Armory - Discussion Thread

[BookLover]

When bitcoin-qt is running through TBB it uses port 9150 to communicate.  To configure Armory to communicate with bitcoin-qt it needs to be on the same port.  I used a similar setup awhile back (before there was a --satoshi-port switch), it works.  I had to configure Tor to accept communication on port 8332 (or was it 8333?).  Armory synced succesfully and all conections were lost when Tor was stopped (minus the one connection to Armory).

I was planning on trying out Armory again soon anyway, so I'll set it up and see if it works.

[goatpig]

When bitcoin-qt is running through TBB it uses port 9150 to communicate.  To configure Armory to communicate with bitcoin-qt it needs to be on the same port.  I used a similar setup awhile back (before there was a --satoshi-port switch), it works.  I had to configure Tor to accept communication on port 8332 (or was it 8333?).  Armory synced succesfully and all conections were lost when Tor was stopped.

I was planning on trying out Armory again soon anyway, so I'll set it up and see if it works.

That lets Armory discover nodes over the Tor proxy, i.e. the actual network. You do not want to expose Armory to another node but your local one. Armory fully trusts its node to serve it valid blocks, and doesn't run any verification. It shouldn't be connected to an unknown node.

What you want it is: Armory -> BitcoinQt -> Tor -> Exit Node

What you are doing: Armory -> Tor -> Exit Node -> ?

[BookLover]

What settings would you suggest to use Armory while bitcoin-qt is running through Tor?  I don't mind trying out your ideas, just want to make sure we find a way that works.

[etotheipi]

What settings would you suggest to use Armory while bitcoin-qt is running through Tor?  I don't mind trying out your idea's, just want to make sure we find a way that works.

Btw, regardless of what we say here, I would not interpret that as official advice or in any way guaranteeing ... anything.  I bring this up because many people use Bitcoin in ways where privacy is equivalent to their personal security (either in less-free states, or for doing questionably legal things). 

I suspect that the strong privacy protections of Tor probably require both the user and the developer to be careful.  Unfortunately, I have spent no time learning about Tor, or spent any time figuring out how to make sure it doesn't leak information.  As such, I would not rely on it in this way unless you have only a casual necessity for privacy. 

I would be happy to entertain someone who really understands Tor, to be able to review what Armory does, and make sure it doesn't do things that leak information.  For instance, we have periodic announcement checks, and check for internet connection on startup by pinging google and microsoft.com.  Both of these can be disabled -- but I suspect there may be other things that I don't realize leak information, even when the user has been careful.

[goatpig]

https://bitcointalk.org/index.php?topic=56424.msg6235772#msg6235772

This gets BitcoinQt running behind Tor and Armory having an exclusive connection to your local BitcoinQt. At least it works as intented on my end. Obviously what etotheipi says stands.

One of the most significant ways to get screwed on Tor is directing DNS requests outside of Tor. As long as Armory doesnt run its regular 'call back home routines', it should fine. Ideally, Armory should just redirect these through Tor, be we don't have a setting for http proxying, yet.

If we stand to support Tor, we'll most likely make a dedicated switch for it. Not a priority right now though.

[justusranvier]

The best way to use Tor is to run your privacy-sensitive application in a virtual machine, and use firewalling and virtual networks on the host side to make sure it's absolutely impossible for the VM to send packets anywhere except through your Tor proxy.

Does require some advanced Linux networking and sysadmin knowledge to do correctly though.

[bitcoinbitcoin]

Has anyone been able to run Armory on Tails OS?
That should be easier to set up, than regular tor, right?
Bitcoin-QT works fine in Tails, but Armory is stuck at "initializing bitcoin engine"

[goatpig]

Has anyone been able to run Armory on Tails OS?
That should be easier to set up, than regular tor, right?
Bitcoin-QT works fine in Tails, but Armory is stuck at "initializing bitcoin engine"

Turn off bitcoind auto management, and I hope you're not trying to download the chain off of Tor

[BookLover]

I managed to get Tor, Armory, and Bitcoin-qt working together.  Here's my setup:

Armory has no command line arguments, the only change is I unselected "Let Armory run Bitcoin-Qt/bitcoind in the background" in settings.

Tor was left with the default settings.

For Bitcoin-qt I first ran the program and deselected "Map port using UPnP" and selected "Connect through SOCKS proxy".  (Proxy IP: 127.0.0.1, Port: 9150, SOCKS Version: 5)  I also created a shortcut with one command line argument ("-conf=Armory.conf" to use a different .conf file in the Bitcoin data directory)

Code:

#For Armory.conf
bind=127.0.0.1
listen=1

Bind = 127.0.0.1 should mean that only local processes can connect to your node.  And listen=1 should mean that it accepts external connections (external as in not from bitcoin-qt itself, not necessarily from outside your computer)

Edit: Added which command line argument I used with bitcoin-qt (-conf=Armory.conf) NOTE: This argument is not necessary to use bitcoin-qt and Tor with Armory!

[bitcoinbitcoin]

How do you "Turn off bitcoind auto management"?

[cp1]

There's an option in the settings that says something like "Let armory manage bitcoind"

[shoesman]

I managed to get Tor, Armory, and Bitcoin-qt working together.  Here's my setup:

Armory has no command line arguments, the only change is I unselected "Let Armory run Bitcoin-Qt/bitcoind in the background" in settings.

