[jitsi-users] Hardening Jitsie


#1

Hello,

1. How can I configure jitsi to use one (and just one; exclusive) root
certificate and ignore all other system-wide root certs without having to
recompile the source? (and cross platform of course)

2. How can I configure jitsi to fail connecting to the jabber server if the
SSL trust can not be established? Currently in a man-in-the-middle attack
scenario jitsi shows a pop-up that the cert does not match and allows the
user to manually accept the certificate (doh!).

thanks & regards,

skyper


#2

Folks -

Two friends agreed to begin communicating via Jitsi with me, and we are.
They each downloaded the 2.2 stable version--in one case for Windows in
the other, for MAC. They were in two different settings. In each case
they followed the instructions:
https://jitsi.org/Documentation/SetUpJitsiAccount. They proceded to
attempt to open a jit.si account by selecting XMPP and defining a
username xxxx@jit.si They got various error messages indicating
something to the effect of invalid server and and password not valid.
They gave up. What could have been done wrong?

I have been using my jit.si account on two different computers with
Ubuntu 13.04, in two different settings, but I don't have them on at the
same time. In each case I use the most recent nightly build. On the one
computer, the jit.si account appears online. On the other one it is
invariably offline. Try what may, I cannot get it to come online. I
have tried deleting it and adding it. I get similar invalid password
messages as above.

Since setting up an account is the most basic thing, I am guessing there
is something simple we are ignoring. What could it be?

Thank you for your help.

Paul


#3

They proceded to
attempt to open a jit.si account by selecting XMPP and defining a
username xxxx@jit.si They got various error messages indicating
something to the effect of invalid server and and password not valid.
They gave up. What could have been done wrong?

What was the exact wording of the error message? Did the error message
appear when signing up for an account via the webpage, or when they were
adding the existing account to Jitsi?

A common error (one that I made the first time) is to type
xxxx@jitsi.org instead of xxxx@jit.si when adding the username into Jitsi.

I have been using my jit.si account on two different computers with
Ubuntu 13.04, in two different settings, but I don't have them on at the
same time. In each case I use the most recent nightly build. On the one
computer, the jit.si account appears online. On the other one it is
invariably offline. Try what may, I cannot get it to come online. I
have tried deleting it and adding it. I get similar invalid password
messages as above.

I would double check the username and password. Also does your second
computer have different firewall settings from your first computer?

David

···

On 9/21/2013 8:01 PM, Carola y Pablo wrote:


#4

Thank you for replying. I don't have the exact wording of the error
messages. I can get at least one of them to try again and I will report
the text exactly. As to when they got the errors, it was after
downloading jitsi and attempting to set up an initial account.

As for the error that I am getting on the second computer, both are
using Ubuntu 13.04 and I am not aware of firewall setting differences on
the computers. (HOw would I know?) It is in an office setting in which
access is wireless through a router only, as far as I know. But I will
seek to find out. Also, I will take note of the exact wording of the
error message.

Paul

···

El dom, 22-09-2013 a las 01:44 -0500, David Bolton escribió:

On 9/21/2013 8:01 PM, Carola y Pablo wrote:
> They proceded to
> attempt to open a jit.si account by selecting XMPP and defining a
> username xxxx@jit.si They got various error messages indicating
> something to the effect of invalid server and and password not valid.
> They gave up. What could have been done wrong?
What was the exact wording of the error message? Did the error message
appear when signing up for an account via the webpage, or when they were
adding the existing account to Jitsi?

A common error (one that I made the first time) is to type
xxxx@jitsi.org instead of xxxx@jit.si when adding the username into Jitsi.

> I have been using my jit.si account on two different computers with
> Ubuntu 13.04, in two different settings, but I don't have them on at the
> same time. In each case I use the most recent nightly build. On the one
> computer, the jit.si account appears online. On the other one it is
> invariably offline. Try what may, I cannot get it to come online. I
> have tried deleting it and adding it. I get similar invalid password
> messages as above.

