Simple Self-Hosted Encrypted Instant Messenger for family and friends

YmpkerYmpker OGContent Writer

Hello, everyone.
With the ways EU Chat-Control is going, I thought I'd play a bit around with self-hosted encrypted IM solutions to eventually communicate with my family and some friends there. There's still Signal, Telegram (secret chat) and other solutions that are probably quite solid, but just wanna see what's out there.

I've already had a look at AwesomeSelfhosted, but smth like Mattermost seems overkill. Has anyone of you already tried self-hosting an IM (maybe xmpp)? What was your experience?

Thanked by (1)mreugeneua
«1

Comments

  • skhronskhron Hosting Provider
    edited June 14

    Both prosody and ejabberd are nice, the issue is unfriendliness of available client applications for XMPP.

    On the other hand, there is Matrix, but it is much heavier comparing to XMPP and personally, I dislike its' official JavaScript clients. Alternative ones are lacking some features or are worse from an UX point of view.

    Thanked by (3)Ympker skorous yoursunny

    Check our KVM VPS (flags are clickable): 🇵🇱 🇸🇪 | Looking glass: 🇵🇱 🇸🇪

  • YmpkerYmpker OGContent Writer

    @skhron said:
    Both prosody and ejabberd are nice, the issue is unfriendliness of available client applications for XMPP.

    On the other hand, there is Matrix, but it is much heavier comparing to XMPP and personally, I dislike its' official JavaScript clients. Alternative ones are lacking some features or are worse from an UX point of view.

    Thanks for the feedback. Yeah, I also thought some XMPP might be nice, but I agree client applications can be a bit unfriendly.

    I also think Snikket looks interesting, but "too small/fresh" a project for me to consider it (yet): https://snikket.org/

  • skhronskhron Hosting Provider
    edited June 14

    @Ympker said: I also think Snikket looks interesting, but "too small/fresh" a project for me to consider it (yet): https://snikket.org/

    Looks like XMPP but rebranded. Their client application for a smartphone is very similar to what Conversations looks like. From github, their server seems to be prosody wrapper.

    Thanked by (1)Ympker

    Check our KVM VPS (flags are clickable): 🇵🇱 🇸🇪 | Looking glass: 🇵🇱 🇸🇪

  • YmpkerYmpker OGContent Writer

    @skhron said:

    @Ympker said: I also think Snikket looks interesting, but "too small/fresh" a project for me to consider it (yet): https://snikket.org/

    Looks like XMPP but rebranded. Their client application for a smartphone is very similar to what Conversations looks like. From github, their server seems to be prosody wrapper.

    Yeah, they said they're compatible with any xmpp client, too

  • YmpkerYmpker OGContent Writer

    @skhron said:

    @Ympker said: I also think Snikket looks interesting, but "too small/fresh" a project for me to consider it (yet): https://snikket.org/

    Looks like XMPP but rebranded. Their client application for a smartphone is very similar to what Conversations looks like. From github, their server seems to be prosody wrapper.

    Turns out, Snikket is a "sister project" from Prosody: https://prosody.im/download/

    New to XMPP? Looking for a simple preconfigured complete messaging server you can run in Docker? Take a look at our sister project, Snikket!

    Thanked by (1)skhron
  • I use both XMPP and Matrix. The Matrix server is a lot heavier than an XMPP server, but the ecosystem is much wider with various clients for most platforms.

    If your goal is to have your family and friends in the same system later on, Matrix allows for a gradual shift via their bridges with other (chat) systems.

    I run XMPP as well as Matrix via Yunohost, which offers a friendly installer and configures resources as needed, complete with the necessary DNS records if you run a supported DNS provider.

  • For anyone saying Matrix -- Matrix on itself is fine (though heavy) but the client is what bugs me the most. IMHO there isn't any "good" client for Android except Element, which itself is f**ked to oblivion, insane load times, bugs everywhere, sometimes it works and sometimes it doesn't. I switched to Signal for that reason, but if I had to self host, I would probably host XMPP (and if I remember correctly, WhatsApp also used to use XMPP/Jabber at one time)

    youtube.com/watch?v=k1BneeJTDcU

  • For Matrix as a server, you can also use conduit or conduwuit, which is much more lightweight then synapse.

  • edited June 14

    @Ympker said:
    Telegram (secret chat)

    Yes, Telegram is by far the best one among the "cloud" messengers.

    smth like Mattermost seems overkill.

    Exactly. I'm unaware of the non-monstrous modern self-hosted messengers.
    Keep in mind that most of their clients also use Electron.

    (maybe xmpp)?

