Start9/documentation
2
0
Fork 0
mirror of https://github.com/Start9Labs/documentation.git synced 2026-03-26 02:11:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Docs updates (#25)

Browse Source 
Restructure Tor and LAN setup, add to FAQ.

Co-authored-by: Matt Hill <matthewonthemoon@gmail.com>
This commit is contained in:
kn0wmad
2021-04-15 08:53:28 -06:00
committed by GitHub
parent 68f76796d6
commit e2f97bc1c3
17 changed files with 363 additions and 394 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
source/misc-guides/tor-firefox/desktop.rst Normal file
View File

@@ -0,0 +1,96 @@
.. _firefox-tor-desktop:
**************************************
Setting up Firefox with Tor on Desktop
**************************************
.. warning::
This guide assumes you have completed :ref:`setting up Tor<running-tor>`. Please visit this section first before you proceed as it is required for Firefox to properly work with Tor.
1. Open Firefox.
2. Enter ``about:config`` in the URL bar. Accept any warnings that may appear about accessing advanced settings.
3. Search for ``dom.securecontext.whitelist_onions`` and set the value to ``true``.
.. figure:: /_static/images/tor/firefox_whitelist.png
:width: 80%
:alt: Firefox whitelist onions screenshot
4. Download a `Proxy Auto Config` file to inform Firefox how to use the Tor daemon running on your computer. You can get Start9's standard file by following the OS-specific instructions below:
Windows:
Click `here <https://registry.start9labs.com/sys/proxy.pac>`_ to get the file and save the file somewhere you wont delete it. For this example:
.. code-block::
C:\Program Files\Tor Browser\proxy.pac
Mac:
Open the `Terminal` App on your Mac. You can find it in your list of Applications. In the terminal, enter:
.. code-block::
brew install wget
And then:
.. code-block::
wget -P /usr/local/etc/tor https://registry.start9labs.com/sys/proxy.pac
Linux:
From a terminal, enter:
.. code-block::
sudo wget -P /etc/tor https://registry.start9labs.com/sys/proxy.pac
5. Now open your Firefox web browser, and select options (Windows), or preferences (Mac/Linux):
.. figure:: /_static/images/tor/firefox_options_windows.png
:width: 80%
:alt: Firefox options screenshot
Select :menuselection:`Settings --> Options`
6. Search for the term “proxy” in the search bar in the upper right, then select the button that says `Settings…`:
.. figure:: /_static/images/tor/firefox_search.png
:width: 80%
:alt: Firefox search screenshot
7. This should open a menu that will allow you to configure your proxy settings. Select `Automatic proxy configuration URL` and paste in the path to your PAC file from earlier, prefixed with ``file://``. For example:
Windows:
.. code-block::
file://C:/Program Files/Tor Browser/proxy.pac
Mac:
.. code-block::
file:///usr/local/etc/tor/proxy.pac
Linux:
.. code-block::
file:///etc/tor/proxy.pac
8. Then, check the box labeled `Proxy DNS when using SOCKS v5`:
.. figure:: /_static/images/tor/firefox_proxy.png
:width: 80%
:alt: Firefox proxy settings screenshot
9. Click ``OK`` and then restart Firefox for the changes to take effect.
10. Youre all set! You should now be able to navigate to `.onion` URLs in Firefox. This means you can bookmark Cups Messenger, and use your Bitwarden Tor address in the `Bitwarden Firefox Plugin <https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/>`_.

8
source/misc-guides/tor-firefox/index.rst
View File

@@ -10,9 +10,7 @@ Configuring Firefox for Tor
Once you have completed the above guide, select your device's operating system below:
.. toctree::
:maxdepth: 1
:maxdepth: 2
MacOS <mac>
Windows <windows>
Linux <linux>
Android <android>
Desktop<desktop>
Mobile<mobile>

9
source/misc-guides/tor-firefox/ios.rst Normal file
View File

@@ -0,0 +1,9 @@
.. _firefox-tor-ios:
**********************************
Setting up Firefox with Tor on iOS
**********************************
Unfortunately, Apple does not allow tor to be run natively on iOS. This means that Firefox cannot be configured to use tor. This leaves the following options for iOS users:
You can use Start9 Labs' own Consulate Browser, which is available `here <https://apps.apple.com/us/app/start9-consulate-browser/id1528124570>`_, or you can select another Tor Browser by searching the `App Store <https://www.apple.com/us/search/onion-browser?src=serp>`_.

