gereuro.blogg.se

It is recommended to enable per package instead of globally Type G to get to the end of the log.Use Linux capabilities library to control privilegeĪdd extra documentation (API, Javadoc, etc). Use journalctl to view any errors after starting the service. # CAP_CHOWN CAP_DAC_OVERRIDE to CapabilityBoundingSetĬapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_CHOWN CAP_DAC_OVERRIDE # Reload daemons

Vim /usr/lib/systemd/system/tor.service # And add these two abilities: If you have permission problems with the hidden service directory after restarting the service, try fixing it by editing the tor.service file for systemd and modifying the CapabilityBoundingSet. onion url, and private_key with your private RSA key. Inside the hidden service directory will be two generated files: hostname with your. Make sure you keep the hidden service directories protected and backed up if you ever need to move the service to a different machine. HiddenServiceDir /var/lib/tor/ssh_service/Īfter adding these lines to /etc/tor/torrc restart the service using service tor restart and it should create those folders and start serving requests. # Hidden service #2 will have a different. Vim /etc/tor/torrc # Hidden service #1 is a web app that supports HTTP and HTTPS # Edit the config file to enter hidden service information

You can have as many services as you want and you can map multiple ports for each service. You can specify var/lib/tor/AnythingYouWant and it will automatically create the folder when the service is restarted. By default, the permissions are set correctly for /var/lib/tor/*. Of course, the service will need write permission to the folder. You need to specify how the ports are forwarded and where in the file system the hidden service information (.onion URL and private key file) should reside. Hidden services are created by modifying the Tor configuration file.