onionshare/docs/source/tor.rst

Connecting to Tor
=================

.. _tor:

Pick a way to connect OnionShare to Tor by clicking the Settings icon in the bottom right corner of the application, and then the Tor Settings tab in the screen that appears.

.. image:: _static/screenshots/tor-settings.png

Use the Tor version built into OnionShare
-----------------------------------------

This is the default, simplest and most reliable way that OnionShare connects to Tor.
For this reason, it's recommended for most users.

When you open OnionShare, it launches an already configured ``tor`` process in the background for OnionShare to use.
It doesn't interfere with other ``tor`` processes on your computer, so you can use the Tor Browser or the system ``tor`` on their own.

Getting Around Censorship
-------------------------

If your access to the internet is censored, you can configure OnionShare to connect to the Tor network using `Tor bridges <https://tb-manual.torproject.org/bridges/>`_. If OnionShare connects to Tor without one, you don't need to use a bridge.

To use a bridge, open the Tor Settings tab. 
You must select "Use the Tor version built into OnionShare" and check the "Use a bridge" checkbox.

Try using a built-in bridge first. Using `obfs4` or `snowflake` bridges is recommended over using `meek-azure`.

.. image:: _static/screenshots/tor-settings-bridges.png

If using a built-in bridge doesn't work, you can request a bridge from torproject.org. You will have to solve a CAPTCHA in order to request a bridge. (This makes it more difficult for governments or ISPs to block access to Tor bridges.)

.. image:: _static/screenshots/tor-settings-moat.png

You also have the option of using a bridge that you learned about from a trusted source.

Attempt auto-configuration with Tor Browser
-------------------------------------------

If you have `downloaded the Tor Browser <https://www.torproject.org>`_ and don't want two ``tor`` processes running, you can use the ``tor`` process from the Tor Browser.
Keep in mind you need to keep Tor Browser open in the background while you're using OnionShare for this to work.

Using a system ``tor`` in Windows
---------------------------------

This is fairly advanced. You'll need to know how edit plaintext files and do stuff as an administrator.

Download the Tor Windows Expert Bundle `from <https://www.torproject.org/download/tor/>`_.
Extract the compressed file and copy the extracted folder to ``C:\Program Files (x86)\``
Rename the extracted folder with ``Data`` and ``Tor`` in it to ``tor-win32``.

Make up a control port password.
(Using 7 words in a sequence like ``comprised stumble rummage work avenging construct volatile`` is a good idea for a password.)
Now open a command prompt (``cmd``) as an administrator, and use ``tor.exe --hash-password`` to generate a hash of your password. For example::

    cd "C:\Program Files (x86)\tor-win32\Tor"
    tor.exe --hash-password "comprised stumble rummage work avenging construct volatile"

The hashed password output is displayed after some warnings (which you can ignore). In the case of the above example, it is ``16:00322E903D96DE986058BB9ABDA91E010D7A863768635AC38E213FDBEF``.

Now create a new text file at ``C:\Program Files (x86)\tor-win32\torrc`` and put your hashed password output in it, replacing the ``HashedControlPassword`` with the one you just generated::

    ControlPort 9051
    HashedControlPassword (the hash you generate from the password you picked above)

In your administrator command prompt, install ``tor`` as a service using the appropriate ``torrc`` file you just created (as described in `<https://2019.www.torproject.org/docs/faq.html.en#NTService>`_). Like this::

    tor.exe --service install -options -f "C:\Program Files (x86)\tor-win32\torrc"

You are now running a system ``tor`` process in Windows!

Open OnionShare and click the "⚙" icon in it.
Under "How should OnionShare connect to Tor?" choose "Connect using control port", and set
"Control port" to ``127.0.0.1`` and
"Port" to ``9051``.
Under "Tor authentication settings" choose "Password" and set the password to the control port password you picked above.
Click the "Test Connection to Tor" button.
If all goes well, you should see "Connected to the Tor controller".

Using a system ``tor`` in macOS
-------------------------------

First, install `Homebrew <https://brew.sh/>`_ if you don't already have it, and then install Tor::

    brew install tor

Now configure Tor to allow connections from OnionShare::

    mkdir -p /usr/local/var/run/tor
    chmod 700 /usr/local/var/run/tor
    echo 'SOCKSPort 9050' >> /usr/local/etc/tor/torrc
    echo 'ControlPort unix:"/usr/local/var/run/tor/control.socket"' >> /usr/local/etc/tor/torrc

And start the system Tor service::

    brew services start tor

Open OnionShare and click the "⚙" icon in it.
Under "How should OnionShare connect to Tor?" choose "Connect using socket file", and
set the socket file to be ``/usr/local/var/run/tor/control.socket``.
Under "Tor authentication settings" choose "No authentication, or cookie authentication".
Click the "Test Connection to Tor" button.

If all goes well, you should see "Connected to the Tor controller".

