Eugen  

We're missing documentation on how to run Mastodon as a hidden (e.g. ) service. If you know how to do it, please either submit it or tell me so I can write it down

1+
Sir Bøøps  

@Gargron Requires ssl so it's like normal but you need to have a self signed cert

1+
Eugen  

@Sir_Boops Imagine you're explaining it to someone who never used Tor (because you are)

1
Sir Bøøps  

@Gargron

> Setup mastodon following the usual steps except generate a self-signed cert ( Because you /can't/ get certs for .onion addresses )

> Install tor and add append these three lines to the end of the torrc file

HiddenServiceDir /var/lib/tor/<some name>/
HiddenServicePort 80 127.0.0.1:80
HiddenServicePort 443 127.0.0.1:443

And that's it it's now on tor

Now it won't fed because other instances won't take the broken ssl but that's a masto issue ;p

1+
Eugen  

@Sir_Boops How install tor? apt install tor?

1+
Sir Bøøps  

@Gargron For what distro?

You should pull it right from them vs using system packages

torproject.org/docs/debian.htm

1
Leia :thaenkin:  

@Sir_Boops @Gargron If you're using Debian Testing (or even Debian Sid), you can pull tor from Debian's repos

It is also recommended to use the new version of Onion Services by adding HiddenServiceVersion 3 right after what Sir_Boops said, as explained here: torproject.org/docs/tor-onion-

1
Sir Bøøps  

@mrtino @Gargron v3s are buggy af

I havn't used them in a while so they might be better now but when I was using them half the time they'd take a good 30 min to start working where-as v2 is near-instant

1+
Eugen
Follow

@Sir_Boops @mrtino Wait hold on so federation with Tor instances doesn't work? The person who submitted the changes that added Tor support didn't mention that

· Web · 1 · 0 · 0
Sir Bøøps  

@Gargron @mrtino No federation with onion instances works just fine but those instances are modded to not use https at all

1
Sir Bøøps  

@Gargron @mrtino So when my instance talks to an onion instance ( Hi @notjeff ) their instance will only talk using http

Hopefully I'm making some sense x.x

1+
Eugen  

@Sir_Boops @mrtino But he have those rules where https is required in ActivityPub URIs, and I don't believe there is a special case for Tor there.

1+
Sir Bøøps  

@Gargron @mrtino afaik Masto will just send to whatever the server tells it You tell it http it'll use http

Also I can't connect to that instance over https so masto has to be using http

0
Sir Bøøps  

@Gargron @mrtino She trying over http

0
Ben Lubar  

@Sir_Boops @Gargron @mrtino onion routing and https are doing basically the same job (ensuring that you're talking to who you think you are and hiding the data from MITM attacks) so there's no real reason to use both

1
Ben Lubar  

@Sir_Boops @Gargron @mrtino the difference is that onion routing confirms the identity by making it really hard to claim a specific identity (you'd need to generate a key with the same hash) whereas HTTPS confirms the identity of something human-readable (a domain name) and therefore requires at least some level of trust in the certificate before you can send any data

0
Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!

Trending now

Resources

Developers

What is Mastodon?

mastodon.social

More…