Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #1949

Closed (moved)
Open
Opened Sep 17, 2010 by Roger Dingledine@arma

set up a hidden service without using a filesystem directory?

In the original hidden services model, the expert user would set up a directory on the disk somewhere, edit her torrc to configure a hidden service to write its hostname and key in that directory, start tor, and go look in that directory to find out the new name for the hidden service.

That model sucks if we want hidden services to be easy and safe for ordinary users.

In particular, there are two reasons why it's bad. First, the Tor client runs as whatever user it runs as, and the user needs to pick a directory that Tor can write to and read from. Where that might be probably varies from Linux distro to distro. Second, the private key of the service gets written unencrypted to disk. We could imagine expert users who know how to handle that, but we can also imagine that most users won't.

So it would be good to make an easier way to do it. One way would be to allow controllers to set up hidden services. The controller could even remember the key (and store it in a safe way), and import it to Tor when it connects to the control port. (We don't want controllers generating hidden service keys though -- that's Tor's job.)

I could imagine an API in the control protocol that allows this -- with operations like "make me a new hidden service and tell me the key" or "here's the key, please set up a hidden service". I wonder if there's a more general way to extend the controller protocol though?

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
Tor: unspecified
Milestone
Tor: unspecified
Assign milestone
Time tracking
None
Due date
None
Reference: legacy/trac#1949