54
source/misc-guides/tor-firefox/linux.rst
View File

@@ -1,54 +0,0 @@
.. _firefox-tor-linux:
************************************
Setting up Firefox with Tor on Linux
************************************
.. warning::
This guide assumes you have completed :ref:`setting up Tor for Linux<tor-linux>`. Please visit this section first before you proceed as it is required for Firefox to properly work with Tor.
#. Open Firefox.
#. Enter ``about:config`` in the URL bar. Accept any warnings that may appear about accessing advanced settings.
#. Search for ``dom.securecontext.whitelist_onions`` and set the value to ``true``.
.. figure:: /_static/images/tor/firefox_whitelist.png
:width: 80%
:alt: Firefox whitelist onions screenshot
#. Create a `Proxy Auto Config` file (advanced) or use our standard one (recommended):
.. code-block::
sudo wget -P /etc/tor https://registry.start9labs.com/sys/proxy.pac
#. Now open your Firefox web browser, and select preferences.
.. figure:: /_static/images/tor/firefox_preferences.png
:width: 80%
:alt: Firefox preferences screenshot
Select :menuselection:`Settings --> Preferences`
#. Search for the term “proxy” in the search bar in the upper right, then select the button that says `Settings…`.
.. figure:: /_static/images/tor/firefox_search.png
:width: 80%
:alt: Firefox search screenshot
#. This should open a menu that will allow you to configure your proxy settings. Select `Automatic proxy configuration URL` and paste in:
.. code-block::
file:///etc/tor/proxy.pac
#. Check the box labeled `Proxy DNS when using SOCKS v5`.
.. figure:: /_static/images/tor/firefox_proxy.png
:width: 80%
:alt: Firefox proxy settings screenshot
#. Click ``OK`` and then restart Firefox for the changes to take effect.
You should now be able to navigate to `.onion` URLs in Firefox. This means you can bookmark Cups Messenger, and use your Bitwarden Tor address in the `Bitwarden Firefox Plugin <https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/>`_.

64
source/misc-guides/tor-firefox/mac.rst
View File

@@ -1,64 +0,0 @@
.. _firefox-tor-mac:
************************************
Setting up Firefox with Tor on MacOS
************************************
.. warning::
This guide assumes you have completed :ref:`setting up Tor for MacOS<tor-mac>`. Please visit this section first before you proceed as it is required for Firefox to properly work with Tor.
#. Open Firefox.
#. Enter ``about:config`` in the URL bar. Accept any warnings that may appear about accessing advanced settings.
#. Search for ``dom.securecontext.whitelist_onions`` and set the value to ``true``.
.. figure:: /_static/images/tor/firefox_whitelist.png
:width: 80%
:alt: Firefox whitelist onions screenshot
#. Next, download the `Proxy Auto Config` file. This file tells Firefox which URLs to use for Tor.
#. Open the `Terminal` App on your Mac. You can find it in your list of Applications.
#. Enter into the terminal:
.. code-block::
brew install wget
#. And then:
.. code-block::
wget -P /usr/local/etc/tor https://registry.start9labs.com/sys/proxy.pac
#. Open your Firefox web browser, and select preferences:
.. figure:: /_static/images/tor/firefox_preferences.png
:width: 80%
:alt: Firefox preferences screenshot
Select :menuselection:`Settings --> Preferences`
#. Search for the term “proxy” in the search bar in the upper right, then select the button that says `Settings…`:
.. figure:: /_static/images/tor/firefox_search.png
:width: 80%
:alt: Firefox search screenshot
#. This should open a menu that will allow you to configure your proxy settings. Select `Automatic proxy configuration URL` and paste in:
.. code-block::
file:///usr/local/etc/tor/proxy.pac
#. Then, check the box labeled `Proxy DNS when using SOCKS v5`:
.. figure:: /_static/images/tor/firefox_proxy.png
:width: 80%
:alt: Firefox proxy settings screenshot
#. Click ``OK`` and then restart Firefox for the changes to take effect.
#. Youre all set! You should now be able to navigate to `.onion` URLs in Firefox. This means you can bookmark Cups Messenger, and use your Bitwarden Tor address in the `Bitwarden Firefox Plugin <https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/>`_.

