Video Conferencing Essentials
Video Conferencing Essentials
by Helmi AJ – 24 Dec 2020
The Movement Control Order (MCO) which began on 18 March 2020 was the start of a new era.
Neighbourliness and good manners were no longer judged by close ties, but by the distance we maintain between ourselves and others.
Covid-19 demolished a number of industries. Airlines and tour companies have gone bankrupt. Retail outlets were hammered. Construction came to a standstill.
Yet many other industries benefitted. Glove makers are swimming in record profits. And now, logistics companies delivering Covid-19 vaccines stand to gain handsomely.
People have learnt to change their lifestyles. Dinners at restaurants have made way for home dining. Jogging is preferred over football. And office workers conduct video conferencing instead of face-to-face meetings.
Just like any other training companies, we were also affected by the MCO. Our digital strategy with a focus on online courses have helped us to continue engaging our customers throughout the MCO, the Conditional MCO (CMCO), the Recovery MCO (RMCO) and now a return to the CMCO. Except for a brief three months of the RMCO, we have been prohibited from conducting classes.
Many training providers caught by the MCO managed to negotiate with SIDC to deliver their content in live webinars. Zoom was the tool of choice for many. Others resorted to Google Meet, Cisco Webex and Microsoft Team.
The problem with many video conferencing apps like Zoom lies in their infrastructure. Participants are connected to each other through a network of servers. In the early days of Zoom, some of the servers were located in China.
The video and voice data hopped from one server to another before finally arriving at the other participants’ devices. The data are encrypted using Secure Socket Layer (SSL) with the idea of preventing anyone from being able to see what is happening.
Unfortunately, the current technologies are inadequately secure because every time the data lands at a server, the data are decrypted before subsequently being re-encrypted for the next hop. Anyone who has access to a server will be able to successfully snoop.
The only technology that resolves this issue is Google’s Web Real-Time Chat (WebRTC). Through browsers that allow for insertable streams, video and voice travelling from hop to hop are never decrypted until they reach the final destination. Anyone who snoops will only see static on their screens and hear noise.
While other technologies including Zoom employ hop-to-hop encryption, the WebRTC technology with insertable streams is currently the only one with true end-to-end encryption. One of its implementations is known as Jitsi Meet. At Neurover, we have set up a Jitsi Meet server that we call Huddle. While its purpose is for our live webinars, it is currently free for use by anyone. You can try it out and see if it suits you. For anyone who wants to set up a video conferencing server, below is our step-by-step guide.
We prefer a Virtual Private Server (VPS) running Ubuntu (pronounced ah-bun-too) which is a variant of the Linux operating system. A 1-2 GB and 1-2 core VPS should be sufficient.
The hosting company will ask for a hostname. This is the name of your VPS and is commonly given as server-id.your-domain.com. For example, Neurover’s server name could be server1.neurover.com.
After purchasing the VPS, you should receive the Internet Protocol (IP) address of the server, the port number, and your root username and password to connect to the server through Secure Shell (SSH) from your hosting company.
In addition to the VPS, you also need to purchase a domain name in order to set up SSL.
Download PuTTY which is a free and open-source terminal emulator and install it on your computer. Open PuTTY and key in your VPS IP address and port number. You can save them by giving it a name under Saved Sessions and pressing the Save button. Click the Open button.
At the terminal, key in root followed by your password. Then key in the following.
hostname
You should see the name of your VPS. Then key in the following command.
nano /etc/hosts
This will open the editor. Key in the following after the last line of the IP addresses.
127.0.0.1 server-id.your-domain.com
You should replace server-id.your-domain.com with your VPS name.
Press Ctrl and X simultaneously. When asked to save, type y for yes and press Enter. Key in the following.
ufw status
This will give you the list of ports which are open by your firewall. If the firewall is inactive, you need to enable it as follows.
ufw enable
You need to open a number of ports to allow communications to and from your VPS.
ufw allow ssh
ufw allow 80/tcp
ufw allow 443/tcp
ufw allow 4443/tcp
ufw allow your VPS port /tcp
ufw allow 10000:20000/udp
Key in the following command and make sure all the ports above have been opened.
ufw status
Next come the commands to start installing Jitsi Meet.
wget https://download.jitsi.org/jitsi-key.gpg.key
apt-get update && apt-get install -y gnupg2
apt-key add jitsi-key.gpg.key
rm jitsi-key.gpg.key
You may need to ensure the stable version is downloaded. Key in the following to open the editor.
nano /etc/apt/sources.list.d/jitsi-stable.list
Key in the following line in the editor.
deb https://download.jitsi.org stable/
Press Ctrl and X simultaneously. Type y to save and press Enter. Then key in the following to install Jitsi Meet.
apt install jitsi-meet
When prompted to key in the hostname, type your VPS name which is server-id.your-domain.com.
When prompted, select self-signed certificate.
Next key in the following.
apt install software-properties-common
add-apt-repository ppa:certbot/certbot
apt install certbot
Before you proceed to download the SSL certificate, you need to have a valid subdomain pointing to your VPS. The subdomain should be the same as your VPS name meaning server-id.your-domain.com.
Depending on where you purchased your domain name, you will now have to create an address record – or A record.
This could be done using the control panel – a special website – provided by your hosting company. You have to log in and then select your purchased domain name. Then select Manage DNS Records. DNS is short for Domain Name System. On the subsequent page, in the A record field, key in your server-id and the IP address. After that, click Add Record.
Alternatively, your hosting provider may allow you to only add A records using Cpanel. Click Zone Editor and then Add A Record. On the popup window, enter you server-id as your subdomain and your VPS IP address. Click the Add An A Record button.
Finally, type the following command on the PuTTY terminal.
/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
When prompted to enter your email address for notification, please type your email address.
Jitsi Meet should now be successfully installed on your server.
You can test it by typing the subdomain – server-id.your-domain.com – in the address bar of your browser. Feel free to enter a room name and launch Jitsi Meet. Do invite your friends and family to test drive the future of communications.
