or colleagues. Instant video conferences, efficiently adapting to your scale.
* Unlimited users: There are no artificial restrictions on the number of users or conference participants. Server power and bandwidth are the only limiting factors.
* No account needed.
* Lock-protected rooms: Control the access to your conferences with a password.
* Encrypted by default.
* High quality: Audio and video are delivered with the clarity and richness of Opus and VP8.
* Web browser ready: No downloads are required of your friends to join the conversation. Jitsi Meet works directly within their browsers as well. Simply share your conference URL with others to get started.
* 100% open source: Powered by awesome communities from all over the world. And your friends at 8x8.
* Invite by pretty URLs: You can meet at the easy to remember https://example.com/OurConf of your choice instead of joining the hard to remember rooms with seemingly random sequences of numbers and letters in their names.
(Warning: when using a Jitsi Meet instance, your stream is encrypted on the
network but decrypted on the machine that hosts the bridge.
See [https://github.com/jitsi/jitsi-meet/issues/409#issuecomment-355406112]
for more information.)
- License:Apache License 2.0
The central component of Jitsi Meet is the Prosody XMPP server which is responsible for user management among other tasks, like authentication. Open the configuration file of your domain with your preferred text editor. Jitsi is an open-source web conferencing tool designed to help businesses of all sizes collaborate across teams via video conferencing in real-time. Key features of the platform include dial-in, simulcasting, call recording, screen sharing, and scalable video coding among others. The system allows participants to exchange texts, secure rooms. Jitsi Meet has a few security and privacy measures that set it aside from Zoom. For once, Jitsi Meet is an open-source project, meaning anyone can download and vet the project. At the time of writing, there are no security warnings relating to Jitsi Meet sending data to external sources or leaking private information elsewhere.
Packages
Although APK downloads are available below to give you the choice, you should be aware that by installing that way you will not receive update notifications and it's a less secure way to download. We recommend that you install the F-Droid client and use that.
- Version 21.0.0 (210000) suggested Added on 2021-04-07
This version requires Android 6.0 or newer.
It is built and signed by F-Droid, and guaranteed to correspond to this source tarball.
This app can add, remove, or change calendar events on your phone. This app can send messages that may appear to come from calendar owners, or change events without notifying their owners.This app can read all calendar events stored on your phone and share or save your calendar data.Download APK 81 MiB PGP Signature | Build Log
This version requires Android 6.0 or newer.
It is built and signed by F-Droid, and guaranteed to correspond to this source tarball.
Permissions
- Allows the app to view information about network connections such as which networks exist and are connected.
- Allows the app to view the configuration of the Bluetooth on the phone, and to make and accept connections with paired devices.
- This app can take pictures and record videos using the camera at any time.
- Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet.
- Allows the app to route its calls through the system in order to improve the calling experience.
- Allows the app to modify global audio settings such as volume and which speaker is used for output.
- This app can record audio using the microphone at any time.
- This app can appear on top of other apps or other parts of the screen. This may interfere with normal app usage and change the way that other apps appear.
- Allows the app to prevent the phone from going to sleep.
- Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices.
- Allows the app to make use of foreground services.
- add or modify calendar events and send email to guests without owners' knowledgeThis app can add, remove, or change calendar events on your phone. This app can send messages that may appear to come from calendar owners, or change events without notifying their owners.
- This app can read all calendar events stored on your phone and share or save your calendar data.
Download APK 80 MiB PGP Signature | Build Log
This version requires Android 6.0 or newer.
It is built and signed by F-Droid, and guaranteed to correspond to this source tarball.
Permissions
- Allows the app to view information about network connections such as which networks exist and are connected.
- Allows the app to view the configuration of the Bluetooth on the phone, and to make and accept connections with paired devices.
- This app can take pictures and record videos using the camera at any time.
- Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet.
- Allows the app to route its calls through the system in order to improve the calling experience.
- Allows the app to modify global audio settings such as volume and which speaker is used for output.
- This app can record audio using the microphone at any time.
- This app can appear on top of other apps or other parts of the screen. This may interfere with normal app usage and change the way that other apps appear.
- Allows the app to prevent the phone from going to sleep.
- Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices.
- Allows the app to make use of foreground services.
- add or modify calendar events and send email to guests without owners' knowledgeThis app can add, remove, or change calendar events on your phone. This app can send messages that may appear to come from calendar owners, or change events without notifying their owners.
- This app can read all calendar events stored on your phone and share or save your calendar data.
Download APK 80 MiB PGP Signature | Build Log
A basic installation of Jitsi Meet gets you up and running within shortest time, probably in less than 15 minutes. There are hardly any configuration changes necessary. Most important information is a fully qualified domain name (FQDN), and that's it.
