Changes

Page history
Update Registration and Provisioning via signal cli authored by about:privacy's avatar about:privacy
Show whitespace changes
Inline Side-by-side
Signal/Registration-and-Provisioning-via-signal-cli.md
View page @ 6263c5a8
_This guide has been tested with Tails OS versions **5.20** and **signal-cli-v0.12.7**_
_This guide has been tested with Tails OS versions **5.21** and **signal-cli-v0.12.7**_
## Persistent Storage
......@@ -114,7 +114,7 @@ sudo update-alternatives --install /usr/bin/signal-cli signal-cli /usr/bin/signa
5. Download `signal-cli-0.12.7` and signature file, executing:
```plaintext
wget https://github.com/AsamK/signal-cli/releases/download/v0.12.7/signal-cli-0.12.7.tar.gz -P /home/amnesia/Persistent/ && https://github.com/AsamK/signal-cli/releases/download/v0.12.7/signal-cli-0.12.7.tar.gz.asc -P /home/amnesia/Persistent/
wget https://github.com/AsamK/signal-cli/releases/download/v0.12.7/signal-cli-0.12.7.tar.gz -P /home/amnesia/Persistent/ && wget https://github.com/AsamK/signal-cli/releases/download/v0.12.7/signal-cli-0.12.7.tar.gz.asc -P /home/amnesia/Persistent/
```
6. As announced per https://github.com/AsamK/signal-cli/issues/65 repos owners PGP fingerprint is `FA10826A74907F9EC6BBB7FC2BA2CD21B5B09570` and the key id is `2BA2CD21B5B09570`. Download the pgp public key file from mentioned pgp key server:
......@@ -126,10 +126,10 @@ torify -i gpg --keyserver pgp.mit.edu --recv-keys 0x2BA2CD21B5B09570
7. Verify the archive:
```plaintext
gpg --verify Persistent/v0.12.7.tar.gz.asc Persistent/signal-cli-0.12.7.tar.gz
gpg --verify Persistent/signal-cli-0.12.7.tar.gz.asc Persistent/signal-cli-0.12.7.tar.gz
```
**WARNING: It seems to be badly signed, looks likewise https://github.com/AsamK/signal-cli/issues/934**
<!--**WARNING: It seems to be badly signed, looks likewise https://github.com/AsamK/signal-cli/issues/934**-->
8. Extract the archive:
......@@ -161,7 +161,7 @@ echo -e '#!/bin/sh\nexport JAVA_TOOL_OPTIONS="-Djava.net.preferIPv4Stack=true"\n
## General use of `signal-cli` on Tails
**(aka steps required every time you want to use `signal-cli`)**
1. Start your Tails unlocking your persistent storage
1. Start your Tails unlocking your persistent storage and setup an administration password, follow section _Set up an administration password_ at https://tails.boum.org/doc/first_steps/welcome_screen/administration_password/.
2. Choose Applications ▸ System Tools ▸ Terminal
<!--<details>
......@@ -182,7 +182,7 @@ and _Wait until additional software has been installed successfully_
<!--5. signal-cli-jre requires at least Java Runtime Environment (JRE) 17.-->
3. Start executing the signal-cli script we created in the previous section:
4. Start executing the signal-cli script we created in the previous section:
```plaintext
Persistent/signal-cli_tor.sh
......@@ -196,7 +196,7 @@ _Tip: If you want to acquire an anonymous phone number for registering signal, o
## Registration and registration lock pin
1. Follow steps 1 through 5 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
1. Follow steps 1 through 4 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
2. Follow the steps on https://github.com/AsamK/signal-cli/wiki/Registration-with-captcha
3. You should set a registration lock pin, to prevent others from registering this number:
......@@ -221,8 +221,9 @@ signal-cli -a $PHONE_NR verify --pin "yourPIN" 123456
```
## Provisioning Signal-Desktop & hardening
(aka coupling signal-cli with Signal Desktop)
1. Start your Tails unlocking your persistent storage
1. Start your Tails unlocking your persistent storage and setup an administration password, follow section _Set up an administration password_ at https://tails.boum.org/doc/first_steps/welcome_screen/administration_password/.
