Hi all, I am sorry to say this but I will take down my TOR Raspnode. I dont see any incoming connection so that bothers me. It has always error connecting Socks5()
So I decided to disable TOR network compatibility and move to a regular pruned node.
peace
Topic: TOR Nodes (Read 2729 times)
Nothing is 100%, but Tor is the best way to anonymously run a node. The other benefit is, as you said, that you don't need to forward posts. Anonymity also brings a bit of security as well, since no one will know your IP.
The only real downside of using Tor is bandwith speeds, that are maybe a half or a third of the direct connection on average, but since Bitcoin really doesn't require much bandwith, unless it is doing an initial sync, then it isn't even noticeable.
I would suggest you enable Tor, you don't really lose anything and you gain more nodes.
The only real downside of using Tor is bandwith speeds, that are maybe a half or a third of the direct connection on average, but since Bitcoin really doesn't require much bandwith, unless it is doing an initial sync, then it isn't even noticeable.
I would suggest you enable Tor, you don't really lose anything and you gain more nodes.
It's very noticeable when you run a node under Tor and try to sync the network, it becomes too slow to download sometimes, but it's not the end of world, it's still reasonable to download the entire chain with Tor.
But if it's really a problem, I guess a solution is to download the entire chain under your normal connection at high speeds. Once you have your node synced, close it, then open the Tor Browser, then open your node again and now you can do transactions under Tor. I think that would do.
Is using TOR to anonymize yourself as simple as opening the TOR browser and then opening the node??!! Why then do we have these TOR-integrated coins??!! Like Novacoin used to be, now DeepOnion.
Though DeepOnion has come up with a lot of other tweaks and additions too.
Hmm well you've got a point there, i'm really curious what will end up happening to crypto's :p we've got a bright future ahead.
OP be patient. It might just be that it takes some time. It should be better in couple of days if it runs 24h a day.
Bitcoin Core is already built with Tor in mind and is very easy to run it over Tor, as you can see in OP's network status Bitcoin Core knows about hidden services and all that. The thing about forcing all the connections through Tor is that it takes more effort to make sure that you can bypass Tor blockades imposed by some countries in the world (China and Turkey are some examples).
they should fuse tor and bitcoin/litecoin, so every miner (or even every wallet) is a tor node and all transactions pass trough the node for very good privacy. the government will try everything to compromise the anonimity of bitcoin and litecoin users, so the developers should do everything they can to prevent it and keep transactions private. If for some reason transactions would be able to be tracked by the government this would be kind of a disaster for crypto.
Bitcoin Core is already built with Tor in mind and is very easy to run it over Tor, as you can see in OP's network status Bitcoin Core knows about hidden services and all that. The thing about forcing all the connections through Tor is that it takes more effort to make sure that you can bypass Tor blockades imposed by some countries in the world (China and Turkey are some examples).
they should fuse tor and bitcoin/litecoin, so every miner (or even every wallet) is a tor node and all transactions pass trough the node for very good privacy. the government will try everything to compromise the anonimity of bitcoin and litecoin users, so the developers should do everything they can to prevent it and keep transactions private. If for some reason transactions would be able to be tracked by the government this would be kind of a disaster for crypto.
Are you getting any outgoing connections through Tor? Would you check if your tor is running first? You simply maybe forgot to turn it on or restart in after changing the configuration files.
Hi, yes the node is getting outgoing connections. With time it got a incoming connection so is UP again in bitnodes21.co
this is the result of current getnetworkinfo
Quote
pi@raspberrypi:~ $ bitcoin-cli getnetworkinfo
{
"version": 150001,
"subversion": "/Satoshi:0.15.0.1/",
"protocolversion": 70015,
"localservices": "000000000000000c",
"localrelay": true,
"timeoffset": -1,
"networkactive": true,
"connections": 11,
"networks": [
{
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "onion",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
}
],
"relayfee": 0.00001000,
"incrementalfee": 0.00001000,
"localaddresses": [
{
"address": "zmuzcuoflsycriya.onion",
"port": 8333,
"score": 895
}
],
"warnings": ""
}
{
"version": 150001,
"subversion": "/Satoshi:0.15.0.1/",
"protocolversion": 70015,
"localservices": "000000000000000c",
"localrelay": true,
"timeoffset": -1,
"networkactive": true,
"connections": 11,
"networks": [
{
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "onion",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
}
],
"relayfee": 0.00001000,
"incrementalfee": 0.00001000,
"localaddresses": [
{
"address": "zmuzcuoflsycriya.onion",
"port": 8333,
"score": 895
}
],
"warnings": ""
}
It just wont have anymore than 1 incoming connection..
so frustrating.
