Support for Whonix working with RetroShare 0.6.0

RetroShare 0.6.0 has built in Tor Hidden Service support.
https://wiki.cavebeat.org/index.php/UnixCompile#Debian.2FUbuntu.2FRaspbian

Note that RetroShare is officially at version 0.5.5, so 0.6.0 is still a dev build.

Last year, before whonix gateway and whonix workstaion changed its IP address (to the 10.152.152.10 format) I was able to get this setup and working to reach other Tor Hidden Service peers on RetroShare 0.6. Now I no longer seem to be able to reach anyone (possibly not even get out of the Workstation network).

Based on the torrc.examples I tried:
HiddenServiceDir /var/lib/tor/hidden/
HiddenServicePort 3399 10.152.152.11:3399

I reloaded the tor service and got the hostname and put it in RetroShare, as RetroShare instructs. I realize this might be a bug in the expected design in RetroShare’s code or design, but I am not sure how it all works and wonder if there is any way that Whonix might recommend getting RetroShare 0.6.0 working with the Whonix Gateway hosting the RetroShare Tor hidden service I would be happy.

I cannot seem to reach out to other Tor hidden Service Peers, nor can I be reached by my friends who are running Tor (client to hidden-server mode in RetroShare).

Which IP addresses should I try, and where should I try them at (torrc file, retroshare software, etc)? RetroShare 0.6.0 seems to lock the outgoing traffic to 127.0.0.1, so I am not sure if that will be reaching Whonix Gateway or not.

Any advice would be welcomed.

Can you try setup a hidden web server beforehand please?

Such as simpler, common setup might help you test if otherwise everything is okay and give some insights how hidden services and Whonix work.

Please report back if you get it to work. Would be great adding this to documentation. (Instant Messenger Chat)

Thanks. My problem was that I was using the 10.152.152.11 from the example, but I had a custom IP set in /etc/networking/interfaced for the workstation.

RetroShare still seems to to not work perfectly with Whonix, as the incoming listening port is hardcoded to 127.0.0.1 on the workstation. Maybe that is getting forwarded to also listen with the same port on the Gateway? It doesn’t seem so though, as other peers cannot reach me. I can reach peers that have Tor Hidden Services setup however. So that is a good first step.

Maybe I can use IPtables to forward the listening 127.0.0.1 port between the hardcoded ip and the 10.152.152.10 address of the gateway that I should be using? Is that possible? And if so what would the iptables lines look like?

Can’t you make retroshare listen on all interfaces? That would be easiest.

iptables: difficult for localhost connections. Maybe this works:

Otherwise try rinetd. See existing /etc/rinetd.conf.

Apologies for necroposting, but it seems like this wasn’t solved. I could not find newer threads about it.

Patrick, I’ve just tried both your suggestions.

Neither ssh port forwarding, nor rinetd approach works.

RetroShare tries to bind to localhost:port at startup, but reports that the port is busy and fails to start.