|
Title: Tor fallback nodes Post by: rahl on November 01, 2011, 02:13:19 PM I can't get any of the Tor fallback nodes listed at https://en.bitcoin.it/wiki/Fallback_Nodes to work.
From my tor network it doesn't even seem to be attempting connections to the .onion addresses. I set it up exactly as described there with the torrc and bitcoin configuration files. So is this supposed to work? Title: Re: Tor fallback nodes Post by: theymos on November 01, 2011, 04:17:40 PM Those were added a long time ago, so they might all be down now.
Title: Re: Tor fallback nodes Post by: rahl on November 01, 2011, 04:19:18 PM Is there some more updated list of nodes on tor?
Title: Re: Tor fallback nodes Post by: Red Emerald on November 01, 2011, 06:33:49 PM I'll setup a hidden service on my main miner and get the ports open for you later today. I think bitcoin over tor is probably privacy overkill, but it can't hurt.
Hm... Just tried to "apt-get install tor" on my miner and it was unhappy with libevent versions. This may take a little longer than I thought. Title: Re: Tor fallback nodes Post by: rahl on November 01, 2011, 07:07:47 PM I'll setup a hidden service on my main miner and get the ports open for you later today. I think bitcoin over tor is probably privacy overkill, but it can't hurt. Hm... Just tried to "apt-get install tor" on my miner and it was unhappy with libevent versions. This may take a little longer than I thought. I don't think it is overkill. The IRC peer relay without tor seems rather terrible for privacy and any well used node could be harvesting client IPs for some malevolent purpose. Granted they probably can't do that much with just my IP, but I am not really qualified to evaluate the security of my home computer. All I know is consumer routers or AVG was probably not designed to protect money... It used to find peers by itself with the tor proxy on before but lately I have been having 0 connections and pretty much need to shut of the proxy to update the chain... It may or may not be possible to connect to my client on e3tn727fywnioxrc.onion:8333 I have no idea if that is going to work though. I am pretty sure the hidden service is setup correctly but I don't know if the bitcoin client might need some configuring to communicate properly with the hidden service? Title: Re: Tor fallback nodes Post by: Red Emerald on December 25, 2011, 02:05:33 AM I realize this is way late, but I finally got some tor hidden services up for bitcoin and namecoin
p2hwc26zdsrqxiix.onion EDIT: Hmm. It seems that bitcoin is limiting itself to 8 connections. My server running the hidden service is in my network's DMZ and I have "maxconnections=125" in my config. Does having a proxy set force it to 8? I'm still downloading the block chain. Should I disable the proxy? That would reveal that I'm running a node which I thought kind of removed the point of being a tor hidden service though. Code: $ bitcoind getinfo EDIT AGAIN: I turned the proxy off and still am only getting 8 connections :( Title: Re: Tor fallback nodes Post by: Gabi on December 25, 2011, 11:20:53 AM When you get only 8 connections it mean you are only connecting to the 8 nodes of the IRC list thing, the default ones. Only 8 connections it means your client is unable to find and comunicate with other nodes
Title: Re: Tor fallback nodes Post by: mila on December 25, 2011, 08:09:00 PM I suppose to start using bitcoin client over tor I need to set it up with -addnode values of tor nodes?
Title: Re: Tor fallback nodes Post by: Red Emerald on December 25, 2011, 08:43:45 PM I suppose to start using bitcoin client over tor I need to set it up with -addnode values of tor nodes? I'm pretty sure thats how to do it.I am getting more than 8 connections with namecoin, but bitcoin is still limited to 8. I just checked my router and it looks like it still had UPnP for my bitcoin port to another system. I've cleared that out and hopefully it gets more than 8 now. Title: Re: Tor fallback nodes Post by: Red Emerald on December 26, 2011, 06:44:40 AM mila I realized that if you want to only use the nodes behind tor hidden services, you should use "connect" instead of "addnode"
Clearing out the UPnP forwards got my connection count up. Code:
Now my only question is if I should set the proxy back to using tor. I'm guessing not since then the client automatically sets "nolisten" when it detects a proxy on 9050 and I still want to listen on localhost for the hidden service. Has anyone else done this? Theres only a few other of hidden services listed and they are listed anonymously so I don't know who to ask. p2hwc26zdsrqxiix.onion just in case you missed it although I can't get my client to connect to it :( If a government ever bans/blocks bitcoin use, allowing people access to the network via a tor hidden services (or i2p or something similar) is going to be important. However, the current client doesn't appear to work with hidden services very well. Some of the issues are brought up here https://github.com/bitcoin/bitcoin/issues/441. However, that is for being a node that doesn't contribute for the network. I am trying to run a tor hidden service and it really doesn't seem possible to run one optimally. How can I set my node to not advertise my IP on IRC without setting "nolisten"? I have to listen on localhost without giving my IP in order to run the hidden service properly. On a side note, I'm really surprised that the client can't use a port besides 8333. EDIT: So I think that tor hidden services and bitcoin are not currently compatible. Putting the onion hostnames from the wiki into connect did not work for me at all. I know my own hidden service is up as I am also running a simple web server that is accessible from the same hostname. When I put the IP of the system running my hidden service on the connect line, it works. Obviously this defeats the purpose of the hidden service though. Does bitcoin ignore connection attempts from localhost or something? Anyone have any ideas as to why hidden services aren't working? Title: Re: Tor fallback nodes Post by: theymos on December 26, 2011, 07:28:58 AM It's impossible to run a hidden service that accepts connections with recent versions. You'd need to change the code.
