How to set up a Tor hidden service?

  • Seeing that I find the technical side of it extremely interesting, I want to try to set up a Tor hidden service. For this I am following the Torproject instructions. I installed Tor, have it running, installed a LAMP server, and then edited the /etc/tor/torrc file with the following lines:

    HiddenServiceDir /home/hubbtwea/hidden_service/
    HiddenServicePort 80

    Restarting tor (with sudo /etc/init.d/tor_restart) should then create the folder /home/hubbtwea/hidden_service/ with two files in it. Restarting goes fine:

     * Stopping tor daemon...               [ OK ]
     * Starting tor daemon...               [ OK ]

    but afterwards, there is no folder created in my home dir. I then try to restart Tor again (with the same command) and then it says the following:

     * Stopping tor daemon...               [fail]
     * Starting tor daemon...               [ OK ]

    It seems to be able to start, but not to stop (I wouldn't know why), and there is still no hidden_service folder created in my home folder.

    Does anybody know what I could be doing wrong here?

    What do the logs say? (/var/log/tor/log)

    Ah! Good tip! In there it said that permission was denied for creating the folder hidden_service. So I manually created it, chmodded it to 777 and chowned it to debian-tor. The last one did it. Thanks for the tip! (and I know, I'll chmod the dir to something more reasonable again).

    Great, maybe you can write a nice answer for your own question?

    Unfortunately I can't upvote comments yet, but otherwise I would have! If you just suggest it as an answer I'll gladly accept it.. :)

    @weasel-PeterPalfrader - Oh, and one more question: do you know why it (still) fails to stop, even though starting is successful?

    Still? Previously it failed to stop because it wasn't running - the permission error made it shut down. If it still fails to stop then something else is wrong.

    Ah, no excuse me. Now it stops perfectly as well. Thanks! I just wrote an answer to my own question as well, but unfortunately I can only answer my own question after 8 hours (because I have less than 10 reputation). I'll do so tomorrow. Oh, and if the info on the tor prject would be a wiki I would have added this to that page as well.

  • Tor checks the ownership of several files and directories at startup. One of those directories is the HiddenServiceDir. This should belong to the user who started the Tor process. Otherwise you will get the warning:

    Oct 06 12:34:56.000 [warn] /foo/bar is not owned by this user (johndoe, 1011) 
        but by root (0). Perhaps you are running Tor as the wrong user?

    It seems you are using Debian or some similar distribution. They use the system user debian-tor to run the Tor process. So you should make sure that the hidden service directory is owned by this user.

    Apart from that I would not recommend to put the hidden service data inside your home directory. This data is often accidentally deleted, put into some cloud or misused otherwise. So you risk to give those data out of your hand. Debian puts it by default into /var/lib/tor. This is often better than the home directory and also conform to the Filesystem Hierarchy Standard.

  • I just solved what I believe may be your problem as well.

    Try leaving the 'HiddenServiceDir' alone or back to it's normal value which I believe is

    HiddenServiceDir /var/lib/tor/hidden_service/

    Restart Yor with these

    sudo service tor stop
    sudo service tor start

    You won't have access to /var/lib/tor so to access the .onion address from /var/lib/tor/hidden_service/ you could use

    sudo cat /var/lib/tor/hidden_service/hostname
  • Check in the logs (/var/log/tor/log) if your LAMP and/or Tor has access to create a folder for your hidden service. You can create it manually (that is the best in that case) and then chmod it to 777 an chown to debian-tor. That should solve all your problems !

    (answer written based on comments)

    -1 for any answer that suggests chmoding anything to 777. And what has this to do with Apache, MySQL or PHP?

    weasel, anyway, tor will chmod backward this 777 to 700.

License under CC-BY-SA with attribution

Content dated before 7/24/2021 11:53 AM