From 4a012a2bda51c022fe8ce2f4fce063f0578d753a Mon Sep 17 00:00:00 2001 From: PromptPunksFauxCough <200402670+PromptPunksFauxCough@users.noreply.github.com> Date: Thu, 6 Mar 2025 00:25:02 +0000 Subject: [PATCH] revisions and additions per woodser --- docs/external-tor-usage.md | 55 +++++++++++++++++++++++++++++++++----- 1 file changed, 49 insertions(+), 6 deletions(-) diff --git a/docs/external-tor-usage.md b/docs/external-tor-usage.md index 37d01809f6..3f4bad8cf5 100644 --- a/docs/external-tor-usage.md +++ b/docs/external-tor-usage.md @@ -1,5 +1,5 @@ # **Using External `tor` with `Haveno`** -## *[How to install little-t-`tor`?](https://support.torproject.org/little-t-tor/#little-t-tor_install-little-t-tor)* +## *[How to Install little-t-`tor` for Your Platform?](https://support.torproject.org/little-t-tor/#little-t-tor_install-little-t-tor)* The following `tor` installation instructions have are presented here for convenience. @@ -10,7 +10,7 @@ The following `tor` installation instructions have are presented here for conven For optimum compatibility with `Haveno` the running `tor` version should match that of the internal `Haveno` `tor` version For best results, use a version of `tor` which supports the [Onion Service Proof of Work](https://onionservices.torproject.org/technology/security/pow) (`PoW`) mechanism - * (IE: `GNU` build ot `tor`) + * (IE: `GNU` build of `tor`) --- @@ -94,7 +94,7 @@ $ tar -xzf tor-.tar.gz; cd tor- * Replace \ with the latest version of `tor` - > For example, `tor-0.4.8.12` + > For example, `tor-0.4.8.14` ```shell $ ./configure && make @@ -148,18 +148,61 @@ PS C:\Tor\> sc create tor start=auto binPath="\Tor\tor.exe -nt-service" PS C:\Tor\> sc start tor ``` +### ***Configuring `tor`via `torrc`*** +#### [I'm supposed to "edit my torrc". What does that mean?](https://support.torproject.org/tbb/tbb-editing-torrc/) +* Per the [Official Tor Project's support page](https://support.torproject.org/tbb/tbb-editing-torrc/): + * **WARNING:** Do **NOT** follow random advice instructing you to edit your torrc! Doing so can allow an attacker to compromise your security and anonymity through malicious configuration of your torrc. + + **Note:** + + The `torrc` location will ***not*** match those stated in the documentation linked above and will vary across each platform. + +#### [Sample `torrc`](https://gitlab.torproject.org/tpo/core/tor/-/blob/HEAD/src/config/torrc.sample.in) +Users are ***strongly*** encouraged to review both the [Official Tor Project's support page](https://support.torproject.org/tbb/tbb-editing-torrc/) as well as the [sample `torrc`](https://gitlab.torproject.org/tpo/core/tor/-/blob/HEAD/src/config/torrc.sample.in) before proceeding. + +#### Enable `torControlPort` in `torrc` +In order for `Haveno` to use the `--torControlPort` option, it must be enabled and accessible. The most common way to do so is to edit the `torrc` fiel with a text editor to ensure that an entry for `ControlPort` followed by port number to listen on is present in the `torrc` file. + +#### [Authentication](https://spec.torproject.org/control-spec/implementation-notes.html#authentication) +Per the [Tor Control Protocol - Implementation Notes](https://spec.torproject.org/control-spec/implementation-notes.html): + + * ***"If the control port is open and no authentication operation is enabled, `tor` trusts any local user that connects to the control port. This is generally a poor idea."*** + +##### `CookieAuthentication` +If the `CookieAuthentication` option is true, `tor` writes a *"magic cookie"* file named `control_auth_cookie` into its data directory (or to another file specified in the `CookieAuthFile` option). + +##### Example: +```shell +ControlPort 9051 +CookieAuthentication 1 +``` + +##### `HashedControlPassword` +If the `HashedControlPassword` option is set, it must contain the salted hash of a secret password. The salted hash is computed according to the S2K algorithm in `RFC 2440` of `OpenPGP`, and prefixed with the s2k specifier. This is then encoded in hexadecimal, prefixed by the indicator sequence "16:". + +* `HashedControlPassword` can be generated like so: + ```shell + $ tor --hash-password + ``` + +##### Example: +```shell +ControlPort 9051 +HashedControlPassword 16:C01147DC5F4DA2346056668DD23522558D0E0C8B5CC88FE72EEBC51967 +``` + ### \* ***Optional*** \* #### [Set Up Your Onion Service](https://community.torproject.org/onion-services/setup) While not a *strict* requirement for use with `Haveno`, some users may wish to configure an [Onion Service](https://community.torproject.org/onion-services) - * ***Only Required When Using The `--hiddenServiceAddress` Option*** + * ***Only Required When Using The `Haveno` `--hiddenServiceAddress` Option*** Please see the [Official `Tor` Project's Documentation](https://community.torproject.org/onion-services/setup) for more information about configuration and usage of these services --- -## *`Haveno`'s Natively Aware `tor` Options* +## *`Haveno`'s `tor` Aware Options* `Haveno` is a natively `tor` aware application and offers **many** flexible configuration options for use by privacy conscious users. @@ -402,7 +445,7 @@ Users are encouraged to experiment with options before use to determine which op --- -## *Examples* +## *Starting `Haveno` Using Externally Available `tor`* ### Dynamic Onion Assignment via `--torControlPort` ```shell $ /opt/haveno/bin/Haveno --torControlPort='9051' --torControlCookieFile='/var/run/tor/control.authcookie' --torControlUseSafeCookieAuth --useTorForXmr='on' --socks5ProxyXmrAddress='127.0.0.1:9050'