[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

Tor Server Hidden service over whonix

Hi, i am trying for over 2 weeks to make a Tor server over whonix with ubuntu, but it always give error when i try to create a hidden service in TORRC in the Tor folder on Ubuntu inside Whonix, i tried a lot of different IPs and ports, but none of them worked, but in Ubuntu (Without Whonix) it works normally, how to make it work on Whonix? What IP and port should i use?
I want to do it because we suffer a vedy censorship in my country and i will make a forum to talk about politics.
I am trying to use the following script on torrc to make a hiden service with a lot of different IPs.

HiddenServiceDir / var / lib / tor / hidden_service / HiddenServicePort 80 127.0.0.1: 80. HiddenServicePort 443 127.0.0.1: 443

I can use internet normally (With Tor IPs) so it’s not problem with /network/interfaces neither /resolv.conf

I REALLY need it to work and be safe, our politicians are very corrupt and dangerous.

Good day,

is with “but it always give error when i try to create a hidden service in TORRC in the Tor folder on Ubuntu inside Whonix” meant, that you are using Whonix but somehow have the torrc file on Ubuntu? Because that is not possible. You see, Whonix is designed in a way, which only allows the Gateway to connect with the TOR-Network, which consequently also means that the torrc needs to be modified inside the Whonix-Gateway. Please only do this, if you know what you’re doing. Here is a guide on how to host a hidden web-server with Whonix: https://www.whonix.org/wiki/Hidden_Services#Tor_Hidden_Services_-_EASY Furthermore, let me recommend to you that you do NOT use Ubuntu as the Workstation in such a scenario (since I guess that’s what you’re currently doing) but rather the “classic Whonix-Workstation”. Now, because you said that you “REALLY need it to work and be safe” because your “politicians are very corrupt and dangerous.” I would definitely recommend that you use Qubes as a base, instead of the “normal” VirtualBox-solution, since it adds more than one layer of protection and is not much harder. Please refer to this for more information: https://www.whonix.org/wiki/Qubes

Have a nice day,

Ego

Thank you Ego, but i am a begginer in Gnu/linux and i just have a machine with Dual-core 2.0 and 2GB of ram (All running from my Windows 7, Windows 7- Whonix gateway and Ubuntu workstation) , so i do not have a top machine to put several layers of security (and i do not have a lot of ram memory), i am playing with my country incompetence, the poluce here can’t break a .rar with 12 digits.
Tge torrc i said is from the tor i downloaded ans installed in my Ubuntu workstation, it works normally when i use it as a browser, but when i try to make it run a hidden service, it says it had a problem. I read some days ago that i sould use 10.152.152.11 instead of 127.0.0.1 there, but nothing worked, i tried a lot of variations.

Good day,

first of all, Qubes is actually, at least for me, more efficient than VirtualBox, since its virtualisation standard “builds” more directly on the hardware you have. Secondly, like I’ve said before, the changes to the torrc need to be made inside the Gateway. The workstation actually can’t connect to anything by itself. That is the very concept of Whonix since, to put it very simply, malware only can get on your workstation, however only the gateway knows your IP, thus your location. Furthermore again, please use the preconfigured whonix-workstation and not ubuntu. Ubuntu actually is rather bloated with software which may or may not be what you want on there, when really trying to stay anonymous. Also, even if you still decide against Qubes, Windows really isn’t the best host regardless, especially if you use your windows installation for anything else. So, if Qubes really is something you don’t want to get into, consider a normal, encrypted Debian or Fedora as a host. Now, since you seem to still be rather confused when it comes to how Whonix really works, I recommend you may read the following wiki entry’s:

https://www.whonix.org/wiki/About https://www.whonix.org/wiki/Warning https://www.whonix.org/wiki/DoNot https://www.whonix.org/wiki/Fingerprint https://www.whonix.org/wiki/Download#First_time_user.3F https://www.whonix.org/wiki/Download#Verify_the_Whonix_images https://www.whonix.org/wiki/Post_Install_Advice https://www.whonix.org/wiki/Advanced_Security_Guide https://www.whonix.org/wiki/Logging_in_to_captive_portals https://www.whonix.org/wiki/Tor_Browser https://www.whonix.org/wiki/Chat https://www.whonix.org/wiki/Hosting_Location_Hidden_Services https://www.whonix.org/wiki/Metadata https://www.whonix.org/wiki/Software#Encrypt.2C_decrypt.2C_sign.2C_and_verify_text_using_OpenPGP.3B_GnuPG_frontend https://www.whonix.org/wiki/Features#VPN_.2F_Tunnel_support

Please read all of these from start to finish. Otherwise making a mistake is very easy. And please always keep in mind, even if you do all of the things mentioned on the wiki as they are stated, this still can’t grantee absolute security. There are a million factors which may lead to deanonymisation. From using the wrong browser, to sharing a file which still contains some meta data. Even the best of the best occasionally make a mistake and then they get a nice knock on the door. If all of that wasn’t enough, TOR, Whonix, your encryption, your hostsytem, your hardware, all of these things can have a fault you’re unaware of until it’s to late.

Now, as far as I can tell, you don’t believe in the technical capabilities of your goverment. However, being to cautious has never harmed anyone, the opposite however has. And, just as an other important factor to consider, sometimes agencys which seem like they do nothing actually do a lot.

Please keep all of this in mind and have a nice day,

Ego

Thank you again, Ego.

I will give a chance to do it in the default Whonix Gateway. But how could i make tor hidden service work at Whonix? I mean, i will install tor browser on Workstation and edit torrc to create a hidden service, but just i need to put the right IP in it or change anything on the Gateway? (I Think it’s just a correct IP i need)

Also, have a nice day you too.

Good day,

I’ve already linked a guide on how to host a hidden service in my two previous posts. This is the guide on how to do it: https://www.whonix.org/wiki/Hosting_Location_Hidden_Services

TOR runs on the Gateway. So the torrc file is also on the gateway. That’s the reason, why you need to modify it on the gateway, with the settings which are in the guide. The web-server and your browser are not in the gateway. They are in the Workstation to make it harder to leak your IP-adress.

Please read all the things which I’ve linked first, because such questions are actually answered in there as well. Understanding these things is the absolute minimum for staying safe, when hosting a hidden service.

Have a nice day,

Ego

Thank you again, Ego.

TOR runs on the Gateway. So the torrc file is also on the gateway. That’s the reason, why you need to modify it on the gateway, with the settings which are in the guide. The web-server and your browser are not in the gateway. They are in the Workstation to make it harder to leak your IP-adress.
Let me see if i got it, are you telling that if i want to configure torrc and run a tor hidden service, i need to change my torrc in the gateway instead of in the workstation? Ok, but, do i have to change anything in the workstation torrc? I downloaded tor in the workstation too.
I am beeggining to read those articles now.

Good day,

are you telling that if i want to configure torrc and run a tor hidden service, i need to change my torrc in the gateway instead of in the workstation? Ok, but, do i have to change anything in the workstation torrc?

You only need to modify torrc in the gateway since it doesn’t even exist on the workstation, because it isn’t necessary, since the workstation can’t connect by itself.

Have a nice day,

Ego

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]