Here are some simple steps to get you going with getting services you want to host under the Tor network hidden service. While they don’t seem simple up front they are.
These notes are based on my own testing and using my headless tor proxy server setup.
- Tor installed
- Tor running
Now my steps
- Install the services you want to host (http, https, ssh, chat service…) for the most part; anything you bind a port to for allow connections.
- Once you have a service setup, make sure you can connect to it from your local network.
- If it’s listening and allows you to connect, you are well on your way to setting up your hidden service on the Tor network.
- The next step involves you configuring your hidden service to point to the local machine service you have setup (*note* it doesn’t have to be)
- Using your favorite text editor (nano is mine) to edit the torrc file located (/etc/tor/)
- Scroll down until you find the section that has the configuration options for hidden services. I just search the file in nano for hidden.
- Here you will find line groups, each representing a hidden service. They will be commented out. I suggest keeping the the originals for reference and just copy new lines for the service I am configuring.
- Look for the following two lines: HiddenServiceDir and HiddenServicePort lines.
Some additional information about the hidden service directory and service port
HiddenServiceDir is a directory where Tor will store information about that hidden service. In particular, Tor will create a file here named hostname which will tell you the onion URL. You don’t need to add any files to this directory. Make sure this is not the same directory as the hidserv directory you created when setting up thttpd, as your HiddenServiceDir contains secret information!
HiddenServicePort lets you specify a virtual port (that is, what port people accessing the hidden service will think they’re using) and an IP address and port for redirecting connections to this virtual port.
The default lines look like:
#HiddenServicePort 80 127.0.0.1:80
In my case I host the service not on my small tor proxy server, but on another system in my local network. So I add the following lines:
HiddenServicePort 80 <ip of host in my network>:80
- Next I restart Tor. You can issue: service tor restart or /etc/init.d/tor restart
- Once Tor start again, a new directory will be created (if it didn’t exist already). Note it’s the one you had specified above (I use the default, but you can change this).
- Two files will be created in this path: private_key and hostname
- This is the part that had me confused when first setting up because I didn’t know where to find my .onion address for the Tor network.
The file Tor created called “hostname” contains a short summery of the file ‘private_key’ will look something like: jaindiknajnwoue33.onion. This will be the public name of your service and what you give to clients that connect to it.
*note* you can change this simply by stopping tor and deleting the hostname and private_key files.
It takes a few moments for your .onion address to show up.
2 replies on “Configuring & Hosting Hidden Services”
Hi pal can i run a hidden service on a raspberry pi
Yes, you can