I made all corrections indicated above and after reload Tor got something interesting you can find inside attached file.
Really cool system. Incredible properties. I’ll recommend it to all my friends.
user@host:~$ sudo cat /var/lib/tor/hidden_service/hostname
[sudo] password for user:
cat: /var/lib/tor/hidden_service/hostname: No such file or directory
Restart. Not reload. If Tor is not running yet, you cannot reload Tor (or any systemd unit file) if not yet running.
Expected. First, Tor needs to start without error. If an error like that is shown, Tor won’t start and not create these files.
At last onion domain has been obtained. Thank you !!!
Glad this could be solved. Will be fixed in next release out of the box which will probably come soonish.
But our goal was to configure Onion Service. Headache not stopped.
File
sudo nano /usr/local/etc/torrc.d/50_user.conf
there was transformed to such content:
HiddenServiceDir /var/lib/tor/hidden_service/
#HiddenServicePort 80 10.152.152.11:80
HiddenServicePort 80 192.168.0.11:8070
HiddenServiceVersion 3
Into workstation there was installed
apt-get install lighttpd
to config there was added:
server.port = 8070
$HTTP[“remoteip”] !~ “80 192.168.0.11” {
url.access-deny = ( “” )
}
server.dir-listing = “disable”
and
server.document-root = “/var/www/html”
was not changed.
Tor services was restarted and reloaded.
Light server (above):
user@host:~$ sudo service lighttpd start
Try to enter ONION WEB SITE from different computer:
Outcome ----> “Hmm. We’re having trouble finding that site…”
The same manipulations on Kali Linux only with difference:
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8080
and
server.port = 8080
$HTTP["remoteip"] !~ "127.0.0.1" {
url.access-deny = ( "" )
}
AND ALL FUNCTIONING WITHOUT HEADACHE.
Where is error ?
Also there was impossible obtain workable onion web site with gateway with:
File
sudo nano /usr/local/etc/torrc.d/50_user.conf
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 10.152.152.11:80
HiddenServiceVersion 3
and server
server.port = 80
$HTTP["remoteip"] !~ "10.152.152.11" {
url.access-deny = ( "" )
}
Other lines the same.
And …?
Please follow these instructions:
These instructions does not contain information how to install web server with Workstation. Also does not contain any instructions for lighttpd web server.
From here
I got instruction of installation lighttpd into Workstation where you APROVE IT AND PARTICIPATED IN DISCUSSION and replicated. That is why I have question why such approach works in above case and does not works in my case. Nothing special.
It’s here.
Instructions are pretty much same same anyhow. Exept for a different package name.
I also recommend to use default instructions first. After success, you can modify to do other things.
That’s from year 2014. 6 years ago. Things change meanwhile. We try to keep documentation up to date but updating old forum posts is not possible.
OK. I made all in accordance with instruction.
UWT_DEV_PASSTHROUGH=1 curl 127.0.0.1:80
Welcome to nginx! body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; }Welcome to nginx!
If you see this page, the nginx web server is successfully installed and working. Further configuration is required.
For online documentation and support please refer to
nginx.org.
Commercial support is available at
nginx.com.
Thank you for using nginx.
But when try enter onion address from TOR browser of host OS obtain error:“Server not found”
Changed workstation firewall rules according to documentation too?
Changed in this time. I forgot to make it. But error still the same.
PHP page also generate error 502 - Bad gateway.
Config file:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
server_name localhost;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
# # With php-cgi (or other tcp sockets):
fastcgi_pass 127.0.0.1:9000;
}
}
Error still the same…
Any solution ?
It’s a non-default nginx config.
The only way to get the fastcgi and other specialized nginx config stuff sorted is probably Self Support First Policy for Whonix.
I suggest making onion services work with default config. fastcgi and whatnot shouldn’t be attempted before onion services are functional.
Oh, I’m stupid guy, I forgot Linux principle working with commercial OSes.
I forgot that “free cheese could be found only in the mouse trap”. 
I forgot information from Microsoft’s web site that Linux is free, but subscription and support cost several times more than commercial OSes price.
I’m really stupid.
How could I forget these simple things ?
How could I forget Oracle’s free and EMPTY Solaris ???
Problem is not with FAST CGI. Problem is THAT DEFALT INSTRUCTION DOES NOT FUNCTIONING. I can survive without FAST CGI.
BUT EXACTLY IMPLEMENTED INSTRUCTION DOES NOT PROVIDE POSITIVE RESULTS. I during several weeks cannot obtain ONION WEBSITE.
And DURING one hour I made it with Kali Linux.
On the other hand Whonix FOR CONSUMER will be have only value if user never will spend tons of time for obtain minimum functionality.
If I was developer of Whonix I will offered the client the next approach.
I will ask him:
- How many onion domain you want create ?
- How many of them 2 and 3 types ?
3 Would you mind to have automatic generation of domains or insert your custom domain ? - Please select one of the preinstalled web servers (1… nginx, 2. Apache, 3. lightttp…)
- Please provide password for …DB.
- Please provide your password for root.
- Please enter and all configuration will be created automatically during 2 minutes.
If you will have any additional questions please resolver it with our Artificial Intelligence System based on Knowledge Base. Whonix is only Operation system in the World which make for user such level of support. Because Expert Systems was developed in 1990 year and will be very great shame to do such work MANUALLY ON PAID BASIS.
Hi @cmithuk
The problem is not with Whonix, the problem is in your approach.
You cannot expect and demand Whonix to provide an out-of-the-box seamless experience for your particular needs. You are a user, not a customer.
" Whonix is a privacy ecosystem that utilizes compartmentalization to provide a private, leak-resistant environment for many desktop computing activities."
It cannot cover all the possible user cases out of the box, but can be adapted and patched to do pretty much anything (principle of free software).
I am pretty sure that what you want to attain is completely feasible. If it really doesn’t work, then there may be a bug or a regression that needs addressing. All bug reports are welcome. But you cannot expect to be entitled to an easy solution to a complex problem. Especially not when you are insulting everybody.
In my modest experience, configuring and running web and onion services can be complicated and very technical. Especially if you strive for near perfect anonymity. If you want something working directly out of the box with a technical support you can shout at, you are welcome to rent a VPS somewhere. Otherwise I really encourage you to read up on the matter and keep your cool.
What you suggest in your list is pretty interesting. Having an automatic system to create onion and web services integrated into Whonix, or at least a simpler way of doing it, could be a great idea. You are welcome to pursue this idea further. You can always suggest this feature or fork Whonix and work on that individually.
1 Like