Simple Self-Hosted Encrypted Instant Messenger for family and friends
Hello, everyone.
With the ways EU Chat-Control is going, I thought I'd play a bit around with self-hosted encrypted IM solutions to eventually communicate with my family and some friends there. There's still Signal, Telegram (secret chat) and other solutions that are probably quite solid, but just wanna see what's out there.
I've already had a look at AwesomeSelfhosted, but smth like Mattermost seems overkill. Has anyone of you already tried self-hosting an IM (maybe xmpp)? What was your experience?
Thanked by (1)mreugeneua
Comments
Both prosody and ejabberd are nice, the issue is unfriendliness of available client applications for XMPP.
On the other hand, there is Matrix, but it is much heavier comparing to XMPP and personally, I dislike its' official JavaScript clients. Alternative ones are lacking some features or are worse from an UX point of view.
Check our KVM VPS (flags are clickable): 🇵🇱 🇸🇪 | Looking glass: 🇵🇱 🇸🇪
Thanks for the feedback. Yeah, I also thought some XMPP might be nice, but I agree client applications can be a bit unfriendly.
I also think Snikket looks interesting, but "too small/fresh" a project for me to consider it (yet): https://snikket.org/
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
Looks like XMPP but rebranded. Their client application for a smartphone is very similar to what Conversations looks like. From github, their server seems to be prosody wrapper.
Check our KVM VPS (flags are clickable): 🇵🇱 🇸🇪 | Looking glass: 🇵🇱 🇸🇪
Yeah, they said they're compatible with any xmpp client, too
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
Turns out, Snikket is a "sister project" from Prosody: https://prosody.im/download/
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
I use both XMPP and Matrix. The Matrix server is a lot heavier than an XMPP server, but the ecosystem is much wider with various clients for most platforms.
If your goal is to have your family and friends in the same system later on, Matrix allows for a gradual shift via their bridges with other (chat) systems.
I run XMPP as well as Matrix via Yunohost, which offers a friendly installer and configures resources as needed, complete with the necessary DNS records if you run a supported DNS provider.
For anyone saying Matrix -- Matrix on itself is fine (though heavy) but the client is what bugs me the most. IMHO there isn't any "good" client for Android except Element, which itself is f**ked to oblivion, insane load times, bugs everywhere, sometimes it works and sometimes it doesn't. I switched to Signal for that reason, but if I had to self host, I would probably host XMPP (and if I remember correctly, WhatsApp also used to use XMPP/Jabber at one time)
youtube.com/watch?v=k1BneeJTDcU
For Matrix as a server, you can also use conduit or conduwuit, which is much more lightweight then synapse.
Maybe https://delta.chat/es/chatmail
Yes, Telegram is by far the best one among the "cloud" messengers.
Exactly. I'm unaware of the non-monstrous modern self-hosted messengers.
Keep in mind that most of their clients also use Electron.
Another yes. Probably the only reasonable self-hosted option.
Server is Prosody (other ones are for setups with thousands of users), client is most likely Conversations (with OMEMO enabled).
☰ Probably the best Black Friday storage offers — AMD EPYC VDSes with NVMe slices (ref) from 250GB to 4TB and 500GB–10TB SAN disk. / Big HDD storage VPSes (ref) from $2.42/month per TB. / Storage dedis and hybrid VPS (SSD + HDD) are there as well.
Thanks for replying!
Will have a look at Prosody I know, this is probably a discussion that has already taken place many times, but why would you consider TG Secret Chat better than Signal? (I was always under the impression that Signal was better in that regard? Maybe you can explain?)
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
Telegram is better adopted and more popular in general. However from technical POV, Signal has more advanced crypto.
Check our KVM VPS (flags are clickable): 🇵🇱 🇸🇪 | Looking glass: 🇵🇱 🇸🇪
Ah, that was also how I remembered it. Signal the better crypto/privacy, but Telegram is waay more popular. About 40 of my contacts show up on Signal, but only 2-3 ppl actually use it or even bother replying. I know more of my friends who actually use TG, not only have it installed. But I never got it, because I thought it was a shame e2e encryption wasn't enabled by default.
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
We deploy full private 5G network and send text messages.
Accepting submissions for IPv6 less than /64 Hall of Incompetence.