13
source/misc-guides/tor-firefox/mobile.rst Normal file
View File

@@ -0,0 +1,13 @@
.. _firefox-tor-mobile:
**************************************
Setting up Firefox with Tor on Mobile
**************************************
If you are on Android, you can continue after setting up Tor on your device. If you are on iOS, click below for your options.
.. toctree::
:maxdepth: 1
Android<android>
iOS<ios>

54
source/misc-guides/tor-firefox/windows.rst
View File

@@ -1,54 +0,0 @@
.. _firefox-tor-windows:
**************************************
Setting up Firefox with Tor on Windows
**************************************
.. warning::
This guide assumes you have completed :ref:`setting up Tor for Windows<tor-windows>`. Please visit this section first before you proceed as it is required for Firefox to properly work with Tor.
#. Open Firefox.
#. Enter ``about:config`` in the URL bar. Accept any warnings that may appear about accessing advanced settings.
#. Search for ``dom.securecontext.whitelist_onions`` and set the value to ``true``.
.. figure:: /_static/images/tor/firefox_whitelist.png
:width: 80%
:alt: Firefox whitelist onions screenshot
#. Download a `Proxy Auto Config` file that will use the Tor service to resolve .onion urls. We have one hosted `here <https://registry.start9labs.com/sys/proxy.pac>`_. Save it somewhere you wont delete it. For this example:
.. code-block::
C:\Program Files\Tor Browser\proxy.pac
#. Now open your Firefox web browser, and select options:
.. figure:: /_static/images/tor/firefox_options_windows.png
:width: 80%
:alt: Firefox options screenshot
Select :menuselection:`Settings --> Options`
#. Search for the term “proxy” in the search bar in the upper right, then select the button that says `Settings…`:
.. figure:: /_static/images/tor/firefox_search.png
:width: 80%
:alt: Firefox search screenshot
#. This should open a menu that will allow you to configure your proxy settings. Select `Automatic proxy configuration URL` and paste in the path to your PAC file from earlier, prefixed with ``file://``. For example:
.. code-block::
file://C:/Program Files/Tor Browser/proxy.pac
#. Check the box labeled `Proxy DNS when using SOCKS v5`:
.. figure:: /_static/images/tor/firefox_proxy.png
:width: 80%
:alt: Firefox proxy settings screenshot
#. Click ``OK`` and then restart Firefox for the changes to take effect.
#. Youre all set! You should now be able to navigate to `.onion` URLs in Firefox. This means you can bookmark Cups Messenger, and use your Bitwarden Tor address in the `Bitwarden Firefox Plugin <https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/>`_.

1
source/misc-guides/tor-os/index.rst
View File

@@ -15,3 +15,4 @@ Select your operating system to get started:
Windows<windows>
Linux<linux>
Android<android>
iOS<ios>

9
source/misc-guides/tor-os/ios.rst Normal file
View File

@@ -0,0 +1,9 @@
.. _tor-ios:
*********************
Setting up Tor on iOS
*********************
Unfortunately, Apple does not allow tor to be run natively on iOS. This leaves 2 options for iOS users:
You can use Start9 Labs' own Consulate Browser, which is available `here <https://apps.apple.com/us/app/start9-consulate-browser/id1528124570>`_, or you can select another Tor Browser by searching the `App Store <https://www.apple.com/us/search/onion-browser?src=serp>`_.

