On 02/13/2015 08:15 AM, Thomas White wrote: > So earlier I noticed a journalist on Twitter asking for good guides on > setting up hidden services. After a quick search, nothing decent > really came up aimed at people new to the command line or who haven't > really configured hidden services before. So anyway, here is my > contribution to that field: > > https://www.thecthulhu.com/setting-up-a-hidden-service-with-nginx/ > > It isn't intended to be a hardening guide or an ultra secure way of > hosting, but it is for people who want to casually publish some static > HTML files or with a little extra configuration to host some applications. > > Any feedback on this would be appreciated, as well as any other > suggestions on what I could write about to help people out. Making > hidden services more approachable and less "dark net" style should > make privacy preserving technologies like hidden services more > accepted and commonplace. And who wouldn't love that? > > T > > >
gosh… the VPS configuration part is soooo long and, most probably, useless (and there are some errors, see bellow). I don't think "normal" people will read this post all the way just to set up a hidden service — most probably there are some shorter way, maybe split it into, at least, three parts (VPS configuration // Tor hidden service // nginx) Among the errors (confession: I read it fast, mainly jumping to commands): > sudo adduser user sudo should be > adduser user sudo > PermitRootLogin no might be, on more recent servers (Jessie for example) > PermitRootLogin without-password > echo ‘deb http://deb.torproject.org/torproject.org wheezy main’ >> /etc/apt/sources.list && echo ‘deb-src http://deb.torproject.org/torproject.org wheezy main’ >> /etc/apt/sources.list && gpg –keyserver keys.gnupg.net –recv 886DDD89 && gpg –export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add – && apt-get should be split in more lines, using sudo as we just logged in as "user" (or so I think people will do in order to test the "user" access): > echo ‘deb http://deb.torproject.org/torproject.org wheezy main’ | sudo tee /etc/apt/sources.list.d/tor.list > echo ‘deb-src http://deb.torproject.org/torproject.org wheezy main’ | sudo tee -a /etc/apt/sources.list.d/tor.list > gpg --keyserver keys.gnupg.net --recv 886DDD89 > gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 --armor | sudo apt-key add - > apt-get update The next part is a bit unclear: previous block, you spoke about "ssh -p 22555 user@…", but now we're still root? well… err… More over, doing "su user" just for the pleasure to run "sudo apt-get install tor" is just useless, and might lead to great confusions for the end-user… maybe rewrite this part, and make sure your readers know what user we are on the system (introduce "whoami" maybe?) Also, I'm not really sure a "sudo rm -f /etc/tor/torrc" is the right thing to do — default configuration shipped with the package ensure we get at least a tor client. Would be better to *append* the hidden service to it. You might as well just introduce "sudo nginx -t", nginx' version for apache2ctl configtest, ensuring nginx is properly configured. Don't take it hard, providing a doc is a good idea — this is just meant to improve it and ensure people won't come back in comments complaining about thing and stuff ;). Cheers, C- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
