How-to Guide: Set-up Tor on Linux (Ubuntu) and connect BitcoinWith the release of Bitcoin Core version 0.12.0
-
https://bitcointalk.org/index.php?topic=1374377.0We see the following developments for using Bitcoin with Tor:
Automatically use Tor hidden services
-------------------------------------
Starting with Tor version 0.2.7.1 it is possible, through Tor's control socket
API, to create and destroy 'ephemeral' hidden services programmatically.
Bitcoin Core has been updated to make use of this.
This means that if Tor is running (and proper authorization is available),
Bitcoin Core automatically creates a hidden service to listen on, without
manual configuration. Bitcoin Core will also use Tor automatically to connect
to other .onion nodes if the control socket can be successfully opened. This
will positively affect the number of available .onion nodes and their usage.
This new feature is enabled by default if Bitcoin Core is listening, and
a connection to Tor can be made. It can be configured with the `-listenonion`,
`-torcontrol` and `-torpassword` settings. To show verbose debugging
information, pass `-debug=tor`.A good guide for how-to easily set-up Tor on Linux (Ubuntu) for use with Bitcoin seemed somewhat lacking, so here goes:
(Part 1) - Install Tor with ARM Controller.Assuming that you already have SSH access to your server:
sudo apt-get dist-upgrade
Check that you have the following packages installed and/or install them:
sudo apt-get install nano screen ca-certificates openssl ntp ntpdate
Check your time server offset:
ntpdate -q ntp.ubuntu.com
Reboot here, if necessary.
OK. Let's add the Tor official package repository to our sources list:
Reference:
https://www.torproject.org/docs/debian.html#ubuntuecho 'deb http://deb.torproject.org/torproject.org trusty main' | sudo tee -a /etc/apt/sources.list.d/torproject.list
Import the key:
gpg --keyserver keyserver.ubuntu.com --recv 886DDD89
or use: gpg --keyserver keys.gnupg.net --recv 886DDD89
Now export the key:
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
Refresh our sources again and we should now see http:// deb. torproject. org being hit a bunch of times.
Install Tor:
Now Stop Tor, as we need to configure it properly:
The Tor Project provides a package to keep the signing key current, which is a good thing, so let's install it:
sudo apt-get install deb.torproject.org-keyring
Install Tor GeoIP data base (might have already installed it):
sudo apt-get install tor-geoipdb
Install Tor ARM controller:
sudo apt-get install tor-arm apparmor-utils
Done.
Next we need to configure how Tor will run. We do this by editing our torrc file.
The most important lines in the torrc to add or uncomment (removing the #) for basic CLIENT only (i.e. non-bridge, non-relay, non-exit) Bitcoin operation through Tor are:
ClientOnly 1
SOCKSPort 9050
SOCKSPolicy accept 127.0.0.1/8
Log notice file /var/log/tor/notices.log
ControlPort 9051
HiddenServiceStatistics 0
ORPort 9001
LongLivedPorts 8333
ExitPolicy reject *:*
DisableDebuggerAttachment 0
See:
https://www.torproject.org/docs/tor-manual.html- The above torrc config. connects us to the Tor network, as CLIENT only and ensures the SOCKS Port 9050 is accessible from our localhost (127.0.0.1:9050) for Bitcoin to connect through. N.B. This is also considered an
optimal config. for hosting your own Bitcoin addnode=.onion Tor 'ephemeral' hidden_service.
Navigate the torrc screen using your keyboard's arrow keys. When done, Save the torrc config. with:
ctrl + x
Now we are ready to start Tor and the ARM controller using a separate screen session (which is very convenient when using a VPS).
Start (restart) Tor:
Create a
new screen session called tor:
Now start ARM within the new 'tor' screen session:
N.B. if 'sudo' won't run, then just use only > arm
Success! Now Tor and ARM are running. You can navigate the ARM 'tabs' using the arrow keys on your keyboard.
To exit ARM's screen session (although keep it running when you exit the VPS or continue to work in another screen) press:
ctrl + A + D
To re-enter the running screen:
N.B. Use this command and
not ' screen -S tor ' to check that Tor / ARM are running when you next login to your VPS.
You only need to use ' screen -S tor ' if you restarted the VPS or shut down the screen session.
You can also use ARM to shut down Tor (closing ARM by pressing
q q) , first using the menu tab
m in ARM or simply just use:
N.B. Some VPS servers do not allow using the 'sudo' command as
user, so simply omit any reference to 'sudo' in any line above if you encounter this issue.
OK. Part 2 of this guide will look to cover:
- Setting up and running bitcoind on your VPS
- Running a 'dual stack' bitcoind i.e. on clearnet and though Tor.
- Using 'ephemeral' hidden services as addnode=.onion's
If this guide was useful for you please consider some 'tips / donations' at
http://StartOR.org - Cheers!