Eugen

We're missing documentation on how to run Mastodon as a hidden (e.g. ) service. If you know how to do it, please either submit it or tell me so I can write it down

1+
Pinkie Twinkie

@Gargron Requires ssl so it's like normal but you need to have a self signed cert

1+
Eugen

@Sir_Boops Imagine you're explaining it to someone who never used Tor (because you are)

1
Pinkie Twinkie

@Gargron

> Setup mastodon following the usual steps except generate a self-signed cert ( Because you /can't/ get certs for .onion addresses )

> Install tor and add append these three lines to the end of the torrc file

HiddenServiceDir /var/lib/tor/<some name>/
HiddenServicePort 80 127.0.0.1:80
HiddenServicePort 443 127.0.0.1:443

And that's it it's now on tor

Now it won't fed because other instances won't take the broken ssl but that's a masto issue ;p

1+
Eugen

@Sir_Boops How install tor? apt install tor?

1+
Pinkie Twinkie

@Gargron For what distro?

You should pull it right from them vs using system packages

torproject.org/docs/debian.htm

1
Leia :thaenkin:

@Sir_Boops @Gargron If you're using Debian Testing (or even Debian Sid), you can pull tor from Debian's repos

It is also recommended to use the new version of Onion Services by adding HiddenServiceVersion 3 right after what Sir_Boops said, as explained here: torproject.org/docs/tor-onion-

1
Pinkie Twinkie

@mrtino @Gargron v3s are buggy af

I havn't used them in a while so they might be better now but when I was using them half the time they'd take a good 30 min to start working where-as v2 is near-instant

1+
Eugen
Follow

@Sir_Boops @mrtino Wait hold on so federation with Tor instances doesn't work? The person who submitted the changes that added Tor support didn't mention that

· · Web · 1 · 0 · 0
Pinkie Twinkie

@Gargron @mrtino No federation with onion instances works just fine but those instances are modded to not use https at all

1
Pinkie Twinkie

@Gargron @mrtino So when my instance talks to an onion instance ( Hi @notjeff ) their instance will only talk using http

Hopefully I'm making some sense x.x

1+
Eugen

@Sir_Boops @mrtino But he have those rules where https is required in ActivityPub URIs, and I don't believe there is a special case for Tor there.

1+
Pinkie Twinkie

@Gargron @mrtino afaik Masto will just send to whatever the server tells it You tell it http it'll use http

Also I can't connect to that instance over https so masto has to be using http

0
Pinkie Twinkie

@Gargron @mrtino She trying over http

0
Ben Lubar (any pronouns)

@Sir_Boops @Gargron @mrtino onion routing and https are doing basically the same job (ensuring that you're talking to who you think you are and hiding the data from MITM attacks) so there's no real reason to use both

1
Ben Lubar (any pronouns)

@Sir_Boops @Gargron @mrtino the difference is that onion routing confirms the identity by making it really hard to claim a specific identity (you'd need to generate a key with the same hash) whereas HTTPS confirms the identity of something human-readable (a domain name) and therefore requires at least some level of trust in the certificate before you can send any data

0
Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!

Trending now

Resources

Developers

What is Mastodon?

mastodon.social

More…