4
source/misc-guides/tor-os/windows.rst
View File

@@ -28,11 +28,11 @@ Running Tor on Windows
* In Windows 10, you can simply type ``cmd`` in the Windows search bar, right click on the first result, and select `Run as Administrator`.
#. Once it opens, you can run the following commands, inserting your destination folder in place of ``<PATH TO>``:
#. Once it opens, you can run the following commands, inserting your destination folder (from above) in place of ``<PATH TO>``:
.. code-block::
sc create tor start=auto binPath="<PATH TO>\Tor Browser\Browser\TorBrowser\Tor\tor.exe -nt-service"
sc create tor start=auto binPath="<PATH TO>\Browser\TorBrowser\Tor\tor.exe -nt-service"
sc start tor
#. When you run this, it should look something like this:

4
source/support/FAQ/setup-faq.rst
View File

@@ -28,6 +28,10 @@ This is most likely a transient networking issue that will correct itself in a f
3. Restart your router.
Do I need to take any additional security precautions with my device, for example with my router/modem?
-------------------------------------------------------------------------------------------------------
Nothing special is required, however, it is best practice to use good passwords, i.e. for your WiFi and your Embassy. Here's a `comic <https://xkcd.com/936/>`_ explaining how to make strong passwords, simply.
What if I have an unique network issue, for example, with a firewall?
---------------------------------------------------------------------
The Embassy is designed to work as simply as possible, for as many as possible, while providing the ability to self-host in a private manner. If you have an agressive or custom firewall, or other custom network settings, there is a good chance that addtional configuration may be necessary. We will continue to learn about custom networking issues, update our docs with resources, and help in the community :ref:`channels <contact>` to the best of our ability.

6
source/support/FAQ/usage-faq.rst
View File

@@ -52,6 +52,12 @@ Do I need to delete existing backups before doing a new backup? Or does a new ba
-------------------------------------------------------------------------------------------------------------
No, you dont need to delete the old backups. The technology we use updates the existing backup.
Can I clone my Embassy SD card for backup purposes?
---------------------------------------------------
Warning: **DO NOT do this if you are running LND or c-lightning**. If you clone the SD card, then go back to running LND or c-lightning, and you *ever* try to restore the SD card, there is a good chance you will lose *all your channel funds*. Also, if you try to use the SD card for a 2nd Embassy, that will also result in loss of funds. This has nothing to do with Start9 or the Embassy; it is inherent to the architecture of Lightning.
If you are not running LND or c-lightning, then *yes*, it is possible to do a deep clone of the SD card as a backup. But even here, there are some considerations: Start9 does not test/support this officially, which means it is untested. Also, it may take a while to do a deep clone of the card since the ones we ship are 128GB and there isn't a really effective way to clone the Embassy card that isn't a byte-for-byte copy. However, if you do a byte for byte copy (128GB), and run `PiShrink <https://github.com/Drewsif/PiShrink>`_ you could flash that image file onto a new card and restore all of your data.
Why would I even buy this when I can just build it for free??
-------------------------------------------------------------
(1) White glove support. Because each Embassy comes with a unique product key engraved on it, and we have a record of all product keys ever, we can ask the user to verify their product key in order to receive a higher tier of support, such as phone calls.

29
source/user-manual/general/lan-setup/browser.rst → source/user-manual/general/lan-setup/browser-setup.rst
View File

@@ -1,15 +1,26 @@
.. _browsers:
.. _browser-setup:
*******
Browser
*******
Browser Setup
=============
.. warning:: Make sure you have completed setup on your :ref:`device <ssl-setup>` before continuing!
.. warning:: Make sure you have completed your :ref:`computer setup <computer-setup>` before continuing!
Select the browser you would like to configure to import the certificate from your desktop:
.. .. toctree::
.. :hidden:
.. browser
- :ref:`Brave <brave>`
- :ref:`Chrome <chrome>`
- :ref:`Firefox <firefox>`
- :ref:`Safari <safari>`
.. _brave:
Brave
=====
-----
#. Navigate to your Brave Settings in a new tab.
@@ -38,7 +49,7 @@ Brave
.. _chrome:
Chrome
======
------
#. Once you have followed the steps to setup your device, open a new tab to apply the certificate. If this does not work, quit and restart Chrome.
@@ -49,7 +60,7 @@ Chrome
.. _firefox:
Firefox
========
-------
#. Navigate to your Firefox Settings in a new tab.
@@ -88,6 +99,6 @@ Firefox
.. _safari:
Safari
======
------
Once you have completed the steps to install a SSL certificate on your device, simply open a new tab to apply the changes. If this does not work, quit and restart Safari. You can now securely navigate to the LAN address for your Embassy!

187
source/user-manual/general/lan-setup/computer-setup.rst Normal file
View File

@@ -0,0 +1,187 @@
.. _computer-setup:
Computer Setup
==============
MacOS
-----
#. Visit your Embassy at its Tor Address.
#. Navigate to --> Embassy --> Connect Over LAN
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
Select the "Connect over LAN" menu item
#. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
Select the "Root Certificate Authority" sub menu
#. Select the option to open your key with Keychain Access. If you choose to save file, double click on it once downloaded.
.. figure:: /_static/images/secure_lan_setup_prompt.png
:width: 90%
:alt: LAN setup prompt
Open with "Keychain Access" and select "OK"
#. Enter your computer password when prompted. It will be imported into your computers keychain.
.. figure:: /_static/images/ssl/macos/certificate_untrusted.png
:width: 90%
:alt: Keychain access import menu
Keychain access import menu
#. If the keychain console did not open, press "Command + spacebar" and type “Keychain Access”, and hit enter to open it.
#. Navigate to the "System" tab and find the certificate entitled “Embassy Local Root CA”.
#. Double click on this certificate. A second window will pop up.
#. Open the “Trust” dropdown and select “Always Trust” from the dropdown next to “when using this certificate”.
.. figure:: /_static/images/ssl/macos/always_trust.png
:width: 90%
:alt: Keychain submenu
Select "Always trust" under SSL dropdown for Embassy Local CA
#. Close this window and enter your password to apply the settings.
#. The “Embassy Local Root CA” cert will now read “This certificate is marked as trusted for all users” in Keychain Access.
.. figure:: /_static/images/ssl/macos/certificate_trusted.png
:width: 90%
:alt: Keychain menu trusted certificate
Trusted Embassy Local CA certificate
#. Open your favorite browser to import this certificate and follow the steps for :ref:`browser setup <browser-setup>`.
Windows
-------
#. Install `Bonjour Print Services <https://support.apple.com/kb/DL999>`_ on your Windows machine. This is necessary in order to visit .local addresses on Windows.
#. If you are having issues running Bonjour after installing, you might have had Bonjour previously installed. To fix:
#. Check out this video: https://www.youtube.com/watch?v=9ECCB3bqNDQ
#. Uninstall Bonjour completely via ``system settings -> remove programs``
#. Reinstall Bonjour Printer Driver package (download at https://support.apple.com/kb/DL999?locale=en_US)
#. Restart Windows
#. Note: Uninstalling Bonjour via the setup package seems to be not enough to solve the issue. Bonjour must be uninstalled via windows system settings.
#. Visit your Embassy at its Tor Address.
#. Navigate to --> Embassy --> Connect Over LAN
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
Select the "Connect over LAN" menu item
#. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
Select the "Root Certificate Authority" sub menu download icon
#. Select the option to save the *Embassy Local CA.crt* file.
.. figure:: /_static/images/ssl/windows/windows_download_cert.png
:width: 90%
:alt: LAN setup prompt
"Save file" when Opening Embassy Local CA.crt
#. On your computer, right-click the “Start” menu and select “Run”.
#. Type in “mmc” and click “OK”. When prompted on the “User Account Control” window, select “Yes” to allow this program to run.
.. figure:: /_static/images/ssl/windows/1_windows_mmc.png
:width: 90%
:alt: Windows MMC
Access the Windows Management Console
#. When the Management Console opens, navigate to *File > Add/Remove Snap-in*.
.. figure:: /_static/images/ssl/windows/2_windows_console_root.png
:width: 90%
:alt: Windows Console Root
Add Snap-in from Console Root
#. Select “Certificates” in the left side menu, then “Add”. This will open another window.
.. figure:: /_static/images/ssl/windows/3_windows_add_certificates.png
:width: 90%
:alt: Add Certificates
Add Certificates to selected snap-ins
#. Select “Computer account” and click “Next. Leave defaulted options on the next screen and click “Finish”.
#. When you return to the “Add or Remove Snap-ins” page, ensure “Certificates (Local Computer)” exists under “Console Root” in the “Selected snap-ins” section, then click “OK”.
.. figure:: /_static/images/ssl/windows/4_windows_selected_snapin.png
:width: 90%
:alt: Snap-in Selected
Certificates (Local Computer) is selected as snap-in
#. In the left hand menu of the Management Console, navigate to Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.
.. figure:: /_static/images/ssl/windows/5_windows_trusted_certificate_menu.png
:width: 90%
:alt: Certificates in Management Console
Access Certificates in Management Console
#. Right click on “Certificates”, then navigate to *All Tasks > Import*.
.. figure:: /_static/images/ssl/windows/6_windows_import_cert.png
:width: 90%
:alt: Import certificate
Select "Import" from Certificates sub-menu
#. Click “Next” on the first page of the Certificate Import Wizard, then browse to the location where you saved the downloaded certificate and click “Open”.
.. figure:: /_static/images/ssl/windows/7_windows_import_cert_wizard.png
:width: 90%
:alt: Import cert wizard
Add downloaded certificate int he Certificate Import Wizard
#. On the “Certificate Store” window, ensure that it says “Trusted Root Certificate Authorities” and click “Next”.
#. Select “OK” when the import is successful.
#. Verify the Embassy Local Root CA certificate is in the “Certificates” folder.
.. figure:: /_static/images/ssl/windows/8_windows_successful_cert_install.png
:width: 90%
:alt: Successful cert install
Embassy Local Root CA imported into Certificate folder
#. You can save the settings to the console if desired or cancel.
#. Open your favorite browser to import this certificate and follow the steps for :ref:`browser setup <browser-setup>`.
Linux
-----
Nothing specific needs to be configured for this environment. Open your favorite browser to import this certificate and follow the steps for :ref:`browser setup <browser-setup>`.

