Home
---------------------------------------- gopher.black on tor, part 1 April 27th, 2018 ---------------------------------------- I'm working on adding a tor hidden service to gopher.black so you can enjoy all my steamy content anonymously, you sneaky vixen. Honestly, the idea seemed a bit daunting but it's turned out to be pretty straight forward. While I'm not at 100% yet, I thought I learned enough to share while it's fresh in my mind. Here's the main steps going from a normal gopher server to a torified one: - Install tor - Configure tor to point to your server - Start tor - Find your hostname Step 1: Install tor Check out the install instructions on the tor website. In most cases it's as simple as: sudo apt install tor Step 2: Configure tor to point to your server Everything you need to configure in tor is located at /etc/tor/torrc. Open that bad-boy up and jump down a bit until you find the section on Hidden Services. Mine is around line 72. Uncomment them and make it look like so: HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 71 127.0.0.1:70 The first line is where your hidden service will store all its secret shenanigans, like the private key it's going to auto-generate for you. We'll look there in a minute to find the hostname. The second line describes Tor's mapping of fake port to real port. Since we have our gopher hole running on port 70 that's what we reference on the right. For now, we're going to tell Tor to pretend port 71 is what we want to use publicly. Step 3: Start tor sudo service tor start # or whatever your machine uses Step 4: Find your hostname If you have your hidden service directory like mine above, then you just need to cat out the hostname hidden in that folder. It'll be set up to use root permissions, so sudo like so: sudo cat /var/lib/tor/hidden_service/hostname It'll spit out your ugly hostname. Mine is: fhsujakrrdvwq2gk.onion I'll be changing it soon (see below). Okay, now you're all set and ready to fire it up. To test you'll need a gopher client running on tor. I installed Overbite on my Tor Browser on my PC for easy testing, but you can also use torify on lynx and a bunch of other things. Once you found a way to run a tor browser that can see gopher, navigate to your gopher hole using the onion address and port 71. For instance: gopher://fhsujakrrdvwq2gk.onion:71 It should work and you'll be moderately pleased. But now we have problems. 99 of them (not quite). 1) Your onion address sux 2) All the links in your gopher hole on tor probably kick you back to your unencrypted, plaintext gopher hole 3) Port 71? What is this, NETRJS? How can we deal with all these horrors? Let's take a look. Problem 1: Onion addresses It's possible to generate sexy onion addresses. You might be familiar with protonmail's relatively readable one: protonirockerxow.onion That's almost words! So how can you get that level of not-quite-suck? Why, brute force, of course! Check out Eschalot [0]. HTML [0] Eschalot You can use this and wait... and wait... and wait... and eventually you'll have a cool onion address. There's some issues with it, as you can read on the README, but it's probably good enough for gopher work. Problem 2: Links I don't know what gopher server you're running. I'm on motsognir, which I love and cherish with a little too much gusto. Chances are that your server is smart enough that if you have no gophermaps or if you leave off the server & port info in your gophermaps they are autogenerated based on your host name. That's awesome. Motsognir does that too. Why aren't you using it again? Regardless, that will break your shit on tor cause we have a totally different host name we want to use there. What's the solution? Well, unless someone has a better idea, I think the best thing to do is install a second gopher server, use a different configuration with your tor address as the host name, and change the port to something other than 70 (more on this next). If you are on geomyidae, it's already set up so you can run multiple instances of the server at the same time and override the host name and port via command line switches. I haven't figured out how to do that with motsognir yet. I'll probably just install gophernicus next to motsognir and serve tor over that instead. They're fairly compatible in gophermap structures. Problem 3: Port 71!@#$!@#$!$ If you install a second server and run it on another port, oh let's say... 1138, then you can update your torrc file and point tor at that new port. In fact, you can point tor at the new point and let tor pretend it is serving it from 70. Like so: HiddenServicePort 70 127.0.0.1:1138 Sexy. Restart tor and you should be good to go! I'm still working through these 3 problems with my own solution, but once it's all done I'll be sure to share part 2 of my journey and give you all the new tor address.