Tor was left with the default settings.

For Bitcoin-qt I first ran the program and deselected "Map port using UPnP" and selected "Connect through SOCKS proxy".  (Proxy IP: 127.0.0.1, Port: 9150, SOCKS Version: 5)  I also created a shortcut with one command line argument to use a different .conf file in the Bitcoin data directory (which I named Armory.conf)

Code:

#For Armory
bind=127.0.0.1
listen=1

Bind = 127.0.0.1 should mean that only local processes can connect to your node.  And listen=1 should mean that it accepts external connections (external as in not from bitcoin-qt itself, not necessarily from outside your computer)

did you get any flickering as i have aka constant connected/disconnected switching as one can take from the previous post one page back in my armory log and comment wich hasnt been replied to as of yet ,  and what specific command would i have to add to my

bitcoin shortcut to get this working and is this any different than just adding the    --satoshi-port=9150    switch to my armory shortcut , and something tells me its not good to have bitcoin core accept external connections meaning it would be connecting to your

clearnet or am i wrong ? cause last time ive used the listen=1 switch thats what it did ive tested bitcoin core without tor running and it was syncing while running that switch   , thanks

[shoesman]

https://bitcointalk.org/index.php?topic=56424.msg6235772#msg6235772

This gets BitcoinQt running behind Tor and Armory having an exclusive connection to your local BitcoinQt. At least it works as intented on my end. Obviously what etotheipi says stands.

One of the most significant ways to get screwed on Tor is directing DNS requests outside of Tor. As long as Armory doesnt run its regular 'call back home routines', it should fine. Ideally, Armory should just redirect these through Tor, be we don't have a setting for http proxying, yet.

If we stand to support Tor, we'll most likely make a dedicated switch for it. Not a priority right now though.

i would very much like that alot im sure im not the only one here ,  btw in the meanwhile how do we disable the rest of armorys call back home routines aka anything that doesnt go over bitcoin cores connection

[etotheipi]

https://bitcointalk.org/index.php?topic=56424.msg6235772#msg6235772

This gets BitcoinQt running behind Tor and Armory having an exclusive connection to your local BitcoinQt. At least it works as intented on my end. Obviously what etotheipi says stands.

One of the most significant ways to get screwed on Tor is directing DNS requests outside of Tor. As long as Armory doesnt run its regular 'call back home routines', it should fine. Ideally, Armory should just redirect these through Tor, be we don't have a setting for http proxying, yet.

If we stand to support Tor, we'll most likely make a dedicated switch for it. Not a priority right now though.

i would very much like that alot im sure im not the only one here ,  btw in the meanwhile how do we disable the rest of armorys call back home routines aka anything that doesnt go over bitcoin cores connection

I actually really like justus's suggestion in the short-term, because it completely compensates for anything Armory does that is not ideal for Tor.  Setup a VM that basically only allows traffic through Tor.  Armory can't really misbehave in that environment.

Though, at the same time, I don't think it would be to make sure Armory is doing the right thing, I'm just not the person to do it.

[shoesman]

there gotta be a vmless solution here

[etotheipi]

there gotta be a vmless solution here

Of course there is.  I'm just mentioning that this sounds like a solid solution to use (if done properly), if you have more than a casual interest in the privacy of Tor.  And it doesn't require us (Armory devs) to do anything to support it.

Please carry on, figuring out a non-VM solution, and helping us figure out how to make sure Armory behaves itself properly in that environment.

[mindlost]

Is bitcoinarmory.com down? All I get is "File not found."

In possibly related news, Armory (v.90 beta) is crashing for me as of today while trying to sync the blockchain.

[goldkelowna]

Is bitcoinarmory.com down? All I get is "File not found."

In possibly related news, Armory (v.90 beta) is crashing for me as of today while trying to sync the blockchain.

I too am having trouble accesing the main site (File not Found.)  Also, I am using 0.88 beta, and I am getting crashes while syncing.  Anybody in the know want to weigh in on this???

[BookLover]

Did you get any flickering as i have aka constant connected/disconnected switching as one can take from the previous post one page back in my armory log and comment which hasn't been replied to as of yet.

No flickering for me with this setup.

What specific command would i have to add to my bitcoin shortcut to get this working?

I have my computer set up with two .conf files and two shortcuts because I want to be able to use bitcoin-qt with and without Armory.  This complicates my setup a little bit.  If you just want to use bitcoin-qt with Armory all you need to do to prepare bitcoin-qt for Armory is add these two lines to your bitcoin.conf file.

Code:

bind=127.0.0.1
listen=1

Is this any different than just adding the    --satoshi-port=9150    switch to my armory shortcut?

Yes, adding the "--satoshi-port=9150" switch tells Armory to communicate with bitcoin-qt through port 9150 while adding

Code:

bind=127.0.0.1
listen=1

to bitcoin.conf tells bitcoin-qt to listen on all ports but only accept communication from your computer.

Something tells me its not good to have bitcoin core accept external connections.

Code:

bind=127.0.0.1

This line prevents bitcoin-qt from accepting external connections. (external as in from outside your computer)

[johno123]

Also having issues getting to the site this evening....