    Another yes. Probably the only reasonable self-hosted option.
    Server is Prosody (other ones are for setups with thousands of users), client is most likely Conversations (with OMEMO enabled).

    Thanked by (2)Ympker crunchbits
  • YmpkerYmpker OGContent Writer

    @DataRecovery said:

    @Ympker said:
    Telegram (secret chat)

    Yes, Telegram is by far the best one among the "cloud" messengers.

    smth like Mattermost seems overkill.

    Exactly. I'm unaware of the non-monstrous modern self-hosted messengers.
    Keep in mind that most of their clients also use Electron.

    (maybe xmpp)?

    Another yes. Probably the only reasonable self-hosted option.
    Server is Prosody (other ones are for setups with thousands of users), client is most likely Conversations (with OMEMO enabled).

    Thanks for replying! :)
    Will have a look at Prosody :D I know, this is probably a discussion that has already taken place many times, but why would you consider TG Secret Chat better than Signal? (I was always under the impression that Signal was better in that regard? Maybe you can explain?)

  • skhronskhron Hosting Provider

    @Ympker said: why would you consider TG Secret Chat better than Signal? (I was always under the impression that Signal was better in that regard? Maybe you can explain?)

    Telegram is better adopted and more popular in general. However from technical POV, Signal has more advanced crypto.

    Thanked by (1)Ympker

    Check our KVM VPS (flags are clickable): 🇵🇱 🇸🇪 | Looking glass: 🇵🇱 🇸🇪

  • YmpkerYmpker OGContent Writer

    @skhron said:

    @Ympker said: why would you consider TG Secret Chat better than Signal? (I was always under the impression that Signal was better in that regard? Maybe you can explain?)

    Telegram is better adopted and more popular in general. However from technical POV, Signal has more advanced crypto.

    Ah, that was also how I remembered it. Signal the better crypto/privacy, but Telegram is waay more popular. About 40 of my contacts show up on Signal, but only 2-3 ppl actually use it or even bother replying. I know more of my friends who actually use TG, not only have it installed. But I never got it, because I thought it was a shame e2e encryption wasn't enabled by default.

  • We deploy full private 5G network and send text messages.

    Thanked by (2)Ympker wankel

    HostBrr aff best VPS; VirmAche aff worst VPS.
    Unable to push-up due to shoulder injury 😣

  • IRC server (like UnrealIRCD) - a simple and old school way to chat, now with SSL.

    Thanked by (1)Ympker
  • edited June 15

    I run unrealircd, Matrix, Dendrite (matrix server in Go) and OpenFire (xmpp). All work well, it's just a matter of the client you use for each service. Personally, my whole immediate family uses Matrix because the client, Element, is pretty slick. Matrix operates a lot like xmpp/irc with rooms and one-on-one chats, and it's stable. The server has been running for 5 years now, with a few server (hardware) moves in between and it didn't even blink. </2cents>

    Thanked by (2)Ympker skorous
  • Does Matrix sync every client, similar to how Discord works when you access it from your phone/browser/computer? Looking for something similar to Discord for my wife and me to use that I can self-host and keep encrypted.

  • skhronskhron Hosting Provider

    @SocksAreComfortable said: Does Matrix sync every client, similar to how Discord works when you access it from your phone/browser/computer?

    Yes, the history is available using all sessions simultaneously. The only issue possible is with syncing very old messages due to how their encryption keys exchange works.

    Thanked by (1)SocksAreComfortable

    Check our KVM VPS (flags are clickable): 🇵🇱 🇸🇪 | Looking glass: 🇵🇱 🇸🇪

  • edited June 15

    @Ympker said:
    why would you consider TG Secret Chat better
    I thought it was a shame e2e encryption wasn't enabled by default

    Telegram is about convenience.
    You need to just try it.
    Amazing desktop client (native app!), structured chats (subgroups), channels, bots, which are easy to develop and which can be added to your chat(-s) as well, picture and file exchange, music, etc.

    Also, if you say "family and friends", I would ditch all the secret chats and go with the regular "cloud" ones. Secret chats are tied to a single device, cloud chats are synced on all the devices you own.

    Let me know if you'd like to try Telegram - I'll give a couple of suggestions regarding apps (yes, there are multiple, many of them are open-source).

    why would you consider TG Secret Chat better than Signal? (I was always under the impression that Signal was better in that regard?
    Ah, that was also how I remembered it. Signal the better crypto/privacy

    Personally I don't trust Signal at all.

    Their crypto algorithm / protocol is declared to be used in Whatsapp, Facebook Messenger, Google Allo (shut down), Viber, and Skype at least. That's close to 100% of messaging apps coverage in USA and "5-eyes" countries.

