KBS-WS15-Lightningtalks3/dot onion

Dies ist der 15. Termin vom KunterBuntenSeminar im WS 2015. Ort: Raum D-125 am Informatikum
Datum: 26. Januar
Zeit: 18:15 Uhr bis ca. 19:45 Uhr

Abstract[Bearbeiten]

Dieser Lightning Talk wurde in der dritten Lightning Talk Session des KunterBuntenSeminars im Wintersemester 2015 gehalten.

Tor onion services[Bearbeiten]

Hiding services to preserve privacy[Bearbeiten]

Examples:

• httpd: your private web presence
• xmpp: your daily instant messaging
• other services ...

see: https://www.torproject.org/docs/hidden-services.html.en

service Configuration[Bearbeiten]

Configuring .onion-Service[Bearbeiten]

 aptitude install tor

/etc/tor/torrc:

 # nginx
 HiddenServiceDir /var/lib/tor/hidden-httpd/
 HiddenServicePort 80 127.0.0.1:80

restart tor:

 systemctl restart tor.service

see: https://www.torproject.org/docs/tor-hidden-service.html.en

httpd: nginx[Bearbeiten]

/var/lib/tor/hidden-httpd/hostname:

 <hash>.onion

/etc/nginx/sites-available/hidden-httpd:

 server {
 listen   127.0.0.1:80;
 root /var/www/hidden-httpd/;
 index index.html index.htm;
 server_name <hash>.onion;
 }

xmpp: prosody[Bearbeiten]

/etc/prosody/conf-avail:

 VirtualHost "<hash>.onion"
 modules_enabled = { "onions" };
 ssl = {
       key = "/etc/prosody/certs/<hash>.onion.key";
       certificate = "/etc/prosody/certs/<hash>.onion.crt";
 }
 modules_enabled = { "onions" };
 onions_only = true;

see: https://modules.prosody.im/mod_onions.html

Client Configuration[Bearbeiten]

Configuring aptitude[Bearbeiten]

 aptitude install torsocks apt-transport-tor

/etc/apt/sources.list:

 deb tor+http://vwakviie2ienjx6t.onion/debian/ stable main
 deb tor+http://earthqfvaeuv5bla.onion/debian/ stable main

see: https://web.archive.org/web/20160416083047/http://richardhartmann.de/blog/posts/2015/08/24-Tor-enabled_Debian_mirror/

Using torbrowser[Bearbeiten]

 aptitude install torbrowser-launcher

• icon of Torbrowser on your desktop
• accessing .onion-web-services
• every domain visited is routed through a different circuit

XMPP-client[Bearbeiten]

• SOCKS-5-Proxy: localhost:9050
• connects all traffic through the tor-network

Referent[Bearbeiten]

momo: Ich bin per jabber (post@bjoernb.org) oder mail (4bewersd@inf) zu erreichen, oder ab und an im c.t..

Weblinks[Bearbeiten]

• Tor onion services
• Configuring .onion services
• Documentation for mod_onions for prosody
• Configuring aptitude to use .onion-mirros