DEVTOME.COM HOSTING COSTS HAVE BEGUN TO EXCEED 115$ MONTHLY. THE ADMINISTRATION IS NO LONGER ABLE TO HANDLE THE COST WITHOUT ASSISTANCE DUE TO THE RISING COST. THIS HAS BEEN OCCURRING FOR ALMOST A YEAR, BUT WE HAVE BEEN HANDLING IT FROM OUR OWN POCKETS. HOWEVER, WITH LITERALLY NO DONATIONS FOR THE PAST 2+ YEARS IT HAS DEPLETED THE BUDGET IN SHORT ORDER WITH THE INCREASE IN ACTIVITY ON THE SITE IN THE PAST 6 MONTHS. OUR CPU USAGE HAS BECOME TOO HIGH TO REMAIN ON A REASONABLE COSTING PLAN THAT WE COULD MAINTAIN. IF YOU WOULD LIKE TO SUPPORT THE DEVTOME PROJECT AND KEEP THE SITE UP/ALIVE PLEASE DONATE (EVEN IF ITS A SATOSHI) TO OUR DEVCOIN 1M4PCuMXvpWX6LHPkBEf3LJ2z1boZv4EQa OR OUR BTC WALLET 16eqEcqfw4zHUh2znvMcmRzGVwCn7CJLxR TO ALLOW US TO AFFORD THE HOSTING.

THE DEVCOIN AND DEVTOME PROJECTS ARE BOTH VERY IMPORTANT TO THE COMMUNITY. PLEASE CONTRIBUTE TO ITS FURTHER SUCCESS FOR ANOTHER 5 OR MORE YEARS!

Setting up nginx, TOR, and creating your own hidden website

The ideology behind free internet & speech

The essence of the term “free internet” means much more than freedom of speech, it means an internet where censorship is abolished, where oppressed countries (Iran, China, North Korea) are un-oppressed and free to use their internet as they please. It means that governments can not stop us from sharing media, leaking oppressed democratic documents about our corrupted government and their hidden agendas. It is not just a means of communication around the world, it is a movement. Since the rise of the technologic age, there has been oppression by both democratic and totalitarian governments. Whether it be Chinas government censoring the media and spreading propaganda, or the American government trying to pass bills like SOPA and PIPA, it exists.

Luckily there are ways to fight the system and stand up for what you believe in. Privacy and freedom is not something that has come easy over time, but is earned through fighting and taking a stance. Setting up your own hidden website is a step towards true anonymity and freedom of the internet. Even running a TOR node alone, can help oppressed citizens access the internet. So, lets get started.

Requirements

You will need a few things to get yourself started on creating a server for TOR and a hidden website.

1. A VPS server with at least 256MB RAM, and whatever space you will need for your site, also you might want to check with your VPS provider to ask if you can run a TOR node, but most will not have a problem as long as you don't run an exit node.

2. Basic knowledge of terminal usage, and navigating through it.

3. A will for freedom of internet and speech.

4. Debian 7 or later (Ubuntu should work fine as well)

Setting up nginx

First we need to add the nginx repositories to our source lists. Execute the following:

sudo nano /etc/apt/sources.list

Then add these lines to that file:

deb http://nginx.org/packages/debian/ wheezy nginx

deb-src http://nginx.org/packages/debian/ wheezy nginx

deb http://deb.torproject.org/torproject.org wheezy main

Now we need to import the GPG signing keys. Run these commands:

gpg —keyserver keys.gnupg.net —recv 886DDD89

gpg —export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

wget http://nginx.org/keys/nginx_signing.key
apt-key add nginx_signing.key

Now update our sources and we have to install TOR and nginx servers. Execute the following:

sudo apt-get update

sudo apt-get install nginx -y

sudo apt-get install tor -y

After they have finished installing, run

sudo apt-get update
again.

