[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Problems with setting up of hidden service



I want to set up a hidden service for a new site which will be reachable
only through the Tor-network.
I have a vds running under FreeBSD with some public sites reacheble from
Internet (web-server - apache).
I am trying to set up it with accourdance of that instructions:
https://www.torproject.org/docs/tor-hidden-service.html.en , but I have
some general questions and some practical problems described the bellow.

1st General Question.
Do I need to install the thttpd web-server only into home directory of
ordinary user, to make it and to install under them, or I can use it
from FreeBSD-ports or from any Linux distr (if I will install it on
Linux system)? Is the first way oblidate and the second - depricated or
is it no difference between them?
Next, where I can get the md5, sha256 or sha512 hashes and/or digital
signatures for tarballs from here http://www.acme.com/software/thttpd? I
can't find 'em, I'm sorry.

2st General Question.
Under wich user I need to have files in the directory of hidden service?
Of the user owned of the $HOME directory or of the user "tor" (in
FreeBSD - "_tor")? And what file permissions I need to have?
In the fist case if I type in my browser the name of one of my domains
running under that vds and the port 5222 (such as
http://somedomainname:5222) I can see all files in that directory.
Furtherinmore, after configuring the torrc and restarting the Tor in the
first case the Tor cannot create  "hostname"  and  "private_key" and
demand that the directory of the hidden service would be belonging to
the user "_tor".
I have tried to include the user owned by $HOME to the group "_tor" and
the user "_tor" to the first user's group and to chmod files in the
hidden service directory to "660" (for usual files) and to 770 (for
directories) but I have no suitable result.
But only after chowning that directory and their files to the "_tor"
user the Tor create the  "hostname"  and  "private_key" files.
After that I chmoded the hidden service directory to 770 and their files
to 660 and now I cannot open 'em by opening the above-mentioned URL
"http://somedomainname:5222"; which informed me about the error:
> 500 Internal Error
> There was an unusual problem serving the requested URL '/'. 
Did I do right?
P.S. It will be very nice if some instructions concerning correct
resolving of the 2st question will be include in the documentations on
the page "https://www.torproject.org/docs/tor-hidden-service.html.en";

3d General Question. Can any CMS such as drupal deanonymize my hidden
service by opening its ip and etc.? And what is the best CMS for
creating web-sites for using only under hidden services, without any
access from the Internet not throuhg Tor-network?

After setting up of my hidden service I have the next serious problem
which I cannot resolve.
My public web-sites "live" in the $HOME directory of one user, for
exemle /home/user/
For my hidden service I created another user which have another $HOME
directory, for example /home/user1, which contains the thttpd/hidserv
directories.
The appache server which serving my public sites uses external ips of my
vds and listens the port 80.
My thttpd-server for hidden service have the next configuratin:

> cat /usr/local/etc/thttpd.conf
> port=5222
> host=localhost
> user=www
> dir=/home/user1/thttpd/hidserv
> chroot
> cgipat=*.cgi
> logfile=/var/log/thttpd.log
> pidfile=/var/run/thttpd.pid

I have the next configuration of my hidden service in "torrc":
> HiddenServiceDir  /home/hidden/thttpd/hidserv/
> HiddenServicePort 80 127.0.0.1:80 

In spite of using the directive "chroot" for the thttpd web-server there
are opening my first public sites defined in my appach configuration but
not the directory of hidden service. Why?!

Maybe I need indicate another port in my torrc conifg? Such as >
HiddenServicePort 99 127.0.0.1:99 or etc.?




_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk