this post was submitted on 19 Sep 2024
51 points (89.2% liked)

Selfhosted

40133 readers
515 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
51
submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/[email protected]
 

After the arrest of Pavel Durov, I wanted to move from Telegram to something end-to-end encrypted. I know Signal is pretty good, but I think it is better to have our messages in my own server.

I have already looked in XMPP, but it required SSL certs and I did not have the mood to configure them.

Do you know any other selfhosted messaging service for a group of 4-5 friends, or an easy way to configure an XMPP server? Or shall I use Signal after all (I don't really care that much about being selfhosted, I just thought it would be more privacy friendly)?

UPDATE: I managed to set up an XMPP server using prosody with the SSL certs. We have been testing it with my friend and it seems to go well.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 month ago* (last edited 1 month ago) (1 children)

I have already looked in XMPP, but it required SSL certs and I did not have the mood to configure them.

There are definitely XMPP clients that do end-to-end encryption that do not rely on TLS for key exchange, though.

https://en.wikipedia.org/wiki/Off_the_record_messaging

Off-the-record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption.

The primary motivation behind the protocol was providing deniable authentication for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing. This is in contrast with cryptography tools that produce output which can be later used as a verifiable record of the communication event and the identities of the participants. The initial introductory paper was named "Off-the-Record Communication, or, Why Not To Use PGP".[1]

I've used Pidgin with the libOTR plugin that implements that protocol.

[–] [email protected] 7 points 1 month ago* (last edited 1 month ago) (1 children)

These days I think OMEMO is a better choice than OTR, if your client supports it.