---------------------------------------- | |
gopher.black on tor, part 1 | |
April 27th, 2018 | |
---------------------------------------- | |
I'm working on adding a tor hidden service to gopher.black so you | |
can enjoy all my steamy content anonymously, you sneaky vixen. | |
Honestly, the idea seemed a bit daunting but it's turned out to be | |
pretty straight forward. While I'm not at 100% yet, I thought | |
I learned enough to share while it's fresh in my mind. | |
Here's the main steps going from a normal gopher server to | |
a torified one: | |
- Install tor | |
- Configure tor to point to your server | |
- Start tor | |
- Find your hostname | |
Step 1: Install tor | |
Check out the install instructions on the tor website. In most | |
cases it's as simple as: | |
sudo apt install tor | |
Step 2: Configure tor to point to your server | |
Everything you need to configure in tor is located at | |
/etc/tor/torrc. Open that bad-boy up and jump down a bit until you | |
find the section on Hidden Services. Mine is around line 72. | |
Uncomment them and make it look like so: | |
HiddenServiceDir /var/lib/tor/hidden_service/ | |
HiddenServicePort 71 127.0.0.1:70 | |
The first line is where your hidden service will store all its | |
secret shenanigans, like the private key it's going to | |
auto-generate for you. We'll look there in a minute to find the | |
hostname. | |
The second line describes Tor's mapping of fake port to real port. | |
Since we have our gopher hole running on port 70 that's what we | |
reference on the right. For now, we're going to tell Tor to | |
pretend port 71 is what we want to use publicly. | |
Step 3: Start tor | |
sudo service tor start # or whatever your machine uses | |
Step 4: Find your hostname | |
If you have your hidden service directory like mine above, then | |
you just need to cat out the hostname hidden in that folder. It'll | |
be set up to use root permissions, so sudo like so: | |
sudo cat /var/lib/tor/hidden_service/hostname | |
It'll spit out your ugly hostname. Mine is: fhsujakrrdvwq2gk.onion | |
I'll be changing it soon (see below). | |
Okay, now you're all set and ready to fire it up. To test you'll | |
need a gopher client running on tor. I installed Overbite on my | |
Tor Browser on my PC for easy testing, but you can also use torify | |
on lynx and a bunch of other things. Once you found a way to run | |
a tor browser that can see gopher, navigate to your gopher hole | |
using the onion address and port 71. | |
For instance: | |
gopher://fhsujakrrdvwq2gk.onion:71 | |
It should work and you'll be moderately pleased. But now we have | |
problems. 99 of them (not quite). | |
1) Your onion address sux | |
2) All the links in your gopher hole on tor probably kick you back | |
to your unencrypted, plaintext gopher hole | |
3) Port 71? What is this, NETRJS? | |
How can we deal with all these horrors? Let's take a look. | |
Problem 1: Onion addresses | |
It's possible to generate sexy onion addresses. You might be | |
familiar with protonmail's relatively readable one: | |
protonirockerxow.onion | |
That's almost words! | |
So how can you get that level of not-quite-suck? Why, brute force, | |
of course! Check out Eschalot [0]. | |
[0] Eschalot | |
You can use this and wait... and wait... and wait... and | |
eventually you'll have a cool onion address. There's some issues | |
with it, as you can read on the README, but it's probably good | |
enough for gopher work. | |
Problem 2: Links | |
I don't know what gopher server you're running. I'm on motsognir, | |
which I love and cherish with a little too much gusto. Chances are | |
that your server is smart enough that if you have no gophermaps or | |
if you leave off the server & port info in your gophermaps they | |
are autogenerated based on your host name. That's awesome. | |
Motsognir does that too. Why aren't you using it again? | |
Regardless, that will break your shit on tor cause we have | |
a totally different host name we want to use there. | |
What's the solution? Well, unless someone has a better idea, | |
I think the best thing to do is install a second gopher server, | |
use a different configuration with your tor address as the host | |
name, and change the port to something other than 70 (more on this | |
next). If you are on geomyidae, it's already set up so you can run | |
multiple instances of the server at the same time and override the | |
host name and port via command line switches. I haven't figured | |
out how to do that with motsognir yet. I'll probably just install | |
gophernicus next to motsognir and serve tor over that instead. | |
They're fairly compatible in gophermap structures. | |
Problem 3: Port 71!@#$!@#$!$ | |
If you install a second server and run it on another port, oh | |
let's say... 1138, then you can update your torrc file and point | |
tor at that new port. In fact, you can point tor at the new point | |
and let tor pretend it is serving it from 70. Like so: | |
HiddenServicePort 70 127.0.0.1:1138 | |
Sexy. | |
Restart tor and you should be good to go! | |
I'm still working through these 3 problems with my own solution, | |
but once it's all done I'll be sure to share part 2 of my journey | |
and give you all the new tor address. |