1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
<!DOCTYPE html>
<html lang="" xml:lang="" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8"/>
<meta content="pandoc" name="generator"/>
<meta content="width=device-width, initial-scale=1.0, user-scalable=yes" name="viewport"/>
<title>how-to-host-a-tor-hidden-service</title>
<style>
code{white-space: pre-wrap;}
span.smallcaps{font-variant: small-caps;}
div.columns{display: flex; gap: min(4vw, 1.5em);}
div.column{flex: auto; overflow-x: auto;}
div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}
/* The extra [class] is a hack that increases specificity enough to
override a similar rule in reveal.js */
ul.task-list[class]{list-style: none;}
ul.task-list li input[type="checkbox"] {
font-size: inherit;
width: 0.8em;
margin: 0 0.8em 0.2em -1.6em;
vertical-align: middle;
}
.display.math{display: block; text-align: center; margin: 0.5rem auto;}
</style>
<link href="../../static/main.css" rel="stylesheet"/>
</head>
<body>
<nav id="TOC" role="doc-toc">
<h2 id="toc-title">Contents</h2>
<ul>
<li><a href="#how-to-spin-up-a-temporary-hidden-file-share-with-python" id="toc-how-to-spin-up-a-temporary-hidden-file-share-with-python" target="_self">How to
spin up a temporary hidden file share with Python</a>
<ul>
<li><a href="#configure-tor" id="toc-configure-tor" target="_self">Configure
Tor</a></li>
<li><a href="#set-up-the-server" id="toc-set-up-the-server" target="_self">Set up the
server</a></li>
</ul></li>
</ul>
</nav>
<p>This might sound spooky and complicated, but it's really not. If you
want to host a small site or a small file share among friends, I
honestly think Tor is one of the easiest and safest options to set
up.</p>
<p>Getting a Tor hidden service running is so stupidly easy that it
hardly deserves it's own article. Tor's website has a great guide right
<a href="https://community.torproject.org/onion-services/setup/">here</a>.
I figured I'd put my own spin on it by showing you show to host a
temporary server to share some files with your friends. Please note the
word <em>temporary</em> in that last sentence; running this way for a
while is insecure and not a good idea. For a permanent solution, you'll
want to host a real web server as explained <a href="/tutorials/www/how-to-make-this-site.html">here</a>.</p>
<p>Like that article, I will only explain how to do this on Linux since
it's way easier and, to be honest, I've never tried to do it on Windows.
If you've never used Linux before, buy a Raspberry Pi and follow the
basic install guide. If you're strapped for cash, run it in a virtual
machine, or use <a href="https://docs.microsoft.com/en-us/windows/wsl/install">Windows
Subsystem for Linux</a>.</p>
<h2 id="how-to-spin-up-a-temporary-hidden-file-share-with-python">How to
spin up a temporary hidden file share with Python</h2>
<p>Once you have Debian/Ubuntu/whatever installed and it's updated to
your liking, you can install Tor with:</p>
<pre><code>$ sudo apt install tor</code></pre>
<p>Start (or stop) Tor with:</p>
<pre><code>$ sudo service tor start</code></pre>
<p>or</p>
<pre><code>$ sudo systemctl start tor.service</code></pre>
<p>You may need to enable the service first. I think this is done by
default now, but it doesn't hurt:</p>
<pre><code>$ sudo systemctl enable tor.service</code></pre>
<h3 id="configure-tor">Configure Tor</h3>
<p>You'll need to edit the file "/etc/tor/torrc" before your service can
be available over Tor. Use vim, nano, or whatever you like to edit the
file (as root!) and search for the following lines:</p>
<pre><code>#HiddenServiceDir /var/lib/tor/hidden_service/
#HiddenServicePort 80 127.0.0.1:80</code></pre>
<p>Remove the '#' at the beginning of each and change the port to 8000
like so:</p>
<pre><code>HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8000</code></pre>
<p>Save and restart Tor for the changes to apply:</p>
<pre><code>$ sudo service tor restart</code></pre>
<p>Once you do this, you'll get a new onion address located in the
directory noted above. Use cat to read the hostname file and copy it
down somewhere. This is your ".onion" address:</p>
<pre><code>$ cat /var/lib/tor/hidden_service/hostname</code></pre>
<h3 id="set-up-the-server">Set up the server</h3>
<p>Make some directory to hold your files.</p>
<pre><code>$ mkdir -pv ~/files</code></pre>
<p>If you're on WSL you can copy files from your C drive like so:</p>
<pre><code>$ cp -vr /mnt/c/Users/username/Desktop/cats ~/files/</code></pre>
<p>On a remote server (like a Raspberry pi) you can use scp instead
(replace 'rapsberry' with the hostname or local IP of you Pi):</p>
<pre><code>$ scp -vr cats pi@raspberry:~/files/</code></pre>
<p>Since we're only doing this temporarily, we don't care too much about
security or where the files should go, but if you want to be careful,
you can issue the following to set the directory to read only after you
copy your files in:</p>
<pre><code>$ chmod -R 644 files</code></pre>
<p>Change into the directory and run Python's built-in http server:</p>
<pre><code>$ cd files
$ python3 -m http.server</code></pre>
<p>You'll see the server is being hosted on port 8000, which is what we
chose in the config file earlier. Just leave it running, or send it to
the background with Ctrl+Z and run "bg".</p>
<p>And that's it! You are now the proud owner of a tor hidden service.
Take the hostname you copied down before and add ".onion" to the end and
give it to your friends so they can browse the files in the directory
through the Tor Browser.</p>
<p>Be sure to watch the program log though... lest they get up to no
good.</p>
</body>
</html>
|