Tor Network | tor(1) | Documentation (Obsolete) | Tor Project

tor is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.

Basically tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams - web traffic, ftp, ssh, etc - around the routers, and recipients, observers, and even the routers themselves have difficulty tracking the source of the stream.

(Excerpts from tor(1) man page.)

Install

Tor Browser @ Windows

choco install tor-browser

tor CLI @ Linux

sudo apt install tor 

sudo systemctl restart tor 

# Start tor process per commandline
tor -f $config_file_path

# Validate config
tor --verify-config

# List options
tor --list-torrc-options

Config : torrc

@ /etc/tor/torrc

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80

• HiddenServicePort VIRTUALPORT TARGET
• @ Docker service
  • HiddenServicePort VIRTUALPORT SVC_NAME:PORT

Tor SOCKS5 Proxy

Anonymizer for use with HTTP(S) client, such as browser or cURL.

@ torrc

SOCKSPort 0.0.0.0:9050

Test client anonymization

☩ curl ifconfig.me
71.123.123.123  #... from ISP

☩ curl --socks5-hostname 127.0.0.1:9150  ifconfig.me
198.98.60.90    #... from Tor Network (randomized per session)

Test Tor network connectivity

# Request : GET tor site
export onion='tenf4wqudyjibh4igv6ir5vjmumo4omi55tu2lncaxpkx7r2a7darjqd.onion'
curl -v --socks5-hostname 127.0.0.1:9050 http://${onion}/
curl -v -x socks5h://127.0.0.1:9050 http://${onion}/

*   Trying 127.0.0.1...
* TCP_NODELAY set
* SOCKS5 communication to tenf4wqudyjibh4igv6ir5vjmumo4omi55tu2lncaxpkx7r2a7darjqd.onion:80
* Can't complete SOCKS5 connection to 0.0.0.0:0. (4)
* Closing connection 0
curl: (7) Can't complete SOCKS5 connection to 0.0.0.0:0. (4)

• Exit code 4 : Undocumented; this exit code is skipped in man page!
  • A feature or option that was needed to perform the desired request was not enabled or was explicitly disabled at build-time. To make curl able to do this, you probably need another build of libcurl. https://everything.curl.dev/usingcurl/returns

Tor Hidden Service(s)

Hostname (*.onion; Onion address)

@ /var/lib/tor/hidden_service/

The hostname is ephemeral (regenerated per restart) lest it and its public-private key pair exist

cat /var/lib/tor/hidden_service/hostname

/ $ ls -ahl /var/lib/tor/hidden_service/
total 24K
drwx------    3 tor      nogroup     4.0K Dec  5 21:13 .
drwx------    4 tor      root        4.0K Dec  6 14:20 ..
drwx------    2 tor      nogroup     4.0K Dec  5 21:05 authorized_clients
-rw-------    1 tor      nogroup       63 Dec  5 21:13 hostname
-rw-------    1 tor      nogroup       64 Dec  5 21:13 hs_ed25519_public_key
-rw-------    1 tor      nogroup       96 Dec  5 21:13 hs_ed25519_secret_key

• Directory MUST have mode 0700, else error: "... excessive permissions ...".

Persist hostname and keys for static address

export onion_addr="$(cat /var/lib/tor/hidden_service/hostname)"

Nginx config

server {
    listen 8888 default_server;
    listen [::]:8888 default_server;
    #server_name tenf4wqudyjibh4igv6ir5vjmumo4omi55tu2lncaxpkx7r2a7darjqd.onion;
    server_name _;
    location / {
        root    /var/www/html;
        index   index.html;
    }
}

• "default_server" combined with "server_name _;" affect a catch-all server block.