205
source/user-manual/general/lan-setup/desktop.rst
View File

@@ -1,204 +1,11 @@
********
*******
Desktop
********
*******
Operating Systems
=================
MacOS
-----
#. Visit your Embassy at its Tor Address.
#. Navigate to --> Embassy --> Connect Over LAN
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
Select the "Connect over LAN" menu item
#. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
Select the "Root Certificate Authority" sub menu
#. Select the option to open your key with Keychain Access. If you choose to save file, double click on it once downloaded.
.. figure:: /_static/images/secure_lan_setup_prompt.png
:width: 90%
:alt: LAN setup prompt
Open with "Keychain Access" and select "OK"
#. Enter your computer password when prompted. It will be imported into your computers keychain.
.. figure:: /_static/images/ssl/macos/certificate_untrusted.png
:width: 90%
:alt: Keychain access import menu
Keychain access import menu
#. If the keychain console did not open, press "Command + spacebar" and type “Keychain Access”, and hit enter to open it.
#. Navigate to the "System" tab and find the certificate entitled “Embassy Local Root CA”.
#. Double click on this certificate. A second window will pop up.
#. Open the “Trust” dropdown and select “Always Trust” from the dropdown next to “when using this certificate”.
.. figure:: /_static/images/ssl/macos/always_trust.png
:width: 90%
:alt: Keychain submenu
Select "Always trust" under SSL dropdown for Embassy Local CA
#. Close this window and enter your password to apply the settings.
#. The “Embassy Local Root CA” cert will now read “This certificate is marked as trusted for all users” in Keychain Access.
.. figure:: /_static/images/ssl/macos/certificate_trusted.png
:width: 90%
:alt: Keychain menu trusted certificate
Trusted Embassy Local CA certificate
#. Open to your favorite browser to import this certificate and follow the steps for :ref:`supported browsers <browsers>`.
Windows
-------
#. Install `Bonjour Print Services <https://support.apple.com/kb/DL999>`_ on your Windows machine. This is necessary in order to visit .local addresses on Windows.
#. If you are having issues running Bonjour after installing, you might have had Bonjour previously installed. To fix:
#. Check out this video: https://www.youtube.com/watch?v=9ECCB3bqNDQ
#. UNinstall Bonjour completely via ``system settings -> remove programs``
#. Reinstall Bonjour Printer Driver package (download at https://support.apple.com/kb/DL999?locale=en_US)
#. Restart Windows
#. Note: Uninstalling Bonjour via the setup package seems to be not enough to solve the issue. Bonjour must be uninstalled via windows system settings.
#. Visit your Embassy at its Tor Address.
#. Navigate to --> Embassy --> Connect Over LAN
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
Select the "Connect over LAN" menu item
#. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
Select the "Root Certificate Authority" sub menu download icon
#. Select the option to save the *Embassy Local CA.crt* file.
.. figure:: /_static/images/ssl/windows/windows_download_cert.png
:width: 90%
:alt: LAN setup prompt
"Save file" when Opening Embassy Local CA.crt
#. On your computer, right-click the “Start” menu and select “Run”.