However such a default installation of Jitsi Meet is open. Meaning, that anyone knowing the URL of your server can create a new meeting room and start to have video conferences using your instance and probably causing additional cost.
In this second article on Jitsi Meet we are going to enable authentication to avoid any misuse from public users. Please read Install Jitsi Meet on Compute Engine (GCP) in case you have not created your own instance yet.
Securing your instance of Jitsi Meet requires three configuration changes plus the creation of user accounts with permission to host conference calls.
Let's have a look at the architecture of Jitsi Meet to get a better understanding.
It is possible to allow only authenticated users for creating new conference rooms. Whenever a new room is about to be created Jitsi Meet will prompt for user name and password. After the room is created others will still be able to join from an anonymous domain.
Extend the Prosody configuration
The central component of Jitsi Meet is the Prosody XMPP server which is responsible for user management among other tasks, like authentication.
Open the configuration file of your domain with your preferred text editor.
Here you change the current value of authentication from anonymous
to internal_hashed
like so.
Additionally, you add a new virtual host definition at the end of the same file.
Save the file to confirm the modifications.
Note: The domain of the guest VirtualHost is internal only. It does not require any DNS record or SSL certificate.
Www.jitsi.org
The outcome is now that the primary VirtualHost of your Jitsi instance would require any kind of authentication to create a conference meeting room whereas the VirtualHost for guests still grants access to anonymous users.
Add guest domain to Jitsi Meet frontend
After adding the guest domain to the XMPP server component, you need to add this VirtualHost to the configuration object in the web frontend.
Open the config file with a text editor.
Then you add the directive anonymousdomain
into your hosts
object.
Save and close the configuration file to confirm your modifications.
As you might see in the comment in the hosts sections, it already stipulates that your instance is going to use the new domain for guest users.
Change Jitsi Conference Focus
Next, you have to configure the Jitsi Conference Focus (jicofo) component to allow requests from an authenticated domain only. For that you need to add the protected URL to the properties files. Open it with a text editor.
Add the key-value pair org.jitsi.jicofo.auth.URL=XMPP:<domain>
at the end of the file, and save it.
Restart all Jitsi services involved
With all changes mentioned above you need to restart the services to apply all modifications. Run the following commands or restart your VM instance completely.
Jitsi Port
Check the log files
Should you come across some unexpected issues always have a look at the log files first. Here is a brief overview of where to check.
Create your moderators
For the last step, now that authentication is active, you need to create at least one user which is going to have permissions to create meeting rooms.
According to the architecture it is the Prosody component which is responsible for this part. The command prosodyctl
helps you to manage your XMPP server and therefore your user base.
You can add and enable a user with the following command.
The syntax is described here.
Unfortunately, this is not GDPR-compliant, because “enabling users to set their password without the admin knowing it” is a basic and unavoidable security measure.
Congratulations!
You completed all necessary steps to enable authentication in your instance of Jitsi Meet. All steps described above are mainly based on the official guide to Secure domain on GitHub.
Let's try it...
Authenticate against your instance of Jitsi Meet
Open a browser and navigate to your URL of Jitsi Meet. The site should load as before and there are no obvious changes visible. Authentication is bound to the creation of a meeting room only.
Either you choose an existing meeting room or you enter a new name and click on GO
to start the video conference session. If you are not authenticated the site will now place you in some kind of virtual lobby until a moderator or host arrives.
In case that you are the host of the meeting click on I am the host
and you will be asked to enter your credentials. You can either enter just the user name without your domain or the fully qualified user name including the domain - both approaches will work.
Enter your passphrase and click OK
. With successful authentication against Prosody the Jitsi Meet component will grant you access to the meeting room and assign moderator permissions to your account.
Public access is still possible as soon as a moderator (host) is present in the meeting room.
As a moderator you will get additional options under Settings > More which allow you to control what should happen when someone enters the meeting room, e.g. being automatically muted or not being visible to other participants.
Enjoy your next, secure video conference.
Consider to set password per meeting room
An additional level of protection against 'Zoom-bombing' or unwanted intrusion into a video conference would be to activate the password of the meeting room.
Click on the i
circle in the bottom right area and click on Add password
in the popup dialog.
Enter your room-specific password and hit Enter
to confirm your choice.
Note: The password of a meeting room is not persistent and needs to set each time that you would join / start a conference call. You cannot launch a meeting room with an initial password already set.
What's Next?
Perhaps you noticed that the visual appearance of the Jitsi Meet instance running for MSCC looks slightly different to the default installation.
The next article in this series is going to dive deeper into the possibilities to customise the look of your instance of Jitsi Meet.