[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor official list of new .onion addresses?


Nathaniel Suchy wrote:
> Consider the consequences of publishing the actual addresses. The number of
> addresses is fine but the actual addresses should stay private for privacy
> and security reasons.
> I’m aware there are crawers looking for new services to show however if the
> address is kept private only rouge HSDIRs are an issue and we can always
> generate new addresses and delete the old keys.
> I am running some Onion Services for SSH (clearnet disabled, you’ll need to
> be physically present if Tor has an issue!) and while I require SSH Keys
> it’d open a huge attack surface I’m  trying to avoid. It’s basicaly an
> attempt at security by really advanced obscurity.

Relying on the fact that nobody can ever learn the onion addresses you
have is a terrible security policy. This can be never guaranteed, as
relays are public and anyone can run one, thus become hidden service
directory as soon it meets the necessary flags.

You should be prepared and assume the onion address is known, thus
defend with ssh keys instead of weak passwords, possibly even change the
default port (this does not add security but bypasses some automated
brute force tools, it's no help for targeted manual attack so don't rely

There are other techniques lower at little-t-tor protocol level that
suite your concerns, like HiddenServiceAuthorizeClient - you should
better look into those if you are concerned about someone trying to
connect to your onion address. These are neat for some services that
need privacy and need to not advertise to the unauthorized access users
that they are online up and running or only allow limited access to some
users that provide additional credentials or auth material other than
just knowing the onion address.

Onion addresses have the purpose to conceal the physical (IP) location
of the service, but the addresses themselves have to be prepared to be
known to the world, for a strong security policy. Tor documentation
clearly states this.

If you open ssh on an onion address and you allow root login with
password "1234" IT IS NOT Tor's FAULT YOU WERE PWNED. It is just a
terrible security policy. Do not do this.

*Hope for the best, prepare for the worst!*

Attachment: signature.asc
Description: OpenPGP digital signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to