Now we have to configure nginx. If you don't have nano installed, now would be a good time to install it (or which ever editor you prefer, e.g. vim)

sudo apt-get install nano

Now that we have nano, it's time to configure nginx. Run the following:

nano /etc/nginx/conf.d/default.conf

Now replace what is in that file with the following:

server {
    listen 127.0.0.1:8080;
    root /var/www/;
    client_max_body_size 99M;
    charset utf-8;
    index index.html;
}

Now we need to create our web root. Execute these:

mkdir /var/www

touch /var/www/index.html && “<h1>If you see this, we have succeeded</h1>” > /var/www/index.html

Now that nginx is installed and ready to serve our TOR site, we can configure TOR. Open this file:

nano /etc/tor/torrc

…and add this to it:

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:8080

Now create the HiddenServiceDirectory and we need to give it the proper permissions:

mkdir /var/lib/tor/hidden_service/ 

chown debian-tor:debian-tor /var/lib/tor/hidden_service/ 

chmod 0700 /var/lib/tor/hidden_service/

Restart TOR and nginx:

/etc/init.d/nginx restart

/etc/init.d/tor restart

Now comes the part where you have to make a choice. Either is fine, but one might be more appealing to both you and your user base. You need to decide if you want a vanity address, or just a normal hashed address. Example:

Vanity address will look like: mywebsitedgh789478wfhu.onion

Normal hashed address will look like: enskgn47832w9gfi82349gh.onion

As you can see “vanity” means just that, it is a personalized beginning to your hostname hash. Either way there is a private key for both, so I don't see why you wouldn't want even a small vanity hash.

Normal Hash Hostname

To get just a normal generated hash, open the following and grab your generated hostname.

nano /var/lib/tor/hidden_service/hostname

Vanity Hostname Hash

First thing you will need to do is figure out if you want to generate the hostname on your Windows PC or on the VPS. I strongly recommend you do the generation on your personal PC and then transfer the information to your web server, as this does not leave any evidence behind, no matter how small.

So I will only outline how to do this on windows.

Download the latest scallion generator here: Scallion Download

Now that we have that downloaded, extract it to your desktop, or anywhere else you want to.

Wherever you extracted it to, go to that folder, and press SHIFT + Right Click on the scallion folder. Select “Open a command window here”

Now we are in the scallion folder. Run this command and replace “myname” with whatever you want your beginning of your hostname to be. Note: The shorter the name, the less time it will take to generate it. If you plan on generating a longer name, say, over 5 or 6 characters, make sure you have a GPU present, and that it is working with scallion, or it will take a long time to generate one.

Run:

scallion.exe -d 0 myname

If your GPU is listed as device “0” then it will use your GPU to make your hash. I couldn’t get the SHA-1 hashes to match between my CPU and GPU, thus, couldn't use my GPU to generate the hash. If you get this error:

GPU and CPU SHA-1 calculations do NOT match.

Hashing will NOT work until this is resolved.

The program will continue, but WILL NOT find a valid match.



See https://github.com/lachesis/scallion/issues/11#issuecomment-29046835

You will need to do it by CPU.

So I had to run it on my CPU only, using the following command:

scallion.exe -d 1 myname

Your PC will now generate your hash, and spit out some working expressions. Once it is finished you should get an output like this:

Looks good!
LoopIteration:1  HashCount:16.78MH  Speed:7.8MH/s  Runtime:00:00:02  Predicted:0
0:00:00  CPU checking hash: '''what'''aokdnd6t5px3

Ding!! Delicious scallions for you!!

Public Modulus:  157386075110109782187467101942307169670443660100929097401584109
61643314388417746370264669644962390324542435668501915179473816653188551538593294
32025890808780560401803483827850239467292356467433701447389664109938723722195417
11821655464958696575105545661384343151941529510236672645978423642937930663122787
503397
Public Exponent: 1626715027
Address/Hash: '''what'''aokdnd6t5px3.onion

