TOR Nodes

[775011934]

Running tor nodes, nothing is worth it!
The more tor nodes, the more complex the tor network,
the higher the anonymity!The future of the Internet is to connect everything,
 but some people don't want to be connected again and  being monitored. For this part, tor is very necessary!

[1715320669]

1715320669

[1715320669]

1715320669

[1715320669]

1715320669

[1715320669]

1715320669

[1715320669]

1715320669

[swogerino]

You risk visits from the FBI when running TOR nodes if you are in the States. You don't know what other people are doing on the TOR network and if yours is an exit node, pretty much the NSA or FBI can use traffic analyses to connect the offender on the TOR network to your node and you may receive an unpleasant visit soon after. Be very careful running TOR if you are in the States, a few neighbors of mine have had such visits but I don't know if they were running nodes or only using TOR browser.

[monkeydominicorobin]

I would like to ask your opinion about TOR enabled nodes.
Do you think it is worthy to enabled TOR in every one of our nodes?

I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.

What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.

If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.

If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.

Thanks,

You came to the right place since I know a lot about Tor nodes. There are three types of nodes to choose from. But since you are worried about your ISP. It is better to turn your nodes into Entry node or a Middle node. No fuss. No mess. You don't have to worry about anything. But if want tips exit node is your choice. You will get bitcoin tips. Very rare but if you put your bitcoin address in the settings people will donate because only a few people are setting up exit nodes. But this one is messy because you are the exit node authorities will always target the nodes especially when your node was used to download copyrighted content. Since most authorities are ignorant about nodes. You will always have to explain that you are just a node. Through email. You are not doing anything illegal. That will be your  job if you are going to set up an exit node. Really messy. 

[miguelmorales85]

I would like to ask your opinion about TOR enabled nodes.
Do you think it is worthy to enabled TOR in every one of our nodes?

I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.

What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.

If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.

If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.

Thanks,

You came to the right place since I know a lot about Tor nodes. There are three types of nodes to choose from. But since you are worried about your ISP. It is better to turn your nodes into Entry node or a Middle node. No fuss. No mess. You don't have to worry about anything. But if want tips exit node is your choice. You will get bitcoin tips. Very rare but if you put your bitcoin address in the settings people will donate because only a few people are setting up exit nodes. But this one is messy because you are the exit node authorities will always target the nodes especially when your node was used to download copyrighted content. Since most authorities are ignorant about nodes. You will always have to explain that you are just a node. Through email. You are not doing anything illegal. That will be your  job if you are going to set up an exit node. Really messy. 

hello, that is such a nice information the one you are giving me. I would take a look deeper to the kind of TOR nodes available.

I don't mind setting an exit node if that would work as a help to others. I don't live in US so I guess I could be in gray territory (fingers crossed).

I follow this walkthrough to install my current TOR node:
https://medium.com/@lopp/how-to-run-bitcoin-as-a-tor-hidden-service-on-ubuntu-cff52d543756

At this moment my TOR node has been some kind of failure, only outgoing connections and sometimes just one incoming connections, no matter how many days the node is up or the netscore.

thanks again

[aleksej996]

I would like to ask your opinion about TOR enabled nodes.
Do you think it is worthy to enabled TOR in every one of our nodes?

I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.

What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.

If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.

If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.

Thanks,

You came to the right place since I know a lot about Tor nodes. There are three types of nodes to choose from. But since you are worried about your ISP. It is better to turn your nodes into Entry node or a Middle node. No fuss. No mess. You don't have to worry about anything. But if want tips exit node is your choice. You will get bitcoin tips. Very rare but if you put your bitcoin address in the settings people will donate because only a few people are setting up exit nodes. But this one is messy because you are the exit node authorities will always target the nodes especially when your node was used to download copyrighted content. Since most authorities are ignorant about nodes. You will always have to explain that you are just a node. Through email. You are not doing anything illegal. That will be your  job if you are going to set up an exit node. Really messy. 

hello, that is such a nice information the one you are giving me. I would take a look deeper to the kind of TOR nodes available.

