[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [CONTRIBUTE] [DONATE]

Configuring Onion Service

At last onion domain has been obtained. Thank you !!!

Glad this could be solved. Will be fixed in next release out of the box which will probably come soonish.

But our goal was to configure Onion Service. Headache not stopped.

File
sudo nano /usr/local/etc/torrc.d/50_user.conf

there was transformed to such content:

HiddenServiceDir /var/lib/tor/hidden_service/
#HiddenServicePort 80 10.152.152.11:80
HiddenServicePort 80 192.168.0.11:8070
HiddenServiceVersion 3

Into workstation there was installed

apt-get install lighttpd

to config there was added:

server.port = 8070
$HTTP[“remoteip”] !~ “80 192.168.0.11” {
url.access-deny = ( “” )
}
server.dir-listing = “disable”

and

server.document-root = “/var/www/html”

was not changed.

Tor services was restarted and reloaded.
Light server (above):

user@host:~$ sudo service lighttpd start

Try to enter ONION WEB SITE from different computer:

Outcome ----> “Hmm. We’re having trouble finding that site…”

The same manipulations on Kali Linux only with difference:

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8080

and

server.port  = 8080
$HTTP["remoteip"] !~ "127.0.0.1" {
url.access-deny  = ( "" )
}

AND ALL FUNCTIONING WITHOUT HEADACHE.

Where is error ?

Also there was impossible obtain workable onion web site with gateway with:

File
sudo nano /usr/local/etc/torrc.d/50_user.conf

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 10.152.152.11:80
HiddenServiceVersion 3

and server

server.port  = 80
$HTTP["remoteip"] !~ "10.152.152.11" {
url.access-deny  = ( "" )
}

Other lines the same.

And …?

Please follow these instructions:

These instructions does not contain information how to install web server with Workstation. Also does not contain any instructions for lighttpd web server.

From here

I got instruction of installation lighttpd into Workstation where you APROVE IT AND PARTICIPATED IN DISCUSSION and replicated. That is why I have question why such approach works in above case and does not works in my case. Nothing special.

It’s here.

https://www.whonix.org/wiki/Onion_Services#Step_1:_Install_Server_Software

Instructions are pretty much same same anyhow. Exept for a different package name.

I also recommend to use default instructions first. After success, you can modify to do other things.

That’s from year 2014. 6 years ago. Things change meanwhile. We try to keep documentation up to date but updating old forum posts is not possible.

OK. I made all in accordance with instruction.

UWT_DEV_PASSTHROUGH=1 curl 127.0.0.1:80

Welcome to nginx! body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; }

Welcome to nginx!

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.

Thank you for using nginx.

But when try enter onion address from TOR browser of host OS obtain error:“Server not found”

Changed workstation firewall rules according to documentation too?

Changed in this time. I forgot to make it. But error still the same.

PHP page also generate error 502 - Bad gateway.

Config file:

server {
listen 80 default_server;
listen [::]:80 default_server;

root /var/www/html;

    # Add index.php to the list if you are using PHP
    index index.html index.htm index.nginx-debian.html index.php;

    server_name localhost;

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
    }
    location ~ \.php$ {
            include snippets/fastcgi-php.conf;
    #
    #       # With php-fpm (or other unix sockets):
            fastcgi_pass unix:/run/php/php7.3-fpm.sock;
    #       # With php-cgi (or other tcp sockets):

fastcgi_pass 127.0.0.1:9000;

    }

}

Error still the same…
Any solution ?

It’s a non-default nginx config.

The only way to get the fastcgi and other specialized nginx config stuff sorted is probably https://www.whonix.org/wiki/Free_Support_Principle.

I suggest making onion services work with default config. fastcgi and whatnot shouldn’t be attempted before onion services are functional.

Oh, I’m stupid guy, I forgot Linux principle working with commercial OSes.
I forgot that “free cheese could be found only in the mouse trap”. :slight_smile:
I forgot information from Microsoft’s web site that Linux is free, but subscription and support cost several times more than commercial OSes price.
I’m really stupid.
How could I forget these simple things ?
How could I forget Oracle’s free and EMPTY Solaris ???

Problem is not with FAST CGI. Problem is THAT DEFALT INSTRUCTION DOES NOT FUNCTIONING. I can survive without FAST CGI.

BUT EXACTLY IMPLEMENTED INSTRUCTION DOES NOT PROVIDE POSITIVE RESULTS. I during several weeks cannot obtain ONION WEBSITE.

