[tor-talk] How stealth onions actually function?

Nurmi, Juha juha.nurmi at ahmia.fi
Sat Aug 6 07:24:53 UTC 2016


Hi,

I have been playing with stealth onion services[1] to protect some of my
SSH servers from SSH MITM. I like to keep my servers as hidden as possible.

Great to have this option on Tor :) I have some questions about it and I
didn't find much information.

Could someone tell me how it actually functions? What is the difference
between basic and stealth? In addition, can an attacker verify that onions
with stealth option exists and are online?

Moreover, several research papers measure the total number of onions and we
know that someone is crawling TorHS Directories.
Does HiddenServiceAuthorizeClient protect you against these measurements?

I tested my stealth service without the passphrase on Tor client and Tor
says "Closing stream for '[scrubbed].onion': hidden service is unavailable
(try again later)."

Tor manual describes HiddenServiceAuthorizeClient option[2]:

"If configured, the hidden service is accessible for authorized clients
only. The auth-type can either be 'basic' for a general-purpose
authorization protocol or 'stealth' for a less scalable protocol that also
hides service activity from unauthorized clients. Only clients that are
listed here are authorized to access the hidden service."

[1] https://github.com/juhanurmi/stealth-ssh
[2] https://www.torproject.org/docs/tor-manual.html.en

Best,
Juha


More information about the tor-talk mailing list