I don't mind setting an exit node if that would work as a help to others. I don't live in US so I guess I could be in gray territory (fingers crossed).

I follow this walkthrough to install my current TOR node:
https://medium.com/@lopp/how-to-run-bitcoin-as-a-tor-hidden-service-on-ubuntu-cff52d543756

At this moment my TOR node has been some kind of failure, only outgoing connections and sometimes just one incoming connections, no matter how many days the node is up or the netscore.

thanks again

You are talking about two different things. OP is not asking to run a Tor relay and help the Tor network, he is asking about running Bitcoin Core as a hidden service to help the Bitcoin network.

You are not running neither entry, middle nor exit relay. You are not running any kind of relay, you are just using a hidden service.

Your errors from the debug.log have nothing to do with inbound connections, they are all outbound, which you have plenty of.
Also that inbound connection was not yourself, but someone else, they all show 127.0.0.1 as that is only what your Bitcoin Core client can see. Remember that Tor hides IP addresses so it makes sense that you are not going to be able to tell apart the inbound connections to your node.

I suggest two things as someone who gets inbound Tor connections quickly when I start the node.

First, show us your configuration file here, move it somewhere and make a new one like this

Code:

proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=zmuzcuoflsycriya.onion

Also move somewhere all your data folder data that doesn't have anything to do with the blockchain or the wallet (blocks,chainstate and wallet.dat is all you need). You can keep the logs tho, they can still be useful.

Secondly, check your Tor configuration and set the hidden service manually if you haven't. Could you please say how you have setup the hidden service and all of that? What OS are you using? In torrc file you need to uncomment (remove the # character) the line where it says

Code:

#HiddenServiceDir /var/lib/tor/hidden_service/

Add the following line under that line

Code:

HiddenServicePort 8333 127.0.0.1:8333

According to bitnodes.21.co your node is unreachable right now, so you probably haven't set it up correctly, but since you had one connection, it seemed to be working. The truth is that you will not get inbound connections that easily. It can take days to get 3-4. But you shouldn't concern yourself with that, only with the reachability of the node. It helps the network just by being a reliable option to connect to if someone needs it.

[miguelmorales85]

I would like to ask your opinion about TOR enabled nodes.
Do you think it is worthy to enabled TOR in every one of our nodes?

I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.

What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.

If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.

If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.

Thanks,

You came to the right place since I know a lot about Tor nodes. There are three types of nodes to choose from. But since you are worried about your ISP. It is better to turn your nodes into Entry node or a Middle node. No fuss. No mess. You don't have to worry about anything. But if want tips exit node is your choice. You will get bitcoin tips. Very rare but if you put your bitcoin address in the settings people will donate because only a few people are setting up exit nodes. But this one is messy because you are the exit node authorities will always target the nodes especially when your node was used to download copyrighted content. Since most authorities are ignorant about nodes. You will always have to explain that you are just a node. Through email. You are not doing anything illegal. That will be your  job if you are going to set up an exit node. Really messy. 

hello, that is such a nice information the one you are giving me. I would take a look deeper to the kind of TOR nodes available.

I don't mind setting an exit node if that would work as a help to others. I don't live in US so I guess I could be in gray territory (fingers crossed).

I follow this walkthrough to install my current TOR node:
https://medium.com/@lopp/how-to-run-bitcoin-as-a-tor-hidden-service-on-ubuntu-cff52d543756

At this moment my TOR node has been some kind of failure, only outgoing connections and sometimes just one incoming connections, no matter how many days the node is up or the netscore.

thanks again

You are talking about two different things. OP is not asking to run a Tor relay and help the Tor network, he is asking about running Bitcoin Core as a hidden service to help the Bitcoin network.

You are not running neither entry, middle nor exit relay. You are not running any kind of relay, you are just using a hidden service.

Your errors from the debug.log have nothing to do with inbound connections, they are all outbound, which you have plenty of.
Also that inbound connection was not yourself, but someone else, they all show 127.0.0.1 as that is only what your Bitcoin Core client can see. Remember that Tor hides IP addresses so it makes sense that you are not going to be able to tell apart the inbound connections to your node.