And DURING one hour I made it with Kali Linux.

On the other hand Whonix FOR CONSUMER will be have only value if user never will spend tons of time for obtain minimum functionality.

If I was developer of Whonix I will offered the client the next approach.
I will ask him:

  1. How many onion domain you want create ?
  2. How many of them 2 and 3 types ?
    3 Would you mind to have automatic generation of domains or insert your custom domain ?
  3. Please select one of the preinstalled web servers (1… nginx, 2. Apache, 3. lightttp…)
  4. Please provide password for …DB.
  5. Please provide your password for root.
  6. Please enter and all configuration will be created automatically during 2 minutes.
    If you will have any additional questions please resolver it with our Artificial Intelligence System based on Knowledge Base. Whonix is only Operation system in the World which make for user such level of support. Because Expert Systems was developed in 1990 year and will be very great shame to do such work MANUALLY ON PAID BASIS.

Hi @cmithuk
The problem is not with Whonix, the problem is in your approach.

You cannot expect and demand Whonix to provide an out-of-the-box seamless experience for your particular needs. You are a user, not a customer.

" Whonix is a privacy ecosystem that utilizes compartmentalization to provide a private, leak-resistant environment for many desktop computing activities."

It cannot cover all the possible user cases out of the box, but can be adapted and patched to do pretty much anything (principle of free software).

I am pretty sure that what you want to attain is completely feasible. If it really doesn’t work, then there may be a bug or a regression that needs addressing. All bug reports are welcome. But you cannot expect to be entitled to an easy solution to a complex problem. Especially not when you are insulting everybody.

In my modest experience, configuring and running web and onion services can be complicated and very technical. Especially if you strive for near perfect anonymity. If you want something working directly out of the box with a technical support you can shout at, you are welcome to rent a VPS somewhere. Otherwise I really encourage you to read up on the matter and keep your cool.

What you suggest in your list is pretty interesting. Having an automatic system to create onion and web services integrated into Whonix, or at least a simpler way of doing it, could be a great idea. You are welcome to pursue this idea further. You can always suggest this feature or fork Whonix and work on that individually.

1 Like

2 posts were split to a new topic: Improve Onion Service Usability by Script / GUI

Goal of any project never is develop of onion service. Onion service is only instrument for achieve goal. And if developer spend 80-90% of project time for make workable instrument such OS is BS…

It is not something complex which need extend project developer quantity or budget.
It task which average schoolboy who not take drugs can study and make maximum during day. Average engineer without computer background during several hours and with good manual during the one hour.

Whonix is OS, which make simple things as complex science !!!

All what can be described by simple words determinated such as part of theses.
Like developers of Whonix expect Nobel prise for it.

Only one example. Instead set up OS clock we read term:“Clock RANDOMISATION” !!!

Who will seek key words “CLOCK RANDOMISATION” if he or she want change value of system clock ??? !!!

“Why simple if we can make complex” - main motto of Whonix manual.

Why user can make all himself if he can order all of it on paid bases.

Why OS can be applicable by any guy from the street if it better will demand group of people with scientific degree to be able to make such complex procedure as CLOCK RANDOMISATION !!!

Why ONION SERVICES, which able to do for dark net any women or most of them who sell it’s body for cash, can be created by several clicks of mouse if this can be ART AND SCIENCE in one place, where user must graduate university of computer science, several courses, to order personal tuition, to order personal consulting etc.

Its like modern insured medical service which make complex surgery with $90 000 cost for insurance company instead to make simple treatment for $100 price with the same effectiveness.

Kali Linux have preinstalled three web servers. User only must to have knowledge to make choice and write in terminal command for start selected.

Onion services together with PHP, and other necessary ‘engines’ can be set up during one hour maximum. All works without headaches if clock set correct… And for this can be made SIMPLE CLOCK SET UP, not hard and complex CLOCK RANDOMISATION… for example.

80% developer must spent for something more valuable, not elementary job. Elementary with words equelibristic converted into HIGH MATH or APPLIED SCIENCE;.

I don’t understand what you mean at all. If it is so easy, what don’t you do it yourself? Or use whatever other Linux distributions that fits your needs… Instead of raging against Whonix.
Nobody forces you to use Whonix… not that you paid anything for it either…
You didn’t read a single line of what have been written here, you act like a spoiled child.
Good luck with your ONION SERVICES :wink:

2 Likes

Silenced user and locking this for 2 days for things too cool down hopefully.

This topic was automatically opened after 45 hours.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]