    This can't be a coincidence. Either NSA can do something with the protocol or they're satisfied with the "cloud chat backups".

    Signal is also being funded by some of the three letter agencies through one of the non-profit "open-freedom-democracy-equality" funds. Do not recall all the details right away, need to search to tell more.

    P.S.
    Just in case, it's not just Signal - I'm unsure which of the modern "super secure" messengers can be trusted.

    Thanked by (2)Ympker Otus9051
  • @DataRecovery said: Also, if you say "family and friends", I would ditch all the secret chats and go with the regular "cloud" ones. Secret chats are tied to a single device, cloud chats are synced on all the devices you own.

    What do you mean by "secret chats"? And "cloud chats"?

    As mentioned above, server side Matrix is distributed, federated and can be self hosted. Your clients exchange keys so they can decrypt the shared "room" in which the chat finds place. Such a room can be a chat between two people each with only one client on a single device. Each client that connects, either from the same device, another device, or another account, can receive the shared history, provided the room is configured to allow the sharing of history.

    Aside from being self-hostable, the whole system being open source counts as an important benefit to me.

    @DataRecovery said: Their crypto algorithm / protocol is (...) in USA and "5-eyes" countries.

    What I could find 1-2-3 about Signal/TextSecure on Wikipedia:

    The protocol combines the Double Ratchet Algorithm, prekeys, and a triple Elliptic-curve Diffie–Hellman (3-DH) handshake,[5] and uses Curve25519, AES-256, and HMAC-SHA256 as primitives.[6]

    The names of the algorithms look eerily familiar from SSH, TSL and OMEMO. If an algorithm doesn't look familiar, or worse, is "self invented proprietary", I'd worry...

    Thanked by (1)skorous
  • @DataRecovery said: I'm unsure which of the modern "super secure" messengers can be trusted.

    Make your own cipher, pretend its the Cold War.

    youtube.com/watch?v=k1BneeJTDcU

  • signal?! really?

  • chadsixchadsix Services Provider

    I'd have to say that XMPP is without a doubt your best bet.
    You can use OMEMO and frankly, no 3rd party messaging platform can be trusted. You have to host it yourself.

    Jabber for the win!

    Thanked by (1)Ympker

    Start self hosting with an external IP with IPv6rs.
    The only thing between your host and your data is trust. Trust is not security.

  • YmpkerYmpker OGContent Writer

    @chadsix said:
    I'd have to say that XMPP is without a doubt your best bet.
    You can use OMEMO and frankly, no 3rd party messaging platform can be trusted. You have to host it yourself.

    Jabber for the win!

    I've actually given Snikket (based on Prosody xmpp+omemo) a go and was amazed at how easy it was to set up. Got it up and running in minutes and already tried it with friends :D

    Thanked by (3)chadsix skorous wankel
  • @Otus9051 said:

    @DataRecovery said: I'm unsure which of the modern "super secure" messengers can be trusted.

    Make your own cipher, pretend its the Cold War.

    My question is, why do you even need a super secure encryption for family chats?

    My family chats is usually around groceries things and family trip. Hehe.

    Thanked by (1)Ympker
  • @Fritz said:

    @Otus9051 said:

    @DataRecovery said: I'm unsure which of the modern "super secure" messengers can be trusted.

    Make your own cipher, pretend its the Cold War.

    My question is, why do you even need a super secure encryption for family chats?

    My family chats is usually around groceries things and family trip. Hehe.

    The government does not need to know what I eat!!!

    youtube.com/watch?v=k1BneeJTDcU

  • edited June 22

    Can you imagine summoning the whole family to a self-hosted ssl IRC server, chatting on the #family channel, and using XDCC for files transfers? It would be absolutely fabulous.

    Thanked by (2)Ympker root
  • YmpkerYmpker OGContent Writer

    @Mumbly said:
    Can you imagine summoning the whole family to a self-hosted ssl IRC server, chatting on the #family channel, and using XDCC for files transfers? It would be absolutely fabulous.

    IRC..the memories

  • I keep reading about this: https://github.com/balzack/databag

    Have not had time to test myself yet

    Thanked by (1)Ympker
  • @Fritz said:

    @Otus9051 said:

    @DataRecovery said: I'm unsure which of the modern "super secure" messengers can be trusted.

    Make your own cipher, pretend its the Cold War.

    My question is, why do you even need a super secure encryption for family chats?

    My family chats is usually around groceries things and family trip. Hehe.

    Thanked by (1)Ympker
Sign In or Register to comment.