I suggest two things as someone who gets inbound Tor connections quickly when I start the node.

First, show us your configuration file here, move it somewhere and make a new one like this

Code:

proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=zmuzcuoflsycriya.onion

Also move somewhere all your data folder data that doesn't have anything to do with the blockchain or the wallet (blocks,chainstate and wallet.dat is all you need). You can keep the logs tho, they can still be useful.

Secondly, check your Tor configuration and set the hidden service manually if you haven't. Could you please say how you have setup the hidden service and all of that? What OS are you using? In torrc file you need to uncomment (remove the # character) the line where it says

Code:

#HiddenServiceDir /var/lib/tor/hidden_service/

Add the following line under that line

Code:

HiddenServicePort 8333 127.0.0.1:8333

According to bitnodes.21.co your node is unreachable right now, so you probably haven't set it up correctly, but since you had one connection, it seemed to be working. The truth is that you will not get inbound connections that easily. It can take days to get 3-4. But you shouldn't concern yourself with that, only with the reachability of the node. It helps the network just by being a reliable option to connect to if someone needs it.

Hello , you are right I have no TOR node. Nevertheless, I would like to set one but that is another history..

First of all you cannot see my node on bitnodes21.co because I have changed back to IPv6 (where I can only get just 8 outgoing connections)

I will turn back again to TOR mode.

This is the last part of my current configuration file. The other lines are all commented

Code:

# Enable pruning to reduce storage requirements by deleting old blocks.
# This mode is incompatible with -txindex and -rescan.
# 0 = default (no pruning).
# 1 = allows manual pruning via RPC.
# >=550 = target to stay under in MiB.
prune=1000

# User interface options

# Start Bitcoin minimized
#min=1

# Minimize to the system tray
#minimizetotray=1

proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=zmuzcuoflsycriya.onion

and this is what I have in my bitcoin folder. As you can see I am running a pruned node in a Raspberry Pi

Code:

pi@raspberrypi:~ $ ls -la .bitcoin/
total 19836
drwxr-xr-x 4 pi pi     4096 Oct 21 17:35 .
drwxr-xr-x 8 pi pi     4096 Oct 21 17:33 ..
-rw------- 1 pi pi       37 Sep 21 17:55 banlist.dat
-rw-r--r-- 1 pi pi     6131 Oct 21 17:35 bitcoin.conf
-rw------- 1 pi pi        4 Oct 20 08:22 bitcoind.pid
drwx------ 3 pi pi     4096 Oct 21 08:47 blocks
drwx------ 2 pi pi    69632 Oct 21 11:19 chainstate
-rw------- 1 pi pi       75 Oct 20 08:22 .cookie
-rw-r--r-- 1 pi pi        0 Sep 20 17:10 db.log
-rw------- 1 pi pi  2089402 Oct 21 17:35 debug.log
-rw------- 1 pi pi   247985 Oct 20 08:22 fee_estimates.dat
-rw------- 1 pi pi        0 Sep 20 17:10 .lock
-rw------- 1 pi pi 13545876 Oct 20 08:16 mempool.dat
-rw------- 1 pi pi      820 Oct 20 08:20 onion_private_key
-rw------- 1 pi pi  4305024 Oct 21 17:28 peers.dat

so you are suggesting to move everything but folders blocks and chainstate ?

wont that broke my node? I dont want to reindex it.

I have uncommented the lines from /etc/tor/torrc  and now it is like this:

Code:

############### This section is just for location-hidden services ###

## Once you have configured a hidden service, you can look at the
## contents of the file ".../hidden_service/hostname" for the address
## to tell people.
##
## HiddenServicePort x y:z says to redirect requests on port x to the
## address y:z.

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 8333 127.0.0.1:8333

#HiddenServiceDir /var/lib/tor/other_hidden_service/
#HiddenServicePort 80 127.0.0.1:80
#HiddenServicePort 22 127.0.0.1:22

At this moment my TOR node is reachable again

thanks for your comments

Get the Tor node running on your network - isn't secure solution - it should be running in DMZ.