Are you getting any outgoing connections through Tor? Would you check if your tor is running first? You simply maybe forgot to turn it on or restart in after changing the configuration files.
Hello, it is me again with an update about my TOR node.
It seems bitnodes21.co detect it as down even when it is up BUT only with outgoing connections. The node has no incoming ones.
I have check my node in bitnodes21.co and it detects it as a node with open ports. I dont know what is happening. I will publish the last part of my debu.log file and the networkinfo result
Hope someone can help me
It seems bitnodes21.co detect it as down even when it is up BUT only with outgoing connections. The node has no incoming ones.
I have check my node in bitnodes21.co and it detects it as a node with open ports. I dont know what is happening. I will publish the last part of my debu.log file and the networkinfo result
Quote
2017-10-27 19:51:47 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:53:07 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:54:18 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:55:21 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:57:44 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:58:48 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:59:51 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:01:11 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:02:16 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:03:20 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:04:25 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:06:49 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:07:59 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:08:35 Socks5() connect to 2a02:2788:836:34b::1:8333 failed: general failure
2017-10-27 19:53:07 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:54:18 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:55:21 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:57:44 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:58:48 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 19:59:51 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:01:11 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:02:16 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:03:20 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:04:25 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:06:49 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:07:59 Socks5() connect to by3sufi775l75dch.onion:8333 failed: connection refused
2017-10-27 20:08:35 Socks5() connect to 2a02:2788:836:34b::1:8333 failed: general failure
Quote
{
"version": 150001,
"subversion": "/Satoshi:0.15.0.1/",
"protocolversion": 70015,
"localservices": "000000000000000c",
"localrelay": true,
"timeoffset": -1,
"networkactive": true,
"connections": 10,
"networks": [
{
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "onion",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
}
],
"relayfee": 0.00001000,
"incrementalfee": 0.00001000,
"localaddresses": [
{
"address": "zmuzcuoflsycriya.onion",
"port": 8333,
"score": 679
}
],
"warnings": ""
}
"version": 150001,
"subversion": "/Satoshi:0.15.0.1/",
"protocolversion": 70015,
"localservices": "000000000000000c",
"localrelay": true,
"timeoffset": -1,
"networkactive": true,
"connections": 10,
"networks": [
{
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "onion",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
}
],
"relayfee": 0.00001000,
"incrementalfee": 0.00001000,
"localaddresses": [
{
"address": "zmuzcuoflsycriya.onion",
"port": 8333,
"score": 679
}
],
"warnings": ""
}
Hope someone can help me
You created that hidden service with the Bitcoin Core option, I didn't do that. I assume everything is working fine with your node, it is just that it is hard to get inbound connections on the Tor network as there are not many users that use Tor compared to the clearnet, but they are there. Leave it running for few days and you might get few connections, either way, you are helping just by being there and you will be able to connect your light clients to that node over Tor.
With that torrc configuration you have another hidden service now, that points to your node. You could probably move that private key in the folder mentioned in that torrc configuration file and change the host name in that directory, but that could be risky.
So the point is this, I am pretty sure that your node works fine and you can just leave it like that. You can also uncomment that stuff in torrc if you don't want to tor domains. You can also read the hostname file in the /var/lib/tor/hidden_service/ to see the Tor domain you created if you want to use both of them. You are using Bitcoin Core's feature to create a Tor domain for you and if you like that, then you can keep doing that. You can alternatively take care of this yourself, if you wish, and make your own Tor domain and manage it as all other hidden services. You might even be able to keep the same onion address, but what ever you wish to do should be fine. Your hidden service private key is currently readable by the user pi, this is necessary as you run Bitcoin Core as that user and for security reasons you should never run programs as root when you don't have to. However, if you create your own hidden service, it's private key will only be readable by root, so it might be more secure.
