Rockstable Wiki:

Rockstable XMPP Server

Rockstable has now a XMPP-Server called "jabber.rockstable.org". The goal is to provide a secure and stable instant messaging service, which is rich of features and free to register.

Features are:

XMPP-Client

I recommend using the following XMPP-Clients

Pidgin

Security considerations: On linux please install pidgin-gnome-keyring to ensure secure that the password is not stored in plain-text on your machine in "accounts.xml". If your filesystem is not encrypted, probably everybody can extract the password from your machine.

Plugins

Please enable Service Discovery Plugin (disco) to be able to use some advanced features of the service.

Buddy-List-Menu -> Tools -> Plugins -> XMPP-Service-Discovery

Firewall

Please make sure that your local/perimeter Firewall permits a connection to the server.

Ports you may use are: tcp/443, bosh tcp/5222, xmpp-client tcp/5280, bosh tcp/7777, socks5 (Filetransfer) udp-tcp/3478 stun/turn tcp/5349 stuns/turns udp highports

Registration

There are two ways to register with the service, either

  1. via your XMPP-client's inbound registration
  2. or via the Website that the service offers.

Setup XMPP-Account

  1. Install XMPP-Client (in this case pidgin).
  2. Click add account and a new window opens.
    1. Simple tab:
      1. Chosse XMPP as the protocol.
      2. Enter the username.
      3. Enter the domain "rockstable.org".
      4. Define the ressource (e.g. the hostname of the system you are working on).
      5. Choose and remember a secure password with at lease 32bits of entropy.
    2. Advanced tab:
      1. In the drop-down menu choose "Require encryption". (Encryption is required by the server too.)
      2. Uncheck "Permit plain-text authentication over unencrypted channel".
      3. Exchange the Proxy for filetransfers with "jabber.rockstable.org".
    3. If you haven't registered yet, check the box "Register the account on the server".

    4. Finalize by pressing "add".

Here is once again the registration message, that you receive if you register inbound via a xmpp-client.

Thanks for registering with Rockstable XMPP service.

System is well configured, patched, bleeding edge and considered secure.
I don't expect many service outages (besides the maintenance), since
ejabberd is great software written in Erlang/OTP and can rely on
a postgres database backend. The Spectrum2-transports (C++) are
running in a docker-container. System is running Debian SID.

I recommend using pidgin as the xmpp-client since it is
fully-featured and capable of audio and video chats and BOSHS.
Here is a link "https://pidgin.im/".

Some info for the initial setup jabber.rockstable.org provides
File transfer proxy (SOCKS5)    on tcp/7777             (account opts)
BOSHS                           on tcp/443 and tcp/5280 (account opts)
Stun/Turn Service               on udp-tcp/3478         (general opts)
Stuns/Turns Service             on tcp/5349 (no dtls    (general opts))

The system circumvents restritive firewall using
Bind over synchronous https (BOSHS). This is an encrypted
https-connection over tcp/443 that is hardly to be differentianted
from other simple website requests. Please try it if your
network-admin is let's say - very buttoned up.
The binding URL is "https://jabber.rockstable.org:443/http-bind/".

Your privacy is of course highly respected!
Rockstable XMPP enforces strong encryption and is rated Class A.
Test it on "https://xmpp.net" if you are unsure.

Please feel free to use our spectrum2-gateways to the various
legacy Chat-Networks like AIM, ICQ, IRC, Facebook, Groupwise,
Gadu-Gadu, MSN, Skype, Telegram, Twitter and YaHoo. I haven't
tested them all yet there may be some closed ports in my
restrictive firewall. ^_^
For further information please see "http://spectrum.im/".

Multiuser-Chat aka Chat-Rooms are available too.

I recommend using Off-The-Record End-To-End-Encryption so
you can make sure that no server-admin is able to view
your chat-history. Please create a backup-copy of your OTR-Key
to ensure the readability of your history.
Please see "https://otr.cypherpunks.ca/".

Have fun!!!

Webservice Registration

  1. Surf to https://jabber.rockstable.org/register/ (Don't forget to append the "/").

  2. Click on "Register a Jabber account"
  3. Fill in the form
    • Choose a username, which is longer than 2 Characters.
    • Exchange the server to "rockstable.org".
    • Enter a passoword which has at least 32bits of entropy.
    • Fill in the captcha.
    • Finalize your registration with the "Register"-button.

Note: Please make sure to remember your passoword. There is currently no way to recover a from a lost password. And if you write me and i cannot make sure you that you are the person you are claiming, i just can delete the account. So you can probably only create a new account with the same name.

Transports

Using IRC

  1. Enable Service Discovery
    • Buddy-List-Menu -> Tools -> Plugins -> XMPP-Service-Discovery

  2. Discover services
    1. Buddy-List-Menu -> Tools -> XMPP-Service-Discovery -> XMPP-Service-Discovery

      1. Choose your rockstable-account in the drop-down.
      2. Hit search
        1. Specify server "rockstable.org"
        2. Hit Discover services
      3. Right-Click "irc.rockstable.org" and choose "Add to buddy-list"
        1. Choose your "rockstable.org" account
        2. In the room field: specify the room and the server like this 'room%server.domain.tld'. For example "pidgin%irc.freenode.net". You have to strip the leading "#".
        3. In the server-field keep "irc.rockstable.org". This is your transport-gateway from xmpp to irc.
        4. Enter your nickname
        5. If you have registered your nick on the remote serverprovide the password.
        6. Check your options.
        7. Finalize your configuration by pressing "Add"

You can see the the Chat now in your buddy-list. With a right clink on the entry you can reconfigure the options or rename it. Enter the chat by douoble clicking and please be excellent to each other!!!

Rockstable Wiki: XMPP (last edited 2019-06-24 13:17:59 by anonymous)