It is a bitcoin tor node, not a tor node. elaborate the security issue please

[aleksej996]

You created that hidden service with the Bitcoin Core option, I didn't do that. I assume everything is working fine with your node, it is just that it is hard to get inbound connections on the Tor network as there are not many users that use Tor compared to the clearnet, but they are there. Leave it running for few days and you might get few connections, either way, you are helping just by being there and you will be able to connect your light clients to that node over Tor.

With that torrc configuration you have another hidden service now, that points to your node. You could probably move that private key in the folder mentioned in that torrc configuration file and change the host name in that directory, but that could be risky.

So the point is this, I am pretty sure that your node works fine and you can just leave it like that. You can also uncomment that stuff in torrc if you don't want to tor domains. You can also read the hostname file in the /var/lib/tor/hidden_service/ to see the Tor domain you created if you want to use both of them. You are using Bitcoin Core's feature to create a Tor domain for you and if you like that, then you can keep doing that. You can alternatively take care of this yourself, if you wish, and make your own Tor domain and manage it as all other hidden services. You might even be able to keep the same onion address, but what ever you wish to do should be fine. Your hidden service private key is currently readable by the user pi, this is necessary as you run Bitcoin Core as that user and for security reasons you should never run programs as root when you don't have to. However, if you create your own hidden service, it's private key will only be readable by root, so it might be more secure.

As for the DMZ, it is all up for the discussion. If you trust that Bitcoin Core and Tor software are coded safely, which I would say is pretty good guess, then you should be fine. If you are scared that your node will get hacked just by having only it's 8333 port open on the hidden service, which means that either Tor or Bitcoin software has a vulnerability, then DMZ would isolate that node outside of your router's firewall and take away hacker's access to your LAN. However,m this would also put your node at higher risk as it would be outside of the firewall. So it is just focusing your security, not increasing it.

[miguelmorales85]

Hello, it is me again with an update about my TOR node.
It seems bitnodes21.co detect it as down even when it is up BUT only with outgoing connections. The node has no incoming ones.
I have check my node in bitnodes21.co and it detects it as a node with open ports. I dont know what is happening. I will publish the last part of my debu.log file and the networkinfo result

2017-10-27 19:51:47 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:53:07 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:54:18 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:55:21 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:57:44 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:58:48 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:59:51 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:01:11 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:02:16 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:03:20 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:04:25 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:06:49 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:07:59 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:08:35 Socks5() connect to 2a02:2788:836:34b::1:8333 failed: general failure

{
  "version": 150001,
  "subversion": "/Satoshi:0.15.0.1/",
  "protocolversion": 70015,
  "localservices": "000000000000000c",
  "localrelay": true,
  "timeoffset": -1,
  "networkactive": true,
  "connections": 10,
  "networks": [
    {
      "name": "ipv4",
      "limited": false,
      "reachable": true,
      "proxy": "127.0.0.1:9050",
      "proxy_randomize_credentials": true
    },
    {
      "name": "ipv6",
      "limited": false,
      "reachable": true,
      "proxy": "127.0.0.1:9050",
      "proxy_randomize_credentials": true
    },
    {
      "name": "onion",
      "limited": false,
      "reachable": true,
      "proxy": "127.0.0.1:9050",
      "proxy_randomize_credentials": true
    }
  ],
  "relayfee": 0.00001000,
  "incrementalfee": 0.00001000,
  "localaddresses": [
    {
      "address": "zmuzcuoflsycriya.onion",
      "port": 8333,
      "score": 679
    }
  ],
  "warnings": ""
}

Hope someone can help me

[aleksej996]

Are you getting any outgoing connections through Tor? Would you check if your tor is running first? You simply maybe forgot to turn it on or restart in after changing the configuration files.

[miguelmorales85]

Are you getting any outgoing connections through Tor? Would you check if your tor is running first? You simply maybe forgot to turn it on or restart in after changing the configuration files.