As for the DMZ, it is all up for the discussion. If you trust that Bitcoin Core and Tor software are coded safely, which I would say is pretty good guess, then you should be fine. If you are scared that your node will get hacked just by having only it's 8333 port open on the hidden service, which means that either Tor or Bitcoin software has a vulnerability, then DMZ would isolate that node outside of your router's firewall and take away hacker's access to your LAN. However,m this would also put your node at higher risk as it would be outside of the firewall. So it is just focusing your security, not increasing it.
With that torrc configuration you have another hidden service now, that points to your node. You could probably move that private key in the folder mentioned in that torrc configuration file and change the host name in that directory, but that could be risky.
So the point is this, I am pretty sure that your node works fine and you can just leave it like that. You can also uncomment that stuff in torrc if you don't want to tor domains. You can also read the hostname file in the /var/lib/tor/hidden_service/ to see the Tor domain you created if you want to use both of them. You are using Bitcoin Core's feature to create a Tor domain for you and if you like that, then you can keep doing that. You can alternatively take care of this yourself, if you wish, and make your own Tor domain and manage it as all other hidden services. You might even be able to keep the same onion address, but what ever you wish to do should be fine. Your hidden service private key is currently readable by the user pi, this is necessary as you run Bitcoin Core as that user and for security reasons you should never run programs as root when you don't have to. However, if you create your own hidden service, it's private key will only be readable by root, so it might be more secure.
As for the DMZ, it is all up for the discussion. If you trust that Bitcoin Core and Tor software are coded safely, which I would say is pretty good guess, then you should be fine. If you are scared that your node will get hacked just by having only it's 8333 port open on the hidden service, which means that either Tor or Bitcoin software has a vulnerability, then DMZ would isolate that node outside of your router's firewall and take away hacker's access to your LAN. However,m this would also put your node at higher risk as it would be outside of the firewall. So it is just focusing your security, not increasing it.
I would like to ask your opinion about TOR enabled nodes.
Do you think it is worthy to enabled TOR in every one of our nodes?
I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.
What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.
If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.
If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.
Thanks,
Do you think it is worthy to enabled TOR in every one of our nodes?
I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.
What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.
If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.
If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.
Thanks,
You came to the right place since I know a lot about Tor nodes. There are three types of nodes to choose from. But since you are worried about your ISP. It is better to turn your nodes into Entry node or a Middle node. No fuss. No mess. You don't have to worry about anything. But if want tips exit node is your choice. You will get bitcoin tips. Very rare but if you put your bitcoin address in the settings people will donate because only a few people are setting up exit nodes. But this one is messy because you are the exit node authorities will always target the nodes especially when your node was used to download copyrighted content. Since most authorities are ignorant about nodes. You will always have to explain that you are just a node. Through email. You are not doing anything illegal. That will be your job if you are going to set up an exit node. Really messy.
hello, that is such a nice information the one you are giving me. I would take a look deeper to the kind of TOR nodes available.
I don't mind setting an exit node if that would work as a help to others. I don't live in US so I guess I could be in gray territory (fingers crossed).
I follow this walkthrough to install my current TOR node:
https://medium.com/@lopp/how-to-run-bitcoin-as-a-tor-hidden-service-on-ubuntu-cff52d543756
At this moment my TOR node has been some kind of failure, only outgoing connections and sometimes just one incoming connections, no matter how many days the node is up or the netscore.
thanks again
You are talking about two different things. OP is not asking to run a Tor relay and help the Tor network, he is asking about running Bitcoin Core as a hidden service to help the Bitcoin network.
You are not running neither entry, middle nor exit relay. You are not running any kind of relay, you are just using a hidden service.
Your errors from the debug.log have nothing to do with inbound connections, they are all outbound, which you have plenty of.
Also that inbound connection was not yourself, but someone else, they all show 127.0.0.1 as that is only what your Bitcoin Core client can see. Remember that Tor hides IP addresses so it makes sense that you are not going to be able to tell apart the inbound connections to your node.
I suggest two things as someone who gets inbound Tor connections quickly when I start the node.
First, show us your configuration file here, move it somewhere and make a new one like this
Code:
proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=zmuzcuoflsycriya.onion
Also move somewhere all your data folder data that doesn't have anything to do with the blockchain or the wallet (blocks,chainstate and wallet.dat is all you need). You can keep the logs tho, they can still be useful.