Title: Re: Tor fallback nodes Post by: Red Emerald on December 26, 2011, 07:37:26 AM It's impossible to run a hidden service that accepts connections with recent versions. You'd need to change the code. That's too bad. A hidden service that doesn't accept connections isn't much of a service.How do you know this? What changed in recent versions? What code needs to change? Why isn't this mentioned on the wiki right under where the hidden services are listed? Title: Re: Tor fallback nodes Post by: theymos on December 26, 2011, 07:53:03 AM It changed within the last month or two, I think.
You'd need to make these changes to fix it: net.cpp Code: if (/*fUseProxy ||*/ mapArgs.count("-connect") || fNoListen)init.cpp Code: fNoListen = GetBoolArg("-nolisten") //|| fTOR;Title: Re: Tor fallback nodes Post by: Red Emerald on December 26, 2011, 08:07:23 AM It changed within the last month or two, I think. You'd need to make these changes to fix it: net.cpp Code: if (/*fUseProxy ||*/ mapArgs.count("-connect") || fNoListen)init.cpp Code: fNoListen = GetBoolArg("-nolisten") //|| fTOR;<3 EDIT: Actually, I'm not sure that's enough to fix it. Right now my server does not have "proxy", "connect", or "nolisten" in it's config. When connecting to the IP directly from another node, the connection works. When I try to use the hidden service from my remote node (which should appear to the server as a connection from localhost), my node fails to connect. Your code changes don't seem to do anything for that failure. Title: Re: Tor fallback nodes Post by: theymos on December 26, 2011, 08:21:26 AM Code: fNoListen = GetBoolArg("-nolisten") //|| fTOR;Whoops, you need a semicolon before that comment. Title: Re: Tor fallback nodes Post by: Red Emerald on December 26, 2011, 08:49:14 AM Code: fNoListen = GetBoolArg("-nolisten") //|| fTOR;Whoops, you need a semicolon before that comment. Title: Re: Tor fallback nodes Post by: mila on December 26, 2011, 11:33:44 PM mila I realized that if you want to only use the nodes behind tor hidden services, you should use "connect" instead of "addnode" thanks, that's what I aim to do. setup one of my clients to work only through tor network. limiting connections to those with .onion addresses only and see how it works. Title: Re: Tor fallback nodes Post by: theymos on December 26, 2011, 11:40:59 PM EDIT: Actually, I'm not sure that's enough to fix it. Right now my server does not have "proxy", "connect", or "nolisten" in it's config. When Bitcoin uses Tor, nolisten is automatically applied, and you can't override it. I'm pretty sure connections from localhost are allowed. Title: Re: Tor fallback nodes Post by: Red Emerald on December 27, 2011, 02:07:35 AM EDIT: Actually, I'm not sure that's enough to fix it. Right now my server does not have "proxy", "connect", or "nolisten" in it's config. When Bitcoin uses Tor, nolisten is automatically applied, and you can't override it. I'm pretty sure connections from localhost are allowed. All I did was setup a hidden service that points to 8333. Bitcoin on this server is currently completely unaware of tor being used. However I still cannot get a connection to any of the listed tor hidden services. That's why I think there is something more going on. I ran a second bitcoind on my tor server (where the primary bitcoind is public) with nolisten and connect=127.0.0.1 (which is similar to how a connection coming to the hidden service would look), and it was able to connect. I also ran a second bitcoind on my client (where the primary bitcoind proxies via tor) that has "nolisten" and "connect=127.0.0.1." It was unable to connect which makes me believe that when "nolisten" is set, even connections from localhost fail. I think that there might be a problem with bitcoin trying to resolve the onion names via dns or something instead of passing them to the proxy like it should, but I'm not sure and my C is really rusty so auditing the code will take me a while. Once I get this working properly, I may add "proxy" back to the config. For now, I don't mind broadcasting that I am running a node on my IP and I also like having better connectivity to the network. Mila, do you have any connections? I'm wondering if I just need to be more patient since tor can take a while to resolve. I still think something else in the bitcoin client needs to be modified though. Title: Re: Tor fallback nodes Post by: theymos on December 27, 2011, 03:12:49 AM Are you using mapaddress?