Hi, yes the node is getting outgoing connections. With time it got a incoming connection so is UP again in bitnodes21.co

this is the result of current getnetworkinfo

pi@raspberrypi:~ $ bitcoin-cli getnetworkinfo
{
  "version": 150001,
  "subversion": "/Satoshi:0.15.0.1/",
  "protocolversion": 70015,
  "localservices": "000000000000000c",
  "localrelay": true,
  "timeoffset": -1,
  "networkactive": true,
  "connections": 11,
  "networks": [
    {
      "name": "ipv4",
      "limited": false,
      "reachable": true,
      "proxy": "127.0.0.1:9050",
      "proxy_randomize_credentials": true
    },
    {
      "name": "ipv6",
      "limited": false,
      "reachable": true,
      "proxy": "127.0.0.1:9050",
      "proxy_randomize_credentials": true
    },
    {
      "name": "onion",
      "limited": false,
      "reachable": true,
      "proxy": "127.0.0.1:9050",
      "proxy_randomize_credentials": true
    }
  ],
  "relayfee": 0.00001000,
  "incrementalfee": 0.00001000,
  "localaddresses": [
    {
      "address": "zmuzcuoflsycriya.onion",
      "port": 8333,
      "score": 895
    }
  ],
  "warnings": ""
}

It just wont have anymore than 1 incoming connection..
so frustrating. 

[N1C39UY]

they should fuse tor and bitcoin/litecoin, so every miner (or even every wallet) is a tor node and all transactions pass trough the node for very good privacy. the government will try everything to compromise the anonimity of bitcoin and litecoin users, so the developers should do everything they can to prevent it and keep transactions private. If for some reason transactions would be able to be tracked by the government this would be kind of a disaster for crypto.

[aleksej996]

OP be patient. It might just be that it takes some time. It should be better in couple of days if it runs 24h a day.

they should fuse tor and bitcoin/litecoin, so every miner (or even every wallet) is a tor node and all transactions pass trough the node for very good privacy. the government will try everything to compromise the anonimity of bitcoin and litecoin users, so the developers should do everything they can to prevent it and keep transactions private. If for some reason transactions would be able to be tracked by the government this would be kind of a disaster for crypto.

Bitcoin Core is already built with Tor in mind and is very easy to run it over Tor, as you can see in OP's network status Bitcoin Core knows about hidden services and all that. The thing about forcing all the connections through Tor is that it takes more effort to make sure that you can bypass Tor blockades imposed by some countries in the world (China and Turkey are some examples).

[N1C39UY]

Hmm well you've got a point there, i'm really curious what will end up happening to crypto's :p we've got a bright future ahead.

[amishmanish]

Nothing is 100%, but Tor is the best way to anonymously run a node. The other benefit is, as you said, that you don't need to forward posts. Anonymity also brings a bit of security as well, since no one will know your IP.

The only real downside of using Tor is bandwith speeds, that are maybe a half or a third of the direct connection on average, but since Bitcoin really doesn't require much bandwith, unless it is doing an initial sync, then it isn't even noticeable.

I would suggest you enable Tor, you don't really lose anything and you gain more nodes.

It's very noticeable when you run a node under Tor and try to sync the network, it becomes too slow to download sometimes, but it's not the end of world, it's still reasonable to download the entire chain with Tor.

But if it's really a problem, I guess a solution is to download the entire chain under your normal connection at high speeds. Once you have your node synced, close it, then open the Tor Browser, then open your node again and now you can do transactions under Tor. I think that would do.

Is using TOR to anonymize yourself as simple as opening the TOR browser and then opening the node??!! Why then do we have these TOR-integrated coins??!! Like Novacoin used to be, now DeepOnion.
Though DeepOnion has come up with a lot of other tweaks and additions too.

[miguelmorales85]

Hi all, I am sorry to say this but I will take down my TOR Raspnode. I dont see any incoming connection so that bothers me. It has always error connecting Socks5()
So I decided to disable TOR network compatibility and move to a regular pruned node.

peace