Secondly, check your Tor configuration and set the hidden service manually if you haven't. Could you please say how you have setup the hidden service and all of that? What OS are you using? In torrc file you need to uncomment (remove the # character) the line where it says
Code:
#HiddenServiceDir /var/lib/tor/hidden_service/
Add the following line under that line
Code:
HiddenServicePort 8333 127.0.0.1:8333
According to bitnodes.21.co your node is unreachable right now, so you probably haven't set it up correctly, but since you had one connection, it seemed to be working. The truth is that you will not get inbound connections that easily. It can take days to get 3-4. But you shouldn't concern yourself with that, only with the reachability of the node. It helps the network just by being a reliable option to connect to if someone needs it.
Hello , you are right I have no TOR node. Nevertheless, I would like to set one but that is another history..
First of all you cannot see my node on bitnodes21.co because I have changed back to IPv6 (where I can only get just 8 outgoing connections)
I will turn back again to TOR mode.
This is the last part of my current configuration file. The other lines are all commented
Code:
# Enable pruning to reduce storage requirements by deleting old blocks.
# This mode is incompatible with -txindex and -rescan.
# 0 = default (no pruning).
# 1 = allows manual pruning via RPC.
# >=550 = target to stay under in MiB.
prune=1000
# User interface options
# Start Bitcoin minimized
#min=1
# Minimize to the system tray
#minimizetotray=1
proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=zmuzcuoflsycriya.onion
and this is what I have in my bitcoin folder. As you can see I am running a pruned node in a Raspberry Pi
Code:
pi@raspberrypi:~ $ ls -la .bitcoin/
total 19836
drwxr-xr-x 4 pi pi 4096 Oct 21 17:35 .
drwxr-xr-x 8 pi pi 4096 Oct 21 17:33 ..
-rw------- 1 pi pi 37 Sep 21 17:55 banlist.dat
-rw-r--r-- 1 pi pi 6131 Oct 21 17:35 bitcoin.conf
-rw------- 1 pi pi 4 Oct 20 08:22 bitcoind.pid
drwx------ 3 pi pi 4096 Oct 21 08:47 blocks
drwx------ 2 pi pi 69632 Oct 21 11:19 chainstate
-rw------- 1 pi pi 75 Oct 20 08:22 .cookie
-rw-r--r-- 1 pi pi 0 Sep 20 17:10 db.log
-rw------- 1 pi pi 2089402 Oct 21 17:35 debug.log
-rw------- 1 pi pi 247985 Oct 20 08:22 fee_estimates.dat
-rw------- 1 pi pi 0 Sep 20 17:10 .lock
-rw------- 1 pi pi 13545876 Oct 20 08:16 mempool.dat
-rw------- 1 pi pi 820 Oct 20 08:20 onion_private_key
-rw------- 1 pi pi 4305024 Oct 21 17:28 peers.dat
so you are suggesting to move everything but folders blocks and chainstate ?
wont that broke my node? I dont want to reindex it.
I have uncommented the lines from /etc/tor/torrc and now it is like this:
Code:
############### This section is just for location-hidden services ###
## Once you have configured a hidden service, you can look at the
## contents of the file ".../hidden_service/hostname" for the address
## to tell people.
##
## HiddenServicePort x y:z says to redirect requests on port x to the
## address y:z.
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 8333 127.0.0.1:8333
#HiddenServiceDir /var/lib/tor/other_hidden_service/
#HiddenServicePort 80 127.0.0.1:80
#HiddenServicePort 22 127.0.0.1:22
At this moment my TOR node is reachable again
thanks for your comments
Get the Tor node running on your network - isn't secure solution - it should be running in DMZ.
It is a bitcoin tor node, not a tor node. elaborate the security issue please
I would like to ask your opinion about TOR enabled nodes.
Do you think it is worthy to enabled TOR in every one of our nodes?
I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.
What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.
If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.
If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.
Thanks,
Do you think it is worthy to enabled TOR in every one of our nodes?
I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.
What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.
If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.
If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.
Thanks,
You came to the right place since I know a lot about Tor nodes. There are three types of nodes to choose from. But since you are worried about your ISP. It is better to turn your nodes into Entry node or a Middle node. No fuss. No mess. You don't have to worry about anything. But if want tips exit node is your choice. You will get bitcoin tips. Very rare but if you put your bitcoin address in the settings people will donate because only a few people are setting up exit nodes. But this one is messy because you are the exit node authorities will always target the nodes especially when your node was used to download copyrighted content. Since most authorities are ignorant about nodes. You will always have to explain that you are just a node. Through email. You are not doing anything illegal. That will be your job if you are going to set up an exit node. Really messy.
hello, that is such a nice information the one you are giving me. I would take a look deeper to the kind of TOR nodes available.