Title: Re: Tor fallback nodes Post by: Red Emerald on December 27, 2011, 03:36:02 AM Are you using mapaddress? I just added this to my torrc and made my bitcoin.conf match Quote mapaddress 192.0.2.2 p2hwc26zdsrqxiix.onion mapaddress 192.0.2.3 sh4ep6zb6vnoa2h5.onion mapaddress 192.0.2.4 iy6ni3wkqazp4ytu.onion mapaddress 192.0.2.5 bxfna6fhddpzduck.onion I'll let you know if it works. Why does bitcoin not support using a remote DNS? I would think it should considering it has proxy support. Oh wow. I finally found this page https://en.bitcoin.it/wiki/Fallback_Nodes#Tor_network Would sure be nice if https://en.bitcoin.it/wiki/Tor mentioned it... EDIT: That did it theymos! Thanks! Code: $ bitcoind getinfo I'll add something to the wiki to make this more clear for people Title: Re: Tor fallback nodes Post by: theymos on December 27, 2011, 04:02:04 AM Ah, that's where I thought you would have seen the list of hidden services. They shouldn't be listed elsewhere, since they're useless without the instructions.
Title: Re: Tor fallback nodes Post by: Red Emerald on December 27, 2011, 04:36:11 AM Ah, that's where I thought you would have seen the list of hidden services. They shouldn't be listed elsewhere, since they're useless without the instructions. I removed them from the other page, added a link and expanded the explanation of how to properly connect to the hidden services. I still think that if I set my server running the tor hidden service to also proxy it's connections through tor, then it will reject incoming connections and not work properly. Title: Re: Tor fallback nodes Post by: Red Emerald on December 28, 2011, 12:00:41 AM I've added all of the tor fallback nodes to my torrc with mapaddress and I only connect to 1. I'm pretty sure that my hidden service is the only one still online.
Title: Re: Tor fallback nodes Post by: Gavin Andresen on December 28, 2011, 12:22:15 AM Disclaimer: I'm a Tor newbie and networking stuff isn't my strong suit, you probably know more about it than I do.
But: I fixed a Tor-related bug for version 0.6 a few days ago. In particular, I moved all of the "turn this on or turn this off if running over Tor" to one spot (in the init.cpp file) and reworked the code so that you can override all of those decisions via command-line or bitcoin.conf switches (e.g. specify -nolisten=0 to set nolisten to false so you DO listen even if running a port 9050 proxy). Title: Re: Tor fallback nodes Post by: Red Emerald on December 28, 2011, 01:00:09 AM Disclaimer: I'm a Tor newbie and networking stuff isn't my strong suit, you probably know more about it than I do. Great. I'll be sure to test 0.6 with a proxy set and a tor hidden service sometime soon.But: I fixed a Tor-related bug for version 0.6 a few days ago. In particular, I moved all of the "turn this on or turn this off if running over Tor" to one spot (in the init.cpp file) and reworked the code so that you can override all of those decisions via command-line or bitcoin.conf switches (e.g. specify -nolisten=0 to set nolisten to false so you DO listen even if running a port 9050 proxy). Title: Re: Tor fallback nodes Post by: Red Emerald on December 28, 2011, 09:05:19 PM I got another hidden service up and running.
You can see a list of them on the wiki, although it appears that my 2 are the only ones online :( https://en.bitcoin.it/wiki/Fallback_Nodes#Tor_nodes Title: Re: Tor fallback nodes Post by: mila on December 29, 2011, 12:24:18 AM I got another hidden service up and running. hooray! : ) You can see a list of them on the wiki, although it appears that my 2 are the only ones online :( there was this issue with Tor that as soon as you run a stable node, it gets high traffic as the network routes more and more through that node. probably folks gave up turning theirs off and on again. either you shape available bandwidth or tune tor to only consume a fair share of resources and then it might be sustainable. I hope I'm wrong and running tor is not an issue anymore |