efir369999/montana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7e79d99599
montana/Android/Внешний-аудит/приложения/ключи-узлов.md
Afgroup 74add769de sync 2026-05-18T19:11:45Z
2026-05-18 22:11:45 +03:00

71 lines
2.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Приложение Б. Reality public keys узлов Montana
Публичные параметры VPN-каскада. **Только публичные ключи** — privкeys хранятся на соответствующих узлах с UNIX 0640.
---
## Helsinki (`91.132.142.42`)
| Параметр | Значение |
|----------|----------|
| Reality public key (X25519) | `EkTs2aGKnFNgFZ0f7wgft2sJp3VjwFQqIrwkZKM4gD8` |
| shortId | `302805bc0c25e504` |
| serverName (SNI mimicry) | `www.googletagmanager.com` |
| publicly-exposed UUID | `e6d355e2-2d79-4c96-a373-3b0e6b6f4b0d` (универсальный) |
| Pinned email tag | `universal` |
| Fingerprint mimic | `chrome` |
| dest | `www.googletagmanager.com:443` |
---
## Frankfurt (`89.19.208.158`) — cascade exit only
| Параметр | Значение |
|----------|----------|
| Reality public key | `8MYYI4RX3Ra8ICkuqwexMhA5q1EWi87M1G0tX-h0iiM` |
| shortId | `97688ead4874632a` |
| UUID для cascade outbound (Helsinki → Frankfurt) | `e80af4df-8d46-413a-ad28-0f6bf2a300b8` (email `fra-genesis`) |
**Не публичен для клиентов** — только Helsinki использует для cascade.
---
## NewYork (`86.104.72.12`) — cascade exit only
| Параметр | Значение |
|----------|----------|
| Reality public key | `Sl4UZi0RTTYemu7-NAm-bI3M1DUzidqa_jn2eVqvVA8` |
| shortId | `b4a1b7eada8a4949` |
| UUID для cascade outbound (Helsinki → NewYork) | `b17dd919-772d-4268-a724-9b866b92d12b` (email `us-cascade`) |
**Не публичен для клиентов**.
---
## Genesis APK signing key
| Параметр | Значение |
|----------|----------|
| Алгоритм | SHA384withRSA |
| Размер | 4096 bit |
| Owner | `CN=Montana VPN, O=Montana Network, L=Genesis, C=RU` |
| Valid from | 2026-05-06 |
| Valid to | 2126-04-12 (100 лет) |
| **SHA-256 fingerprint** | `305bc99b40e6106f28c6fcc5dce4772761d2630d5aca9fee076dc0691913ce4d` |
| **SHA-1 fingerprint** | `a0be58ad4d9c353eb954daf530d808ff661d9a01` |
| Alias | `montana` |
Storage: `/Users/kh./Python/Ничто/Montana/Android/keystore/montana.keystore` (offline, у автора).
---
## Backend service identification
| Узел | DNS | TLS Certificate |
|------|-----|-----------------|
| `cdn.montana.quest` | A `91.132.142.42` | (нет TLS — Reality на :443) |
| `montana.quest` | A `176.124.208.93` | Let's Encrypt RSA 2048-bit, прод |
| `hub.montana.quest` | A `176.124.208.93` | Let's Encrypt |
Все Let's Encrypt сертификаты ротируются автоматически через `certbot` cron на Moscow.
Reference in New Issue View Git Blame Copy Permalink