Hidden service for whonix.org taken offline

Patrick · November 9, 2014, 11:31pm

[html]

Fortasse (whonix.org webmaster) and I agreed to take down the hidden service for whonix.orgÂ http://xxxxxxxxxxh5kyrx.onion.

(If you’re wondering, why we provided a hidden service, but didn’t use it for location privacy, see:

https://www.whonix.org/wiki/Forcing_.onion_on_Whonix.org)

The reason for this unfortunate change is, that the Tor service on whonix.org took an immense amount of CPU time. So much, that whole whonix.org was no longer accessible without server reboot.

The bug we’re affected from has probably already been reported:

https://trac.torproject.org/projects/tor/ticket/8864

Unfortunately, it is unlikely, that this bug gets fixed anytime soon:

https://lists.torproject.org/pipermail/tor-talk/2013-December/031531.html

See also:

https://blog.torproject.org/blog/hidden-services-need-some-love

[/html]

townsend · November 10, 2014, 1:32am

Thank you for the Information Adrelanos.

Best Regards!

townsend

system · January 15, 2015, 5:25am

[html]

[…] until recently, (and not again until a certain issues with hidden service scability are fixed), also offered their site to be accessed via a .onion […]

[/html]

BM-2cU · March 12, 2015, 6:27pm

Any idea how to reproduce this INTRODUCE2 error? What are the conditions to make it come up?
Installed a hidden service over 3 hours ago, told some buddies to visit it and everything still runs smoothly.
On the other side I ask myself what causes a service running for so long suddenly to fail? And what are the dark shop owners doing - sit next to their server and restart it again and again? I don’t think so…

BM-2cU · March 31, 2015, 11:30am

It’s very easy to use crontab and to send a sighup every x minutes to keep the hiddenservice alive without waiting for the problem to occur.

Is there some concern I don’t know or why don’t you use this?

Patrick · April 1, 2015, 10:28am

I don’t remember why we didn’t do this back then. Perhaps because of the bug reports the connection interrupted error during restart would generate. Or perhaps because a simple restart of the service didn’t do the trick. I could be mistaken, but I think we needed to reboot the whole server to make it run smoothly again.

BM-2cU · April 2, 2015, 5:54pm

Until now I can only confirm that every sighup piles up a lot of messages like this in the gateway protocols:

Changing identity doesn’t do the job.
Error or bug warnings I couldn’t detect.
Server sessions remain undisturbed.

Patrick · April 2, 2015, 6:03pm

[quote=“BM-2cU, post:7, topic:659”]Until now I can only confirm that every sighup piles up a lot of messages like this in the gateway protocols:

[notice] You configured a non-loopback address '10.152.152.10:9xxx' for SocksPort. This allows everybody on your local network to use your machine as a proxy. Make sure this is what you wanted.

Changing identity doesn’t do the job.
Error or bug warnings I couldn’t detect.
Server sessions remain undisturbed.[/quote]
Totally unrelated here. (Because whonix.org doesn’t run Whonix.)

nurmagoz · January 24, 2016, 8:55pm

Update

this bug:- Hidden service: Suddenly the service does not respond to new connections (INTRODUCE2 cell on intro circ with no corresponding rend_intro_point_t) (#8864) · Issues · Legacy / Trac · GitLab

has been fixed.

Patrick · February 10, 2016, 7:57pm

Quote:

We attempted to fix the bug in 0.2.7, but it seems like it reappeared as #16702.

But it looks like finally that bug was fixed in Tor 0.2.7.6.

Quote:

The wrong list was used when looking up expired intro points in a
rend service object, causing what we think could be reachability issues
for hidden services, and triggering a BUG log. Fixes bug 16702; bugfix
on 0.2.7.2-alpha.

tor from deb.torproject.org should contain the bug fixed version.

Whether that would remedy the original issue why @fortasse and me had agreed to take the hidden service for whonix.org offline down is another question.