Tuesday, February 1, 2011

Enabling IPv6 Privacy Extensions on Ubuntu Linux

On plain Ubuntu (and probably other Linux variants), the right hand part of the IPv6 address is based on your MAC address. As your MAC address is fixed and worldwide unique, you can be traced around the (IPv6) world based on your IPv6 (containing your MAC address). And often this is not wanted.

There's a solution for this called "IPv6 Privacy Extensions". It will give you semi-random IPv6 address, that will be changed regularly. The result is less tracking and more privacy.

Here's how to enable IPv6 Privacy Extensions on Ubuntu and probably other Linux variants:

As root, edit the file /etc/sysctl.conf, for example:

gksudo gedit /etc/sysctl.conf

In that file, add these lines:

net.ipv6.conf.wlan0.use_tempaddr = 2
net.ipv6.conf.eth0.use_tempaddr = 2
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2

Save the file and exit the editor. Then reload your network, or just reboot.
(BTW: the above lines are based on interface eth0 and wlan0)

After the reboot, ifconfig will now show a second public IPv6 address on interface(s) that used to have only one public IPv6 address. On http://www.appelboor.com/ipv6.html and http://test-ipv6.com/ you should your new, "private" public IPv6 address.

2 comments:

obispo said...

Very informative post! I've been using IPv6 also in my Ubuntu Workstation and been blogging about it at IPv6 Philippines.

Bachsau said...

Just use

net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2

and don't need to care about interfaces anymore.