Tap In When Freedom Calls, Connect Around Their Walls

The Crystal Chantry also offers an SSL (Secure Sockets Layer) encrypted means of connecting by accessing chantry.virtadpt.net on port 2305. This will open a link to the SSL server and all data between the Chantry and your computer will be encrypted. This can be accomplished in a number of ways:

A note for the casual viewer: I supply NO cryptographic software from this website in accordnance with the ITAR regulations of the United States of America. Enough strong crypto has already leaked from the US that you can plug 'cryptographic software' into any search engine and find a mirror of it in your country, wherever it is, which neatly sidesteps anti-export regulations. The staff and users of the Chantry are not responsible for this.

Users of Linux, and various Unices like BSD or Solaris are encouraged to use stunnel (primary site, Poland), which constructs SSL-encrypted tunnels for otherwise unprotected connections. Stunnel relies upon the OpenSSL libraries to provide the actual encryption algorithms. A piece of advice, read the manpages after you install the libraries, they provide the information you actually need to do things like generate certificates.

To connect with tkMOO-light on Unix via SSL, you first need to install stunnel (secondary site, US). Download the source code for OpenSSL (primary, Zurich) and install it:

	root@navi# gzip -dc /path/to/openssl-0.9.6b.tar.gz | tar xvf -
	root@navi# cd openssl-0.9.6b
	root@navi# ./config
	root@navi# make
	root@navi# make test
	root@navi# make install

Once this is done, decompress the stunnel archive and install it:

	root@navi# cd ..
	root@navi# gzip -dc /path/to/stunnel-3.14.tar.gz | tar xvf -
	root@navi# cd stunnel-3.14
	root@navi# ./configure --with-ssl=/usr/local/ssl
	root@navi# make
	root@navi# make install

Now answer the questions the compilation script asks you. Give the abbreviation of your country (we use 'VA' at virtadpt.net), the state in which you live, the name of the city in which you live, the organization with which you are affiliated (if applicable), the division of said organization (if applicable), the top-level domain name of your ISP or home LAN (we use virtadpt.net, you would use something like netcom.com or telerama.com. When you have answered all of these questions, the makefile will invoke the openssl agent to create a cryptographic certificate. Since you are using it as a client and not a server, this is not, strictly speaking, necessary but is nice to have around. Be sure to copy the newly created stunnel.pem file into /path/to/ssl/certs and chmod 400 /path/to/ssl/certs/stunnel.pem to make it available and protect it.

Now you need to execute the stunnel client as a daemon, so that you connect to one side of it, and the other side connects to port 2305 at the Chantry. This is how to do it:

	/usr/local/sbin/stunnel -c -d 2305 -r chantry.virtadpt.net:2305

This runs the stunnel executable (in /usr/local/sbin unless you changed its destination with a configure script directive) as an OpenSSL client, which opens port 2305 on your home system, and connects to chantry.virtadpt.net port 2305. Any data passing from the port on your system to the matching port at the Chantry will be protected.

I cannot claim credit for this, the instructions are adapted from those for protecting a connection to a MySQL database with stunnel. The directions can be found here at stunnel.org.

Prezzey wrote up instructions for installing tkMOO-lite and stunnel on the Win32 platform:

This one is written for the inexperienced Windows user. Don't flame me if it's too detailed for you - I wanted to make sure that everyone gets to the Chantry who needs to, regardless of computers background.

Step 1: Installing TkMOO

Visit http://www.awns.com/tkMOO-light/Source/ and download the windows port (currently tm0-3-28s.exe). Run it.

When it asks for a directory, give C:\Program Files\tkmoo (or whatever you wish.) Click Unzip, Ok. Close the window.

Enter that directory with some program manager - you should find the whole thing in an additional dir there.

Step 2: Installing STunnel

Download the self-extracting archive from here.

Run it. Specify a directory where you want the contents to be extracted to (it need not be an already existing directory). Enter that directory and run Setup. It'll display lots of text in Hungarian - don't worry, just keep on clicking 'Next'. (It's a general introduction of the software.) When done, you can either read the readme or run the program. Run it. Double-click on the small yellow icon in the taskbar - the small Stunnel settings window should come up. Don't worry if you can't make out the window header, it's in Hungarian. Enter the following:

Server: chantry.virtadpt.net
Port: 2305

Local server: 127.0.0.1
Local port: 6667

You should specify a name under which this connection will be stored: type it into the third line on the left and press 'Save'-. Now you can press 'Hide' and put the whole thing back where it came from, the taskbar. (Be sure to exit from Stunnel after leaving the Chantry, it can cause problems when rebooting.)

Start STunnel every time you want to access the Chantry.

Step 3: Setting up TkMOO for the connection.

Run TkMOO. Select Connect/Worlds from the menu. Click 'New'. In the General Settings window, give the data as follows:

World: Whatever you wish, the name the settings will be stored under.
Host: 127.0.0.1
Port: 6667

Leave others empty for the time being. (After the registration, you can enter your username/password for convenience, though this is not the most secure thing ever.) It's strongly recommended to keep a logfile: Click on the Write to log file box, and give a log file name below. You might switch local echo off, it depends on your personal taste.

Save, then click on it in the Worlds window and open. There you go, create a character and have a pleasant time staying at us ^_^

Thanks, Prezzey!

Here's how we set up the server on our end.

Connect to the Chantry

Back to the Spire