IRC server (like UnrealIRCD) - a simple and old school way to chat, now with SSL.
Stop the planet! I want to get off!
I run unrealircd, Matrix, Dendrite (matrix server in Go) and OpenFire (xmpp). All work well, it's just a matter of the client you use for each service. Personally, my whole immediate family uses Matrix because the client, Element, is pretty slick. Matrix operates a lot like xmpp/irc with rooms and one-on-one chats, and it's stable. The server has been running for 5 years now, with a few server (hardware) moves in between and it didn't even blink. </2cents>
Does Matrix sync every client, similar to how Discord works when you access it from your phone/browser/computer? Looking for something similar to Discord for my wife and me to use that I can self-host and keep encrypted.
Yes, the history is available using all sessions simultaneously. The only issue possible is with syncing very old messages due to how their encryption keys exchange works.
Check our KVM VPS (flags are clickable): 🇵🇱 🇸🇪 | Looking glass: 🇵🇱 🇸🇪
Telegram is about convenience.
You need to just try it.
Amazing desktop client (native app!), structured chats (subgroups), channels, bots, which are easy to develop and which can be added to your chat(-s) as well, picture and file exchange, music, etc.
Also, if you say "family and friends", I would ditch all the secret chats and go with the regular "cloud" ones. Secret chats are tied to a single device, cloud chats are synced on all the devices you own.
Let me know if you'd like to try Telegram - I'll give a couple of suggestions regarding apps (yes, there are multiple, many of them are open-source).
Personally I don't trust Signal at all.
Their crypto algorithm / protocol is declared to be used in Whatsapp, Facebook Messenger, Google Allo (shut down), Viber, and Skype at least. That's close to 100% of messaging apps coverage in USA and "5-eyes" countries.
This can't be a coincidence. Either NSA can do something with the protocol or they're satisfied with the "cloud chat backups".
Signal is also being funded by some of the three letter agencies through one of the non-profit "open-freedom-democracy-equality" funds. Do not recall all the details right away, need to search to tell more.
P.S.
Just in case, it's not just Signal - I'm unsure which of the modern "super secure" messengers can be trusted.
☰ Probably the best Black Friday storage offers — AMD EPYC VDSes with NVMe slices (ref) from 250GB to 4TB and 500GB–10TB SAN disk. / Big HDD storage VPSes (ref) from $2.42/month per TB. / Storage dedis and hybrid VPS (SSD + HDD) are there as well.
What do you mean by "secret chats"? And "cloud chats"?
As mentioned above, server side Matrix is distributed, federated and can be self hosted. Your clients exchange keys so they can decrypt the shared "room" in which the chat finds place. Such a room can be a chat between two people each with only one client on a single device. Each client that connects, either from the same device, another device, or another account, can receive the shared history, provided the room is configured to allow the sharing of history.
Aside from being self-hostable, the whole system being open source counts as an important benefit to me.
What I could find 1-2-3 about Signal/TextSecure on Wikipedia:
The names of the algorithms look eerily familiar from SSH, TSL and OMEMO. If an algorithm doesn't look familiar, or worse, is "self invented proprietary", I'd worry...
Make your own cipher, pretend its the Cold War.
youtube.com/watch?v=k1BneeJTDcU
signal?! really?
I'd have to say that XMPP is without a doubt your best bet.
You can use OMEMO and frankly, no 3rd party messaging platform can be trusted. You have to host it yourself.
Jabber for the win!
Start self hosting with an external IP with IPv6rs.
The only thing between your host and your data is trust. Trust is not security.
I've actually given Snikket (based on Prosody xmpp+omemo) a go and was amazed at how easy it was to set up. Got it up and running in minutes and already tried it with friends
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
My question is, why do you even need a super secure encryption for family chats?
My family chats is usually around groceries things and family trip. Hehe.
https://microlxc.net/
The government does not need to know what I eat!!!
youtube.com/watch?v=k1BneeJTDcU
Can you imagine summoning the whole family to a self-hosted ssl IRC server, chatting on the #family channel, and using XDCC for files transfers? It would be absolutely fabulous.
IRC..the memories
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
I keep reading about this: https://github.com/balzack/databag
Have not had time to test myself yet
Stop the planet! I want to get off!