[tor-talk] UseEntryGuards: 0?

Matt Traudt pastly at torproject.org
Wed Aug 18 17:45:06 UTC 2021

> I'd like to reduce these false positives
> and thought
> of using "UseEntryGuards: 0" to have circuits been rebuild more often.
> I'd only do this for the onion services which are also reachable in the
> non-tor internet
> and therefore their IP adresses are known anyway.

For services that I don't mind leaking the location of (e.g. because
they have a "regular web" mirror), I configure my onion services to be

Disable the socks port and set two options:

    SocksPort 0
    HiddenServiceSingleHopMode 1
    HiddenServiceNonAnonymousMode 1

All onion services that this tor process operates will connect directly
to introduction and rendezvous points. This lowers the hop count from 6
to 3 and rivals/beats exit connections in terms of latency/bandwidth.

The location of the onion service is no longer protected, yet visitors
of the onion service are no worse off than before.

Matt (pastly)

More information about the tor-talk mailing list