2. _Wait until additional software has been installed successfully_
3. Choose Applications ▸ System Tools ▸ Terminal
4. In order to read the qrcode, we need the package `zbar-tools`, execute
......@@ -232,26 +233,21 @@ sudo apt-get update && sudo apt-get install zbar-tools
```
4. Make the installation persistent (_Install every time_) following step 3. at https://tails.boum.org/doc/persistent_storage/additional_software/#index4h2
5. Run Signal Desktop:
```plaintext
Persistent/signal-desktop.sh
```
6. [Make a screenshot](https://tails.boum.org/doc/sensitive_documents/screenshot_and_screencast/index.en.html) capturing the Signal Desktop window showing the qr-code and safe the picture in `/home/amnesia/Pictures/qr.jpg`
5. Start Signal Desktop: Go to [Activities Overview](https://tails.boum.org/doc/first_steps/desktop/index.en.html#activities), type `Signal` and click the icon to start.
6. [Make a screenshot](https://tails.boum.org/doc/sensitive_documents/screenshot_and_screencast/index.en.html) capturing the Signal Desktop window showing the qr-code and safe the picture in `/home/amnesia/Pictures/qr.png`
7. Open a new Terminal tab (top left + icon) or window (top right burger menu)
8. Get the qr-code link executing
```plaintext
zbarimg /home/amnesia/Pictures/qr.jpg
zbarimg /home/amnesia/Pictures/qr.png
```
6. Copy the qr decoded link (`sgnl://…`) to the clipboard.
7. Follow steps 1 through 5 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
8. Add your Signal Desktop to signal-cli executing
7. Follow steps 1 through 4 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
8. Add your Signal Desktop to signal-cli with the qr code link from step 6 (`sgnl://…`), executing
```plaintext
signal-cli -a $PHONE_NR addDevice --uri "PasteTheQrCodeLinkHere"
signal-cli -a $PHONE_NR addDevice --uri "sgnl://…"
```
8. Signal-Desktop should ask you to name the device (internal designation)
......@@ -261,7 +257,7 @@ signal-cli -a $PHONE_NR addDevice --uri "PasteTheQrCodeLinkHere"
signal-cli -a $PHONE_NR listDevices
```
It should list your Signal Desktop with the name you set in step 13. among the master (signal-cli).
It should list your Signal Desktop with the name you set in step 8. among the master (signal-cli).
### Hardening
......@@ -278,7 +274,7 @@ Use Settings to enable/disable features such as link preview, incoming calls etc
*These configurations can also be set using `signal-cli` (useful if you prefer a TUI like [scli](https://github.com/isamert/scli/) over a GUI like Signal Desktop):
1. Follow steps 1 through 5 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
1. Follow steps 1 through 4 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
2. Execute:
```plaintext
......@@ -287,13 +283,10 @@ signal-cli -a $PHONE_NR updateConfiguration --read-receipts false --unidentified
## Every now and then: Receiving messages with signal-cli
Every now and then you should also receive events with your signal-cli, so in case something needs to be done via signal-cli, it doesn't take ages to sync last 300 days or so of events:
Every now and then you should also receive events with your signal-cli, so they are purged from the Signal servers:
1. Start your Tails unlocking your persistent storage
2. _Wait until additional software has been installed successfully_
3. Choose Applications ▸ System Tools ▸ Terminal
4. Follow steps 1 through 5 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
5. Receive events executing:
1. Follow steps 1 through 4 at section [General use of signal-cli on Tails](#General-use-of-signal-cli-on-Tails)
2. Receive events executing:
```plaintext
signal-cli -a $PHONE_NR receive
......
......