Using a system ``tor`` in Linux
-------------------------------

First, install the ``tor`` package. If you're using Debian, Ubuntu, or a similar Linux distro, It is recommended to use the Tor Project's `official repository <https://support.torproject.org/apt/tor-deb-repo/>`_.

Next, add your user to the group that runs the ``tor`` process (in the case of Debian and Ubuntu, ``debian-tor``) and configure OnionShare to connect to your system ``tor``'s control socket file.

Add your user to the ``debian-tor`` group by running this command (replace ``username`` with your actual username)::

    sudo usermod -a -G debian-tor username

Reboot your computer.
After it boots up again, open OnionShare and click the "⚙" icon in it.
Under "How should OnionShare connect to Tor?" choose "Connect using socket file".
Set the socket file to be ``/var/run/tor/control``.
Under "Tor authentication settings" choose "No authentication, or cookie authentication".
Click the "Test Connection to Tor" button.

If all goes well, you should see "Connected to the Tor controller".
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00			`Connecting to Tor`
			`=================`

Initial documentation for the censorship circumvention/autoconnect screen 2022-03-31 01:39:48 -04:00			`.. _tor:`

Clarifications in docs about Tor settings 2022-04-27 23:13:56 -04:00			`Pick a way to connect OnionShare to Tor by clicking the Settings icon in the bottom right corner of the application, and then the Tor Settings tab in the screen that appears.`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Update documentation for 2.4.1 2021-11-23 22:33:21 -05:00			`.. image:: _static/screenshots/tor-settings.png`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Update documentation for 2.4.1 2021-11-23 22:33:21 -05:00			`Use the Tor version built into OnionShare`
			`-----------------------------------------`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Tor documentation reworked 2020-09-22 03:51:18 -04:00			`This is the default, simplest and most reliable way that OnionShare connects to Tor.`
			`For this reason, it's recommended for most users.`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			When you open OnionShare, it launches an already configured ``tor`` process in the background for OnionShare to use.
			It doesn't interfere with other ``tor`` processes on your computer, so you can use the Tor Browser or the system ``tor`` on their own.
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Update documentation for 2.4.1 2021-11-23 22:33:21 -05:00			`Getting Around Censorship`
			`-------------------------`

			If your access to the internet is censored, you can configure OnionShare to connect to the Tor network using `Tor bridges <https://tb-manual.torproject.org/bridges/>`_. If OnionShare connects to Tor without one, you don't need to use a bridge.

			`To use a bridge, open the Tor Settings tab.`
			`You must select "Use the Tor version built into OnionShare" and check the "Use a bridge" checkbox.`

			Try using a built-in bridge first. Using `obfs4` or `snowflake` bridges is recommended over using `meek-azure`.

			`.. image:: _static/screenshots/tor-settings-bridges.png`

			`If using a built-in bridge doesn't work, you can request a bridge from torproject.org. You will have to solve a CAPTCHA in order to request a bridge. (This makes it more difficult for governments or ISPs to block access to Tor bridges.)`

			`.. image:: _static/screenshots/tor-settings-moat.png`

			`You also have the option of using a bridge that you learned about from a trusted source.`

Tor documentation reworked 2020-09-22 03:51:18 -04:00			`Attempt auto-configuration with Tor Browser`
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			`-------------------------------------------`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			If you have `downloaded the Tor Browser <https://www.torproject.org>`_ and don't want two ``tor`` processes running, you can use the ``tor`` process from the Tor Browser.
Tor documentation reworked 2020-09-22 03:51:18 -04:00			`Keep in mind you need to keep Tor Browser open in the background while you're using OnionShare for this to work.`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			Using a system ``tor`` in Windows
			`---------------------------------`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
			`This is fairly advanced. You'll need to know how edit plaintext files and do stuff as an administrator.`

Tor documentation reworked 2020-09-22 03:51:18 -04:00			Download the Tor Windows Expert Bundle `from <https://www.torproject.org/download/tor/>`_.
Changed "ZIP file" and "and then" in Tor doc 2020-11-18 03:50:05 -05:00			Extract the compressed file and copy the extracted folder to ``C:\Program Files (x86)\``
Spelling: Rename the extracted folder 2020-09-22 04:05:05 -04:00			Rename the extracted folder with ``Data`` and ``Tor`` in it to ``tor-win32``.
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Tor documentation reworked 2020-09-22 03:51:18 -04:00			`Make up a control port password.`
			(Using 7 words in a sequence like ``comprised stumble rummage work avenging construct volatile`` is a good idea for a password.)
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			Now open a command prompt (``cmd``) as an administrator, and use ``tor.exe --hash-password`` to generate a hash of your password. For example::
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
			`cd "C:\Program Files (x86)\tor-win32\Tor"`
			`tor.exe --hash-password "comprised stumble rummage work avenging construct volatile"`