I would double check the username and password. Also does your second
computer have different firewall settings from your first computer?

David

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#5

About opening a Jit.si account, my partner was using an all-numeric
password and got numerous error messages (invalid password; could not
confirm, etc.). Then he changed to alphanumeric and it worked. I don't
recall that the instructions say that the password must be alphanumeric,
but apparently it does.

Then we tried making audio and video calls to each other. Initially
when he answered my call, Jitsi would crash. After several tries it
stopped crashing and connected, but I could neither hear nor see him,
and he could only see a fixed image of me. I am attaching his log and
my log--His is labeled Partner, mine is labeled, ME. I hope you can
help us unravel this, for our sake as well as for helping me identify
what we have done wrong so that with other parties we will have
immediate success.

Thank you.

Paul

···

El dom, 22-09-2013 a las 21:10 -0500, Carola y Pablo escribió:

Thank you for replying. I don't have the exact wording of the error
messages. I can get at least one of them to try again and I will report
the text exactly. As to when they got the errors, it was after
downloading jitsi and attempting to set up an initial account.

As for the error that I am getting on the second computer, both are
using Ubuntu 13.04 and I am not aware of firewall setting differences on
the computers. (HOw would I know?) It is in an office setting in which
access is wireless through a router only, as far as I know. But I will
seek to find out. Also, I will take note of the exact wording of the
error message.

Paul

El dom, 22-09-2013 a las 01:44 -0500, David Bolton escribió:
> On 9/21/2013 8:01 PM, Carola y Pablo wrote:
> > They proceded to
> > attempt to open a jit.si account by selecting XMPP and defining a
> > username xxxx@jit.si They got various error messages indicating
> > something to the effect of invalid server and and password not valid.
> > They gave up. What could have been done wrong?
> What was the exact wording of the error message? Did the error message
> appear when signing up for an account via the webpage, or when they were
> adding the existing account to Jitsi?
>
> A common error (one that I made the first time) is to type
> xxxx@jitsi.org instead of xxxx@jit.si when adding the username into Jitsi.
>
> > I have been using my jit.si account on two different computers with
> > Ubuntu 13.04, in two different settings, but I don't have them on at the
> > same time. In each case I use the most recent nightly build. On the one
> > computer, the jit.si account appears online. On the other one it is
> > invariably offline. Try what may, I cannot get it to come online. I
> > have tried deleting it and adding it. I get similar invalid password
> > messages as above.
>
> I would double check the username and password. Also does your second
> computer have different firewall settings from your first computer?
>
> David
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#6

I am sending this letter in two parts, because I want to send two logs,
one for each of the two parties involved. IN each letter I send one
log.

My partner used http://jit.si and set up the account The text, phone
and video options were activated. Sending text messages between us
works fine. When we try either audio or video call, the delay to
connect is about 3 minutes, and when it does connect, there is neither
audio nor video. He sees an initial image of me and then it freezes and
his account goes off line. I get nothing from him on my screen,
although my own image does appear on my screenI write here, because my
problem seems similar. I posed it earlier in
my question in [Trouble setting up Jit.si account].

My partner used http://jit.si and set up the account The text, phone
and video options were activated. Sending text messages between us
works fine. When we try either audio or video call, the delay to
connect is about 3 minutes, and when it does connect, there is neither
audio nor video. He sees an initial image of me and then it freezes and
his account goes off line. I get nothing from him on my screen,
although my own image does appear on my screen. I am attaching our
logs. I look forward to your help.

Thank you

Paul

···

El mié, 25-09-2013 a las 21:47 -0500, Carola y Pablo escribió:

About opening a Jit.si account, my partner was using an all-numeric
password and got numerous error messages (invalid password; could not
confirm, etc.). Then he changed to alphanumeric and it worked. I don't
recall that the instructions say that the password must be alphanumeric,
but apparently it does.

