Tutorial: GNUnet on Ubuntu 18.04


Welcome to the hopefully painless GNUnet tutorial for Ubuntu 18.04! It provides very concrete instructions on how to compile, install and configure a current version of GNUnet. The goal is to support newcomers, either end users or developers, who want to get in touch with GNUnet for the first time. After installing GNUnet we will make sure that out new GNUnet installation is working correctly.

Attention: If you came across the official gnunet package for Ubuntu 18.04, ignore it! It is ancient and not compatible with current GNUnet installations.

Now let's start!


First let's install the following Ubuntu 18.04 packages to use GNUnet painlessly. Optional dependencies are listed in Appendix A. They are required for some experimental GNUnet features.

$ sudo apt install git libtool autoconf autopoint \
build-essential libgcrypt-dev libidn11-dev zlib1g-dev \
libunistring-dev libglpk-dev miniupnpc libextractor-dev \
libjansson-dev libcurl4-gnutls-dev gnutls-bin libsqlite3-dev \
openssl libnss3-tools libmicrohttpd-dev libopus-dev libpulse-dev \

Make an installation directory

Next we create a directory in our home directory where we store the source code later. We should keep this directory after installation because it contains Makefiles that can be used for uninstalling GNUnet again (see chapter *Uninstall GNUnet and its dependencies*).

$ mkdir ~/gnunet_installation

Get the source code

We download the GNUnet source code using git.

$ cd ~/gnunet_installation
$ git clone --depth 1 https://gnunet.org/git/gnunet.git

Compile and Install

Installing GNUnet is not hard. We have two options: installing a *production version* and installing a *development version*. If you want to start writing GNUnet applications or join the GNUnet development choose the development version (it will print more debug output and contains debug symbols that can be displayed with a debugger). Otherwise choose the production version.

Option 1: GNUnet for production / usage

$ cd ~/gnunet_installation/gnunet
$ ./bootstrap
$ ./configure --prefix=$GNUNET_PREFIX --disable-documentation --with-microhttpd=/opt/libmicrohttpd
$ sudo addgroup gnunetdns
$ sudo adduser --system --group --disabled-login --home /var/lib/gnunet gnunet
$ make -j$(nproc || echo -n 1)
$ sudo make install

Option 2: GNUnet for development

$ cd ~/gnunet_installation/gnunet
$ ./bootstrap
$ export CFLAGS="-g -Wall -O0"
$ ./configure --prefix=$GNUNET_PREFIX --disable-documentation --enable-logging=verbose
$ make -j$(nproc || echo -n 1)
$ sudo make install


Congratulations! GNUnet is now installed! Before we start it we need to create a configuration file. By default GNUnet looks in our home directory for the file `~/.config/gnunet.conf`. We can start with an empty file for now:

$ touch ~/.config/gnunet.conf

It's reccomended that you increase your bandwidth restrictions from the acutely low defaults. The example below sets the WAN and LAN limits to the value "unlimited".

$ gnunet-config -s ats -o WAN_QUOTA_IN -V unlimited
$ gnunet-config -s ats -o WAN_QUOTA_OUT -V unlimited
$ gnunet-config -s ats -o LAN_QUOTA_IN -V unlimited
$ gnunet-config -s ats -o LAN_QUOTA_OUT -V unlimited

Now we can start it with the command line tool `gnunet-arm` (Automatic Restart Manager).

$ gnunet-arm -s

It starts the default GNUnet services. We can list them with the `-I` option:

$ gnunet-arm -I
Running services:
ats (gnunet-service-ats)
revocation (gnunet-service-revocation)
set (gnunet-service-set)
nat (gnunet-service-nat)
transport (gnunet-service-transport)
peerstore (gnunet-service-peerstore)
hostlist (gnunet-daemon-hostlist)
identity (gnunet-service-identity)
namecache (gnunet-service-namecache)
peerinfo (gnunet-service-peerinfo)
datastore (gnunet-service-datastore)
zonemaster (gnunet-service-zonemaster)
zonemaster-monitor (gnunet-service-zonemaster-monitor)
nse (gnunet-service-nse)
cadet (gnunet-service-cadet)
dht (gnunet-service-dht)
core (gnunet-service-core)
gns (gnunet-service-gns)
statistics (gnunet-service-statistics)
topology (gnunet-daemon-topology)
fs (gnunet-service-fs)
namestore (gnunet-service-namestore)
vpn (gnunet-service-vpn)

For stopping GNUnet again we can use the `-e` option.

$ gnunet-arm -e

Use GNUnet!

Please head over here: Use!

Uninstall GNUnet and its dependencies

$ cd ~/gnunet_installation/gnunet
$ sudo make uninstall
$ cd ~/gnunet_installation/libmicrohttpd
$ sudo make uninstall
$ sudo apt remove git libtool autoconf autopoint build-essential libgcrypt-dev libidn11-dev zlib1g-dev libunistring-dev libglpk-dev miniupnpc libextractor-dev libjansson-dev libcurl4-gnutls-dev libsqlite3-dev
$ sudo apt autoremove
$ sudo userdel -r gnunet
$ sudo groupdel gnunet
$ sudo groupdel gnunetdns
$ sudo mv /etc/nsswitch.conf.original /etc/nsswitch.conf
$ sudo rm /lib/$(uname -m)-linux-gnu/libnss_gns.so.2


You can't reach other people's nodes

Should our computer not have reached the open GNUnet network automatically, we can manually instruct our node how to reach the nodes of our friends. This works by exchanging HELLO strings. This is how we get a hello string for our computer.

$ gnunet-peerinfo -gn

We can now pass this string to our friends "out of band" (using whatever existing chat or messaging technology). If the string contains some private IP networks we don't want to share, we can carefully edit them out.

Once we receive such strings from our friends, we can add them like this:

gnunet-peerinfo -p

Now our GNUnet nodes can attempt reaching each other directly. This may still fail due to NAT traversal issues.