-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDgIA3LwfC6YTDOr2jDHMBRaMOLOj7j8d+0ArjQO7Zgi+3lUTfF
O4793Bhk44cyjsrjTimjHDDbCmBaWaYGud3RLF3wrTf4jG6r87IWE/fiogeYMwgL
BouifxFh5QC/J0mt7YMfRUCWnB7pnh91nPGhxfSZLdpwLGj95At8eJINJQIEYPWz
kwKBgCZ7qGWoM0pnbAVLNTOleR/WwuIh1dd326FcQIjw67IGtnlaXZDAQCNSDjzq
XnwEj4rHWlTapliC3DTN0zo2CTn7doWTsbkvheF9vQdgZn6qeS62MX9QjSOau3Ci
KUHGQqA0IBL7Ad5e8K+BkbgGf7dmEC2k1ox1Cye/YC4kegAVAkEA982bi+A09wBA
uniQtXOYWbkKpK7aQUcp03rsQ36+aPsb/SswwXNa7c0eNxgJ6oskFi5hJ15DxIFS
hUZkq9r3IwJBAOeJ8SDKHIB9urbwRRjgDPl2oTP0D2dbKbZqKetmtiSfnGKuWMsa
kdQ8k8O0oUcfdd8QmVnBwWX6Vza46vY80xcCQBZQiFvk+kQYjRfWV/s3cypnhrDq
DdabOUd78DNOEAsACP7J0xXzqc4JBJQlCFUaAku2X7YpltnE14U2chYenD0CQEdz
3Cv69rozWvPouB8SGeoNeodKfS7fxWhtwcIPKPfHw63yZXP9FJPX7IVK1pOdJ791
jD5xB0QH6F8N4e8vud0CQFrTFwXGjxudgnshYnkcG3/PIrdhzhISOK/3/H5nSOeP
ZXSIpWSVrCPu7XJ2FlWad41B3S+LxHdRHQAPhB8uv2w=
-----END RSA PRIVATE KEY-----


init: 2412ms / 1 (2412ms, 0.41/s)
generate key: 634ms / 5 (126.8ms, 7.89/s)
cpu precompute: 9ms / 5 (1.8ms, 555.56/s)
total without init: 2181ms / 1 (2181ms, 0.46/s)
set buffers: 0ms / 1 (0ms, 0/s)
write buffers: 0ms / 1 (0ms, 0/s)
read results: 2154ms / 1 (2154ms, 0.46/s)
check results: 15ms / 1 (15ms, 66.67/s)

7.69 million hashes per second

If you get this, you have been successful! Pat yourself on the back. As you can see, I only used a short name labelled “what” then the rest of the hash is generated automatically.

Now we need to get this information into our server. To do this, we need to delete one file and change another. Remember our HiddenServiceDirectory we specified earlier? Yeah, well we need to go back there.

Execute the following:

cd /var/lib/tor/hidden_service

rm hostname

Once that is done we need to edit our private key. Using the private key we just generated with scallion, copy the key starting at “—–BEGIN RSA PRIVATE KEY—–” and ending at “—–END RSA PRIVATE KEY—–”. Make sure you include both of those headers, along with your private key.

With that copied we need to edit the file. Execute:

nano private_key

Now delete the private key that is there already, and replace it with the one from scallion, remembering to include the header and footer.

Save the file and exit nano.

To apply our new hostname we need to reboot TOR and nginx, upon reboot the hostname will be generated and applied.

/etc/init.d/nginx restart

/etc/init.d/tor restart

We can verify the changes have taken place:

nano /var/lib/tor/hidden_service/hostname

If you see your newly generated vanity address, you have been successful! Copy it down somewhere safe. This will be the address you type in the browser while using TOR.

Conclusion

Go ahead and fire up TOR on your PC, and type in your new address from the

/var/lib/tor/hidden_service/hostname
file.

If you get the message we set up earlier, then you have successfully completed the setup.

Now you can concentrate on building your website, forum, wiki or whatever else you wanted to use this for.

Note: This is just the basic setup of a TOR web service. There are always ways to secure your website beyond what I have demonstrated here, and if you are planning on running something that will attract attention, it is advised you secure your server and your anonymity. Google is your friend.

Enjoy!

How To | Reference | Censorship


QR Code
QR Code create_your_own_hidden_site_using_nginx_and_tor (generated for current page)
 

Advertise with Anonymous Ads