Then we tried making audio and video calls to each other. Initially
when he answered my call, Jitsi would crash. After several tries it
stopped crashing and connected, but I could neither hear nor see him,
and he could only see a fixed image of me. I am attaching his log and
my log--His is labeled Partner, mine is labeled, ME. I hope you can
help us unravel this, for our sake as well as for helping me identify
what we have done wrong so that with other parties we will have
immediate success.

Thank you.

Paul

El dom, 22-09-2013 a las 21:10 -0500, Carola y Pablo escribió:
> Thank you for replying. I don't have the exact wording of the error
> messages. I can get at least one of them to try again and I will report
> the text exactly. As to when they got the errors, it was after
> downloading jitsi and attempting to set up an initial account.
>
> As for the error that I am getting on the second computer, both are
> using Ubuntu 13.04 and I am not aware of firewall setting differences on
> the computers. (HOw would I know?) It is in an office setting in which
> access is wireless through a router only, as far as I know. But I will
> seek to find out. Also, I will take note of the exact wording of the
> error message.
>
> Paul
>
> El dom, 22-09-2013 a las 01:44 -0500, David Bolton escribió:
> > On 9/21/2013 8:01 PM, Carola y Pablo wrote:
> > > They proceded to
> > > attempt to open a jit.si account by selecting XMPP and defining a
> > > username xxxx@jit.si They got various error messages indicating
> > > something to the effect of invalid server and and password not valid.
> > > They gave up. What could have been done wrong?
> > What was the exact wording of the error message? Did the error message
> > appear when signing up for an account via the webpage, or when they were
> > adding the existing account to Jitsi?
> >
> > A common error (one that I made the first time) is to type
> > xxxx@jitsi.org instead of xxxx@jit.si when adding the username into Jitsi.
> >
> > > I have been using my jit.si account on two different computers with
> > > Ubuntu 13.04, in two different settings, but I don't have them on at the
> > > same time. In each case I use the most recent nightly build. On the one
> > > computer, the jit.si account appears online. On the other one it is
> > > invariably offline. Try what may, I cannot get it to come online. I
> > > have tried deleting it and adding it. I get similar invalid password
> > > messages as above.
> >
> > I would double check the username and password. Also does your second
> > computer have different firewall settings from your first computer?
> >
> > David
> >
> >
> > _______________________________________________
> > users mailing list
> > users@jitsi.org
> > Unsubscribe instructions and other list options:
> > http://lists.jitsi.org/mailman/listinfo/users
>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#7

Here goes log 1

ME-2013-09-28@21.57.20-logs.zip (386 KB)

···

El mié, 02-10-2013 a las 05:11 -0500, Carola y Pablo escribió:

I am sending this letter in two parts, because I want to send two logs,
one for each of the two parties involved. IN each letter I send one
log.

My partner used http://jit.si and set up the account The text, phone
and video options were activated. Sending text messages between us
works fine. When we try either audio or video call, the delay to
connect is about 3 minutes, and when it does connect, there is neither
audio nor video. He sees an initial image of me and then it freezes and
his account goes off line. I get nothing from him on my screen,
although my own image does appear on my screenI write here, because my
problem seems similar. I posed it earlier in
my question in [Trouble setting up Jit.si account].

My partner used http://jit.si and set up the account The text, phone
and video options were activated. Sending text messages between us
works fine. When we try either audio or video call, the delay to
connect is about 3 minutes, and when it does connect, there is neither
audio nor video. He sees an initial image of me and then it freezes and
his account goes off line. I get nothing from him on my screen,
although my own image does appear on my screen. I am attaching our
logs. I look forward to your help.