#. Type in “mmc” and click “OK”. When prompted on the “User Account Control” window, select “Yes” to allow this program to run.
.. figure:: /_static/images/ssl/windows/1_windows_mmc.png
:width: 90%
:alt: Windows MMC
Access the Windows Management Console
#. When the Management Console opens, navigate to *File > Add/Remove Snap-in*.
.. figure:: /_static/images/ssl/windows/2_windows_console_root.png
:width: 90%
:alt: Windows Console Root
Add Snap-in from Console Root
#. Select “Certificates” in the left side menu, then “Add”. This will open another window.
.. figure:: /_static/images/ssl/windows/3_windows_add_certificates.png
:width: 90%
:alt: Add Certificates
Add Certificates to selected snap-ins
#. Select “Computer account” and click “Next. Leave defaulted options on the next screen and click “Finish”.
#. When you return to the “Add or Remove Snap-ins” page, ensure “Certificates (Local Computer)” exists under “Console Root” in the “Selected snap-ins” section, then click “OK”.
.. figure:: /_static/images/ssl/windows/4_windows_selected_snapin.png
:width: 90%
:alt: Snap-in Selected
Certificates (Local Computer) is selected as snap-in
#. In the left hand menu of the Management Console, navigate to Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.
.. figure:: /_static/images/ssl/windows/5_windows_trusted_certificate_menu.png
:width: 90%
:alt: Certificates in Management Console
Access Certificates in Management Console
#. Right click on “Certificates”, then navigate to *All Tasks > Import*.
.. figure:: /_static/images/ssl/windows/6_windows_import_cert.png
:width: 90%
:alt: Import certificate
Select "Import" from Certificates sub-menu
#. Click “Next” on the first page of the Certificate Import Wizard, then browse to the location where you saved the downloaded certificate and click “Open”.
.. figure:: /_static/images/ssl/windows/7_windows_import_cert_wizard.png
:width: 90%
:alt: Import cert wizard
Add downloaded certificate int he Certificate Import Wizard
#. On the “Certificate Store” window, ensure that it says “Trusted Root Certificate Authorities” and click “Next”.
#. Select “OK” when the import is successful.
#. Verify the Embassy Local Root CA certificate is in the “Certificates” folder.
.. figure:: /_static/images/ssl/windows/8_windows_successful_cert_install.png
:width: 90%
:alt: Successful cert install
Embassy Local Root CA imported into Certificate folder
#. You can save the settings to the console if desired or cancel.
#. Open to your favorite browser to import this certificate and follow the steps for :ref:`supported browsers <browsers>`.
Linux
-----
Nothing specific needs to be configured for this environment. Follow the guides below to import the certificate into your desired browser.
Browsers
========
Select the browser you would like to configure to import the certificate from your desktop:
Enabling LAN connectivity for desktop involves configuring both your computer and your browser.
.. toctree::
:hidden:
:maxdepth: 1
browser
- :ref:`Brave <brave>`
- :ref:`Chrome <chrome>`
- :ref:`Firefox <firefox>`
- :ref:`Safari <safari>`
Computer Setup<computer-setup>
Browser Setup<browser-setup>

4
source/user-manual/general/lan-setup/index.rst
View File

@@ -11,5 +11,5 @@ The guides below will walk you through the steps to install and trust your Embas
.. toctree::
:maxdepth: 2
desktop
mobile
Desktop<desktop>
Mobile<mobile>