Qubes 4.0rc4
i have a StandaloneVM that is a clone of whonix-gw
Tor version 0.3.2.9
Linux host 4.14.13-3.pvops.qubes.x86_64
I follow the instructions here:
but running
sudo cat /var/lib/tor/hidden_service/hostname
returns “No such file or directory”
I’ve set up hidden services on Whonix before and i believe this was very straight forward. This is my first time attempting it in Qubes. Any suggestions appreciated.
I am trying to do this in a StandaloneVM that is a clone of whonix-gw and connected to sys-firewall. The output of these commands in the StandaloneVM appear to be the same as sys-whonix:
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:9182’ for SocksPort. This allows everybody… wanted.
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:9183’ for SocksPort. This allows everybody… wanted.
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:9184’ for SocksPort. This allows everybody… wanted.
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:9185’ for SocksPort. This allows everybody… wanted.
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:9186’ for SocksPort. This allows everybody… wanted.
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:9187’ for SocksPort. This allows everybody… wanted.
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:9188’ for SocksPort. This allows everybody… wanted.
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:9189’ for SocksPort. This allows everybody… wanted.
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:5300’ for DNSPort. This allows everybody o… wanted.
Feb 09 16:11:47 host Tor[910]: You configured a non-loopback address ‘10.137.0.8:9040’ for TransPort. This allows everybody… wanted.
Hint: Some lines were ellipsized, use -l to show in full.
user@host:~$ sudo -u debian-tor tor --verify-config
Feb 09 16:12:15.456 [notice] Tor 0.3.2.9 (git-64a719dd25a21acb) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t, Zlib 1.2.8, Liblzma 5.1.0alpha, and Libzstd N/A.
Feb 09 16:12:15.456 [notice] Tor can’t help you if you use it wrong! Learn how to be safe at Tor Project | Download
Feb 09 16:12:15.456 [notice] Read configuration file “/etc/tor/torrc”.
Configuration was valid
Feb 09 16:14:51 host Tor[960]: You configured a non-loopback addr…
Feb 09 16:14:51 host Tor[960]: You configured a non-loopback addr…
Feb 09 16:14:51 host Tor[960]: You configured a non-loopback addr…
Feb 09 16:14:51 host Tor[960]: You configured a non-loopback addr…
Feb 09 16:14:51 host Tor[960]: You configured a non-loopback addr…
Feb 09 16:14:51 host Tor[960]: You configured a non-loopback addr…
Feb 09 16:14:51 host Tor[960]: You configured a non-loopback addr…
Feb 09 16:14:51 host Tor[960]: New control connection opened from…
Feb 09 16:14:52 host Tor[960]: New control connection opened from…
Feb 09 16:14:52 host Tor[960]: New control connection opened from…
Hint: Some lines were ellipsized, use -l to show in full.
user@host:~$ sudo -u debian-tor tor --verify-config
Feb 09 16:17:30.175 [notice] Tor 0.3.2.9 (git-64a719dd25a21acb) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t, Zlib 1.2.8, Liblzma 5.1.0alpha, and Libzstd N/A.
Feb 09 16:17:30.175 [notice] Tor can’t help you if you use it wrong! Learn how to be safe at Tor Project | Download
Feb 09 16:17:30.175 [notice] Read configuration file “/etc/tor/torrc”.
Configuration was valid
I configured a StandalonVM (whonix-gw) for v3 hidden service but was unable to reproduce your results. Could you have miss-typed /var/lib/tor/hidden_service/ in your torrc? Could you please post your torrc but make sure to redact any sensitive info.
Thanks so much for trying that for me. You are correct. I had “/var/log/tor” instead of “/var/lib/tor” so it kept reading correctly in my head. I changed it and now I"m getting a v3 address in /var/lib/tor/hidden_service/hostname
Solved!
Now I’ve just got to figure out the fire wall. For qubes the wiki says to do:
But it isn’t clear to me if that is in the ws or the gw. I’m somewhat familiar with iptables, but if someone can explain why that command is necessary that would be helpful.