Thank you

Paul

El mié, 25-09-2013 a las 21:47 -0500, Carola y Pablo escribió:
> About opening a Jit.si account, my partner was using an all-numeric
> password and got numerous error messages (invalid password; could not
> confirm, etc.). Then he changed to alphanumeric and it worked. I don't
> recall that the instructions say that the password must be alphanumeric,
> but apparently it does.
>
> Then we tried making audio and video calls to each other. Initially
> when he answered my call, Jitsi would crash. After several tries it
> stopped crashing and connected, but I could neither hear nor see him,
> and he could only see a fixed image of me. I am attaching his log and
> my log--His is labeled Partner, mine is labeled, ME. I hope you can
> help us unravel this, for our sake as well as for helping me identify
> what we have done wrong so that with other parties we will have
> immediate success.
>
> Thank you.
>
> Paul
>
> El dom, 22-09-2013 a las 21:10 -0500, Carola y Pablo escribió:
> > Thank you for replying. I don't have the exact wording of the error
> > messages. I can get at least one of them to try again and I will report
> > the text exactly. As to when they got the errors, it was after
> > downloading jitsi and attempting to set up an initial account.
> >
> > As for the error that I am getting on the second computer, both are
> > using Ubuntu 13.04 and I am not aware of firewall setting differences on
> > the computers. (HOw would I know?) It is in an office setting in which
> > access is wireless through a router only, as far as I know. But I will
> > seek to find out. Also, I will take note of the exact wording of the
> > error message.
> >
> > Paul
> >
> > El dom, 22-09-2013 a las 01:44 -0500, David Bolton escribió:
> > > On 9/21/2013 8:01 PM, Carola y Pablo wrote:
> > > > They proceded to
> > > > attempt to open a jit.si account by selecting XMPP and defining a
> > > > username xxxx@jit.si They got various error messages indicating
> > > > something to the effect of invalid server and and password not valid.
> > > > They gave up. What could have been done wrong?
> > > What was the exact wording of the error message? Did the error message
> > > appear when signing up for an account via the webpage, or when they were
> > > adding the existing account to Jitsi?
> > >
> > > A common error (one that I made the first time) is to type
> > > xxxx@jitsi.org instead of xxxx@jit.si when adding the username into Jitsi.
> > >
> > > > I have been using my jit.si account on two different computers with
> > > > Ubuntu 13.04, in two different settings, but I don't have them on at the
> > > > same time. In each case I use the most recent nightly build. On the one
> > > > computer, the jit.si account appears online. On the other one it is
> > > > invariably offline. Try what may, I cannot get it to come online. I
> > > > have tried deleting it and adding it. I get similar invalid password
> > > > messages as above.
> > >
> > > I would double check the username and password. Also does your second
> > > computer have different firewall settings from your first computer?
> > >
> > > David
> > >
> > >
> > > _______________________________________________
> > > users mailing list
> > > users@jitsi.org
> > > Unsubscribe instructions and other list options:
> > > http://lists.jitsi.org/mailman/listinfo/users
> >
> >
> >
> > _______________________________________________
> > users mailing list
> > users@jitsi.org
> > Unsubscribe instructions and other list options:
> > http://lists.jitsi.org/mailman/listinfo/users
>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#8

Here goes log 2 of my difficulty in setting up and using the audio and
video options with Jit.si.

Thank you for your help
Paul

Partner 2013-09-28@21.52.34-logs.zip (225 KB)

···

El mié, 02-10-2013 a las 05:18 -0500, Carola y Pablo escribió:

Here goes log 1

El mié, 02-10-2013 a las 05:11 -0500, Carola y Pablo escribió:
> I am sending this letter in two parts, because I want to send two logs,
> one for each of the two parties involved. IN each letter I send one
> log.
>
> My partner used http://jit.si and set up the account The text, phone
> and video options were activated. Sending text messages between us
> works fine. When we try either audio or video call, the delay to
> connect is about 3 minutes, and when it does connect, there is neither
> audio nor video. He sees an initial image of me and then it freezes and
> his account goes off line. I get nothing from him on my screen,
> although my own image does appear on my screenI write here, because my
> problem seems similar. I posed it earlier in
> my question in [Trouble setting up Jit.si account].
>
> My partner used http://jit.si and set up the account The text, phone
> and video options were activated. Sending text messages between us
> works fine. When we try either audio or video call, the delay to
> connect is about 3 minutes, and when it does connect, there is neither
> audio nor video. He sees an initial image of me and then it freezes and
> his account goes off line. I get nothing from him on my screen,
> although my own image does appear on my screen. I am attaching our
> logs. I look forward to your help.
>
> Thank you
>
> Paul
>
>
>
> El mié, 25-09-2013 a las 21:47 -0500, Carola y Pablo escribió:
> > About opening a Jit.si account, my partner was using an all-numeric
> > password and got numerous error messages (invalid password; could not
> > confirm, etc.). Then he changed to alphanumeric and it worked. I don't
> > recall that the instructions say that the password must be alphanumeric,
> > but apparently it does.
> >
> > Then we tried making audio and video calls to each other. Initially
> > when he answered my call, Jitsi would crash. After several tries it
> > stopped crashing and connected, but I could neither hear nor see him,
> > and he could only see a fixed image of me. I am attaching his log and
> > my log--His is labeled Partner, mine is labeled, ME. I hope you can
> > help us unravel this, for our sake as well as for helping me identify
> > what we have done wrong so that with other parties we will have
> > immediate success.
> >
> > Thank you.
> >
> > Paul
> >
> > El dom, 22-09-2013 a las 21:10 -0500, Carola y Pablo escribió:
> > > Thank you for replying. I don't have the exact wording of the error
> > > messages. I can get at least one of them to try again and I will report
> > > the text exactly. As to when they got the errors, it was after
> > > downloading jitsi and attempting to set up an initial account.
> > >
> > > As for the error that I am getting on the second computer, both are
> > > using Ubuntu 13.04 and I am not aware of firewall setting differences on
> > > the computers. (HOw would I know?) It is in an office setting in which
> > > access is wireless through a router only, as far as I know. But I will
> > > seek to find out. Also, I will take note of the exact wording of the
> > > error message.
> > >
> > > Paul
> > >
> > > El dom, 22-09-2013 a las 01:44 -0500, David Bolton escribió:
> > > > On 9/21/2013 8:01 PM, Carola y Pablo wrote:
> > > > > They proceded to
> > > > > attempt to open a jit.si account by selecting XMPP and defining a
> > > > > username xxxx@jit.si They got various error messages indicating
> > > > > something to the effect of invalid server and and password not valid.
> > > > > They gave up. What could have been done wrong?
> > > > What was the exact wording of the error message? Did the error message
> > > > appear when signing up for an account via the webpage, or when they were
> > > > adding the existing account to Jitsi?
> > > >
> > > > A common error (one that I made the first time) is to type
> > > > xxxx@jitsi.org instead of xxxx@jit.si when adding the username into Jitsi.
> > > >
> > > > > I have been using my jit.si account on two different computers with
> > > > > Ubuntu 13.04, in two different settings, but I don't have them on at the
> > > > > same time. In each case I use the most recent nightly build. On the one
> > > > > computer, the jit.si account appears online. On the other one it is
> > > > > invariably offline. Try what may, I cannot get it to come online. I
> > > > > have tried deleting it and adding it. I get similar invalid password
> > > > > messages as above.
> > > >
> > > > I would double check the username and password. Also does your second
> > > > computer have different firewall settings from your first computer?
> > > >
> > > > David
> > > >
> > > >
> > > > _______________________________________________
> > > > users mailing list
> > > > users@jitsi.org
> > > > Unsubscribe instructions and other list options:
> > > > http://lists.jitsi.org/mailman/listinfo/users
> > >
> > >
> > >
> > > _______________________________________________
> > > users mailing list
> > > users@jitsi.org
> > > Unsubscribe instructions and other list options:
> > > http://lists.jitsi.org/mailman/listinfo/users
> >
> >
> >
> > _______________________________________________
> > users mailing list
> > users@jitsi.org
> > Unsubscribe instructions and other list options:
> > http://lists.jitsi.org/mailman/listinfo/users
>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users