Encrypted Voice RELAY server installation

Installation

RPM Installation

• Download the RPM. The current original distribution site is https://atghost.sra.com/~garfield/evrelay/. Current versions include builds for four different target architectures, and using either IPV6 or IPV4. (Use IPV6 if your system supports it.)
• Install the RPM as root using:

  # rpm -Uvh evrelay-1.00-1<variant>

  Alternatively, a number of GUI tools exist to install RPMs.
• Proceed to configuration.

Source Installation

Download the source.

Unpack the source using command:

$ tar xvf evrelay-1.00.tar.gz

Change directory into the unpacked source:

$ cd evrelay-1.00

Configure the compilation using:

$ ./configure options

Available options may be listed using "--help". Most options are fairly standard, and are described in file INSTALL. The only non-standard option likely to be use is "--disable-ipv6", which select IPv4 instead of IPv6.

When the RPM is built, the configuration line is one of:

$ ./configure --prefix=/usr --mandir=/usr/share/man --sysconfdir=/etc --enable-ipv6
$ ./configure --prefix=/usr --mandir=/usr/share/man --sysconfdir=/etc --disable-ipv6

Build and install using:

$ make
$ make install

You may need to be root to run the last command.

Proceed to configuration.

Configuration

Configuration involves editing a number of text files. For RPM installs, these files are in /etc/evrelay/. In the default configuration without parameters, these files would be in /usr/local/etc/evrelay/.

Documentation for the text files is in man page evrelay(1). Most files are something.config, and use only the first line. The critical entries to change are:

port_number.config

This file contains the port number that the server will listen for packets on. It defaults to 5000, is and should probably be specified.

server_name.config

This file contains the name that the server will identify itself as. This information may be used by the client to verify that it is talking to the server it things it is talking to. It defaults to "<server>", and should be specified.

server_password.config

This file contains the password or shared secret that the server will verify its identity with. This information may be used by the client to verify that it is talking to the server it things it is talking to. It defaults to "<password>", and should be specified.

users_filename.config

Specifies the filename from which user entries are written. This defaults to "users.list".

standard_flags.config

Specifies the default flags for users. Should probably read "log" unless you want to not have the information to respond to a subpoena.

log_*.config

These configure where logs go. Again, these should be set unless you want to not have the information to respond to a subpoena.

users.list (or as referenced by users_filename.config)

This file is not processed like the configuration files, and as such it can be anywhere, can be reloaded on demand, and all lines are significant. If this file cannot be read at startup, the server aborts. If this file cannot be read after a reload request, no users will be able to log in. Reload requests are made by the application evrupdateusers(1).

The format of the files is a series of lines reading either "username:password:flags" or "username:password". Comments starting with "#" are also recognized. The username and password are specified as plaintext. These may be interpreted as any character set preferred, provided newline, return, space, number sign, and colon are the same as in ASCII. (i.e. ISO-8859-1, UTF-8, and VISCII are fine, while UTF-16 is not.) If the flags are not specified, the value from standard_flags.config is used instead. If the flags are specified but blank, they are used as specified. Flags have the same meaning as in standard_flags.config.

Note: Reloading the user file does not affect any user that has already established a session. As such, you can't retroactively ask that a user be logged or wiretapped.

Running the server

If the RPM build was used, or the "--sysconfdir=/etc" was specified on the configure line, then the file /etc/rc.d/init.d/evrelay should exist. If you are running a RedHat variant, this can be made a normal service and started by running the commands (as root):

# chkconfig evrelay on
# service evrelay start

Otherwise, the server may need to be run by hand or by your own scripts. To run, cd into the configuration directory and run the installed program 'evrelay'.