As part of my thesis, I’m looking at using Tor for an anonymous submission system. For this I set up a small hidden service to test, and I figured I’d write down how it’s done. It’s pretty easy.
Assuming you have some sort of TCP server you want to serve over Tor, proceed as
follows. Install tor first. This is pretty much the only package you need. In Arch-Linux:
pacman -S torThen all you need to do is edit the torrc-file which is usually found at
/etc/tor/torrc. Here all you need to do is add two lines, and the default config file describes it pretty well. In my case it looked as follows.
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:5000Here the HiddenServiceDir is the location where tor will store the private key
for the hidden service, as well as the hostname. Note that you can have several hidden services running on different addresses, just more HiddenServiceDir lines with different directories. HiddenServicePort will act as
a port forward from the first specified port at the onion-address to the specified
IP-address and port. In my case this forwarded traffic from my onion address at the normal http address to a local python webservice I was developing on.
Once you’ve added the lines to your configuration, you can then restart the tor service to start forwarding traffic.
systemctl restart tor.serviceFinally you can get the hostname of your hidden service by opening the /var/lib/tor/hidden_service/hostname file
cat /var/lib/tor/hidden_service/hostnameNow use this onion address to connect to in e.g. your Tor-browser.