Tor documentation reworked 2020-09-22 03:51:18 -04:00			The hashed password output is displayed after some warnings (which you can ignore). In the case of the above example, it is ``16:00322E903D96DE986058BB9ABDA91E010D7A863768635AC38E213FDBEF``.
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Tor documentation reworked 2020-09-22 03:51:18 -04:00			Now create a new text file at ``C:\Program Files (x86)\tor-win32\torrc`` and put your hashed password output in it, replacing the ``HashedControlPassword`` with the one you just generated::
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
			`ControlPort 9051`
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			`HashedControlPassword (the hash you generate from the password you picked above)`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			In your administrator command prompt, install ``tor`` as a service using the appropriate ``torrc`` file you just created (as described in `<https://2019.www.torproject.org/docs/faq.html.en#NTService>`_). Like this::
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
			`tor.exe --service install -options -f "C:\Program Files (x86)\tor-win32\torrc"`

Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			You are now running a system ``tor`` process in Windows!
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			`Open OnionShare and click the "⚙" icon in it.`
			`Under "How should OnionShare connect to Tor?" choose "Connect using control port", and set`
Tor documentation reworked 2020-09-22 03:51:18 -04:00			"Control port" to ``127.0.0.1`` and
			"Port" to ``9051``.
Ending dot 2020-11-18 04:01:38 -05:00			`Under "Tor authentication settings" choose "Password" and set the password to the control port password you picked above.`
Spelling: "Test Connection to Tor" 2020-09-22 04:23:02 -04:00			`Click the "Test Connection to Tor" button.`
Tor documentation reworked 2020-09-22 03:51:18 -04:00			`If all goes well, you should see "Connected to the Tor controller".`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			Using a system ``tor`` in macOS
Tor documentation reworked 2020-09-22 03:51:18 -04:00			`-------------------------------`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Changed "ZIP file" and "and then" in Tor doc 2020-11-18 03:50:05 -05:00			First, install `Homebrew <https://brew.sh/>`_ if you don't already have it, and then install Tor::
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
			`brew install tor`

			`Now configure Tor to allow connections from OnionShare::`

			`mkdir -p /usr/local/var/run/tor`
			`chmod 700 /usr/local/var/run/tor`
			`echo 'SOCKSPort 9050' >> /usr/local/etc/tor/torrc`
			`echo 'ControlPort unix:"/usr/local/var/run/tor/control.socket"' >> /usr/local/etc/tor/torrc`

			`And start the system Tor service::`

			`brew services start tor`

Spelling: Icon in it 2020-09-22 04:26:04 -04:00			`Open OnionShare and click the "⚙" icon in it.`
macOS section unremoved, -password 2020-09-22 04:21:16 -04:00			`Under "How should OnionShare connect to Tor?" choose "Connect using socket file", and`
			set the socket file to be ``/usr/local/var/run/tor/control.socket``.
Spelling: "Tor authentication settings" 2020-09-22 04:28:53 -04:00			`Under "Tor authentication settings" choose "No authentication, or cookie authentication".`
Tor documentation reworked 2020-09-22 03:51:18 -04:00			`Click the "Test Connection to Tor" button.`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Tor documentation reworked 2020-09-22 03:51:18 -04:00			`If all goes well, you should see "Connected to the Tor controller".`
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			Using a system ``tor`` in Linux
Tor documentation reworked 2020-09-22 03:51:18 -04:00			`-------------------------------`

Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			First, install the ``tor`` package. If you're using Debian, Ubuntu, or a similar Linux distro, It is recommended to use the Tor Project's `official repository <https://support.torproject.org/apt/tor-deb-repo/>`_.
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
Updated tor docs for 2.3 2020-11-15 17:42:16 -05:00			Next, add your user to the group that runs the ``tor`` process (in the case of Debian and Ubuntu, ``debian-tor``) and configure OnionShare to connect to your system ``tor``'s control socket file.
Split tor into its own separate page, and add translation docs to develop 2020-08-26 16:51:25 -04:00
			Add your user to the ``debian-tor`` group by running this command (replace ``username`` with your actual username)::

			`sudo usermod -a -G debian-tor username`

Tor documentation reworked 2020-09-22 03:51:18 -04:00			`Reboot your computer.`
			`After it boots up again, open OnionShare and click the "⚙" icon in it.`
			`Under "How should OnionShare connect to Tor?" choose "Connect using socket file".`
			Set the socket file to be ``/var/run/tor/control``.
Spelling: "Tor authentication settings" 2020-09-22 04:30:58 -04:00			`Under "Tor authentication settings" choose "No authentication, or cookie authentication".`
Spelling: "Test Connection to Tor" 2020-09-22 04:27:20 -04:00			`Click the "Test Connection to Tor" button.`
Tor documentation reworked 2020-09-22 03:51:18 -04:00
			`If all goes well, you should see "Connected to the Tor controller".`