[tor-onions] no connection to tor hidden services on arduino yun/openwrt

teor teor2345 at gmail.com
Thu Feb 16 02:49:41 UTC 2017 

Hi Markus,

> On 16 Feb 2017, at 12:52, Markus <m at euse.de> wrote:
> ...
> 
> what i want to achive:
> 
> i set up a sensor node running openwrt in an area in germany without wifi.
> so i want to connect (to) it via gsm/gprs (german telekom/d1).
> 
> connecting from the node to the internet is no problem.
> 
> problem is: i cant reach any services on the node from the internet
> because the gsm-carrier runs some intransparant internal ipv4-proxy or
> switch or whatever to save ipv4-addresses so neither the ip nor dyndns
> is working.

Ah, carrier-grade NAT.

> my idea to workaround: run tor hidden services on the node. http [2] for
> luci/graphical admin interface and ssl [3] for general administrative tasks.
> for setup i followed one general howto [4] and one ssl specific [5]. i
> tried to
> debug via [1].
> i enclosed my torrc further down.

This should work, onion services are useful for NAT-punching.

> i waited over one hour for tor to broadcast its new services. but not
> even just the hello-world-page is
> popping up in my clients tor browser. didnt even try to connect to ssl yet.
> 
> checked server config, curl 127.0.0.1:8080 is returning hello-world,
> checked tor config and files over and over.
> the tor browser on the client is working.
> no idea what else to try.

There are a few things that could be wrong:
Something could be misconfigured.
The carrier could block Tor.
Some 4G carriers drop long-lived connections.

Is your hidden service able to connect to the tor network?

What version of tor are you running?

It would be very helpful to have the hidden service logs
It might help to have the client logs as well.
Notice level could help, and is generally safe.

> #### /etc/tor/torrc
> 
> ## Basic configuration
> Log notice syslog
> RunAsDaemon 1
> DataDirectory /etc/tor
> User tor
> 
> ## Hidden service configuration
> HiddenServiceDir /etc/tor/hidden_service
> HiddenServicePort 80 127.0.0.1:8080
> HiddenServiceDir /etc/tor/hidden_ssh
> HiddenServicePort 2233 127.0.0.1:2233
> 
> ##EOF

This torrc looks ok.

> [1] https://www.torproject.org/docs/tor-hidden-service.html.en
> [2] xrscbcihug2ezrrb.onion
> [3] ntk6i23e5fcxo3j3.onion
> [4] https://gist.github.com/Informatic/65261ffd1aee8ddae861
> [5] http://unethicalblogger.com/2012/06/13/ssh-as-a-hidden-service.html

T

--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-onions/attachments/20170216/5d7567c1/attachment.sig>

More information about the tor-onions mailing list