</strong> guess_hostname=0 contact="Real Name" <sip:mylogin@[fc02:fefe:dead:beef:cafe:babe:1234:5678]></pre>
<p>Now start linphone again, and add a Fedora friend with Cjdns to the addressbook using the same address syntax. Try a text message first, then give them a call.</p>
<p>Of course, there are many potential issues with audio and video in a VoIP app, which are not covered here. Usually, however, linphone just works. If you don’t have any friends, you can reach out to the author via dex email at the <em>nyc</em> node above.</p>
</div>