[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [webwml/master] How to use cookie authentication for onion services (#27680)
commit 46f49331df64b1ecf9fb61631294a1e3bc57e446
Author: traumschule <traumschuleriebau@xxxxxxxxxx>
Date: Sun Sep 16 01:12:48 2018 +0200
How to use cookie authentication for onion services (#27680)
---
docs/en/faq.wml | 13 +++++++++++++
docs/en/tor-onion-service.wml | 30 ++++++++++++++++++++++++++++++
2 files changed, 43 insertions(+)
diff --git a/docs/en/faq.wml b/docs/en/faq.wml
index 889cbe6b..61d2da95 100644
--- a/docs/en/faq.wml
+++ b/docs/en/faq.wml
@@ -214,6 +214,8 @@
<li><a href="#AccessOnionServices">How do I access onion services?</a></li>
<li><a href="#ProvideAnOnionService">How do I provide an onion service?
</a></li>
+ <li><a href="#CookieAuthOnionService">How do I set up cookie authentication
+ for an onion service?
</ul>
<a id="dev"></a>
@@ -3090,6 +3092,17 @@ href="https://www.noisebridge.net/wiki/Noisebridge_Tor";>Noisebridge</a>
<hr>
+ <a id="CookieAuthOnionService"></a>
+ <h3><a class="anchor" href="#CookieAuthOnionService">How do set up cookie
+ authentication for an onion service?</a></h3>
+
+ <p>
+ See the <a href="<page docs/tor-onion-service>#CookieAuthentication">
+ "Cookie authentication" in the official onion service configuration instructions</a>.
+ </p>
+
+ <hr>
+
<a id="Development"></a>
<h2><a class="anchor" href="#Development">Development:</a></h2>
diff --git a/docs/en/tor-onion-service.wml b/docs/en/tor-onion-service.wml
index 2bd13ad8..1215c572 100644
--- a/docs/en/tor-onion-service.wml
+++ b/docs/en/tor-onion-service.wml
@@ -225,8 +225,38 @@
HiddenServicePort 22 127.0.0.1:22
</pre>
+ <p>
To set up an onion service on Raspbian have a look at Alec Muffett's
<a href="https://github.com/alecmuffett/eotk";>Enterprise Onion Toolkit</a>.
+ </p>
+
+ <h3><a name="CookieAuthentication">Cookie authentication</a></h3>
+
+ <p>To set up cookie authentication add following lines to your
+ <a href="<page docs/faq>#torrc">torrc</a> as specified for
+ <a href="<page docs/tor-manual>#HidServAuth">HidServAuth</a> and
+ <a href="<page docs/tor-manual>#HiddenServiceAuthorizeClient">
+ HiddenServiceAuthorizeClient</a> in the manual.
+ First add following line to the torrc file of your onion service:
+ </p>
+ <pre>
+ HiddenServiceAuthorizeClient [auth-type] [service-name]
+ </pre>
+ <p>
+ Then restart/reload tor and read the cookie from the hostname file of your
+ onion service, for example in
+ <tt>/var/lib/tor/hidden_service_path/hostname</tt>.
+ To access it with another tor service add following line to torrc
+ and (re)start/reload it:
+ </p>
+ <pre>
+ HidServAuth [onion-address] [auth-cookie] [service-name]
+ </pre>
+ <p>
+ You are now able to browse to the onion service address.
+ </p>
+
+ <h3><a name="OpSec">Operational security</a></h3>
<p>Onion services operators need to practice proper
<a href="https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity";>
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits