From e1765d8b04fe1fb775f3750e0fa59f13a58eb176 Mon Sep 17 00:00:00 2001 From: Jon Atack Date: Thu, 15 Oct 2020 12:00:56 +0200 Subject: [PATCH 1/3] doc: update tor.md address examples from onion v2 to v3 --- doc/tor.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/tor.md b/doc/tor.md index 12b5f702453..8fe87bdde63 100644 --- a/doc/tor.md +++ b/doc/tor.md @@ -72,7 +72,7 @@ should be equal to binding address and port for inbound Tor connections (127.0.0 In a typical situation, where you're only reachable via Tor, this should suffice: - ./bitcoind -proxy=127.0.0.1:9050 -externalip=57qr3yd1nyntf5k.onion -listen + ./bitcoind -proxy=127.0.0.1:9050 -externalip=7zvj7a2imdgkdbg4f2dryd5rgtrn7upivr5eeij4cicjh65pooxeshid.onion -listen (obviously, replace the .onion address with your own). It should be noted that you still listen on all devices and another node could establish a clearnet connection, when knowing @@ -90,7 +90,7 @@ and open port 8333 on your firewall (or use -upnp). If you only want to use Tor to reach .onion addresses, but not use it as a proxy for normal IPv4/IPv6 communication, use: - ./bitcoind -onion=127.0.0.1:9050 -externalip=57qr3yd1nyntf5k.onion -discover + ./bitcoind -onion=127.0.0.1:9050 -externalip=7zvj7a2imdgkdbg4f2dryd5rgtrn7upivr5eeij4cicjh65pooxeshid.onion -discover ## 3. Automatically listen on Tor From dc8a591222f249da81c7eef8aa5961f8d7dd1e23 Mon Sep 17 00:00:00 2001 From: Jon Atack Date: Thu, 15 Oct 2020 12:35:36 +0200 Subject: [PATCH 2/3] doc: add tor.md section on how to get tor info via bitcoind --- doc/tor.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/doc/tor.md b/doc/tor.md index 8fe87bdde63..ccf8a226eec 100644 --- a/doc/tor.md +++ b/doc/tor.md @@ -5,6 +5,16 @@ It is possible to run Bitcoin Core as a Tor onion service, and connect to such s The following directions assume you have a Tor proxy running on port 9050. Many distributions default to having a SOCKS proxy listening on port 9050, but others may not. In particular, the Tor Browser Bundle defaults to listening on port 9150. See [Tor Project FAQ:TBBSocksPort](https://www.torproject.org/docs/faq.html.en#TBBSocksPort) for how to properly configure Tor. +## How to see information about your Tor configuration via Bitcoin Core + +There are several ways to see your local onion address in Bitcoin Core: +- in the debug log (grep for "tor:" or "AddLocal") +- in the output of RPC `getnetworkinfo` in the "localaddresses" section +- in the output of the CLI `-netinfo` peer connections dashboard + +You may set the `-debug=tor` config logging option to have additional +information in the debug log about your Tor configuration. + ## 1. Run Bitcoin Core behind a Tor proxy From a34eceb4cc054b4233e7321de927e8a7a2146301 Mon Sep 17 00:00:00 2001 From: Jon Atack Date: Wed, 16 Sep 2020 08:43:26 +0200 Subject: [PATCH 3/3] doc: update -externalip documentation in tor.md --- doc/tor.md | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/doc/tor.md b/doc/tor.md index ccf8a226eec..34c5f1b5e75 100644 --- a/doc/tor.md +++ b/doc/tor.md @@ -62,14 +62,19 @@ The directory can be different of course, but virtual port numbers should be equ your bitcoind's P2P listen port (8333 by default), and target addresses and ports should be equal to binding address and port for inbound Tor connections (127.0.0.1:8334 by default). - -externalip=X You can tell bitcoin about its publicly reachable address using - this option, and this can be a .onion address. Given the above - configuration, you can find your .onion address in + -externalip=X You can tell bitcoin about its publicly reachable addresses using + this option, and this can be an onion address. Given the above + configuration, you can find your onion address in /var/lib/tor/bitcoin-service/hostname. For connections coming from unroutable addresses (such as 127.0.0.1, where the - Tor proxy typically runs), .onion addresses are given + Tor proxy typically runs), onion addresses are given preference for your node to advertise itself with. + You can set multiple local addresses with -externalip. The + one that will be rumoured to a particular peer is the most + compatible one and also using heuristics, e.g. the address + with the most incoming connections, etc. + -listen You'll need to enable listening for incoming connections, as this is off by default behind a proxy.