[Tor-BSD] OpenBSD httpd hidden service

hue manatee huemanatee at riseup.net
Tue Dec 5 02:42:42 EST 2017


So, like any good bsd'er, I consulted 'man tor' and 'man httpd' and, of 
course, they described pretty clearly how to configure things. Below are 
the steps I followed. Would be nice to know if this location-hidden 
service IS indeed configured securely, but I'm not sure how to test. 
There is no ssl cert, not sure of this impact.

How to setup tor hidden service using httpd on OpenBSD 6.2:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Install tor package: `pkg_add tor'
----------------------------------

Ensure httpd is listening on 127.0.0.1:80
-----------------------------------------

* `mg /etc/httpd.conf'


* Under `# Macros' Comment out `ext_addr="*"'


* Under `# A minimal default server', change `ext_addr="*"' to 
`127.0.0.1 port 80'


Create a hidden services dir: `/var/tor/hidden_service'
-------------------------------------------------------

Change this dir's permissions to be owned by the _tor user
----------------------------------------------------------

* Ref: [https://project.altservice.com/issues/613]


* `chmod -R _tor:_tor /var/tor/'


* `chown -R 700 /var/tor'

Uncomment the following lines in: `/etc/tor/torrc'
--------------------------------------------------
HiddenServiceDir /var/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80

Start httpd: `/etc/rc.d/httpd -f start', ensure it reads `httpd(ok)'
--------------------------------------------------------------------

Start tor: `/etc/rc.d/tor -d start', ensure there are no error messages
-----------------------------------------------------------------------

If tor started ok, it will write a bunch of files to `/var/tor' and 
`/var/tor/hidden_service'
---------------------------------------------------------------------------------------------

`cat /var/tor/hidden_service/hostname' to see the onion address of your 
new hidden service
------------------------------------------------------------------------------------------

BONUS: Create a vanity .onion url
~~~~~~~~~~~~~~~~~~~~~~~~~~

See instructions here: [Ben Taskers]
------------------------------------

[Ben Taskers]
https://www.bentasker.co.uk/documentation/linux/291-generating-a-vanity-onion-address

Hue

On 12/04/2017 09:00 AM, tor-bsd-request at lists.nycbug.org wrote
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 04 Dec 2017 01:28:00 +0000
> From: George Rosamond <george at ceetonetechnology.com>
> To: tor-bsd at lists.nycbug.org
> Subject: Re: [Tor-BSD] OpenBSD httpd hidden service
> Message-ID:
> 	<86d6fbad-9326-e55d-8f64-f53bbe97ea96 at ceetonetechnology.com>
> Content-Type: text/plain; charset=windows-1252
>
> hue manatee:
>> Hello,
>>
>> I've been looking high and low online for some docs on how to create a
>> tor hidden service using httpd on openbsd. Without specific instructions
>> for httpd, i'm nervous i'll leak the services' ip or other critical
>> information.
>>
>> Anyone have docs they can point me towards?
> That's a good question, and I was planning on doing the documentation at
> some point. I'm not aware of anything out there.
>
> For http, I have used thttpd for years, and avoided other www servers.
>
> The first thing to keep is mind is that httpd.conf is only listening on
> localhost, and not on an external port.
>
> g



More information about the Tor-BSD mailing list