I don't mind setting an exit node if that would work as a help to others. I don't live in US so I guess I could be in gray territory (fingers crossed).
I follow this walkthrough to install my current TOR node:
https://medium.com/@lopp/how-to-run-bitcoin-as-a-tor-hidden-service-on-ubuntu-cff52d543756
At this moment my TOR node has been some kind of failure, only outgoing connections and sometimes just one incoming connections, no matter how many days the node is up or the netscore.
thanks again
You are talking about two different things. OP is not asking to run a Tor relay and help the Tor network, he is asking about running Bitcoin Core as a hidden service to help the Bitcoin network.
You are not running neither entry, middle nor exit relay. You are not running any kind of relay, you are just using a hidden service.
Your errors from the debug.log have nothing to do with inbound connections, they are all outbound, which you have plenty of.
Also that inbound connection was not yourself, but someone else, they all show 127.0.0.1 as that is only what your Bitcoin Core client can see. Remember that Tor hides IP addresses so it makes sense that you are not going to be able to tell apart the inbound connections to your node.
I suggest two things as someone who gets inbound Tor connections quickly when I start the node.
First, show us your configuration file here, move it somewhere and make a new one like this
Code:
proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=zmuzcuoflsycriya.onion
Also move somewhere all your data folder data that doesn't have anything to do with the blockchain or the wallet (blocks,chainstate and wallet.dat is all you need). You can keep the logs tho, they can still be useful.
Secondly, check your Tor configuration and set the hidden service manually if you haven't. Could you please say how you have setup the hidden service and all of that? What OS are you using? In torrc file you need to uncomment (remove the # character) the line where it says
Code:
#HiddenServiceDir /var/lib/tor/hidden_service/
Add the following line under that line
Code:
HiddenServicePort 8333 127.0.0.1:8333
According to bitnodes.21.co your node is unreachable right now, so you probably haven't set it up correctly, but since you had one connection, it seemed to be working. The truth is that you will not get inbound connections that easily. It can take days to get 3-4. But you shouldn't concern yourself with that, only with the reachability of the node. It helps the network just by being a reliable option to connect to if someone needs it.
I would like to ask your opinion about TOR enabled nodes.
Do you think it is worthy to enabled TOR in every one of our nodes?
I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.
What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.
If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.
If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.
Thanks,
Do you think it is worthy to enabled TOR in every one of our nodes?
I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.
What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.
If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.
If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.
Thanks,
You came to the right place since I know a lot about Tor nodes. There are three types of nodes to choose from. But since you are worried about your ISP. It is better to turn your nodes into Entry node or a Middle node. No fuss. No mess. You don't have to worry about anything. But if want tips exit node is your choice. You will get bitcoin tips. Very rare but if you put your bitcoin address in the settings people will donate because only a few people are setting up exit nodes. But this one is messy because you are the exit node authorities will always target the nodes especially when your node was used to download copyrighted content. Since most authorities are ignorant about nodes. You will always have to explain that you are just a node. Through email. You are not doing anything illegal. That will be your job if you are going to set up an exit node. Really messy.
hello, that is such a nice information the one you are giving me. I would take a look deeper to the kind of TOR nodes available.
I don't mind setting an exit node if that would work as a help to others. I don't live in US so I guess I could be in gray territory (fingers crossed).
I follow this walkthrough to install my current TOR node:
https://medium.com/@lopp/how-to-run-bitcoin-as-a-tor-hidden-service-on-ubuntu-cff52d543756
At this moment my TOR node has been some kind of failure, only outgoing connections and sometimes just one incoming connections, no matter how many days the node is up or the netscore.
thanks again
I would like to ask your opinion about TOR enabled nodes.
Do you think it is worthy to enabled TOR in every one of our nodes?
I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.
What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.
If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.
If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.
Thanks,
Do you think it is worthy to enabled TOR in every one of our nodes?
I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.
What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.
If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.
If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.
Thanks,
You came to the right place since I know a lot about Tor nodes. There are three types of nodes to choose from. But since you are worried about your ISP. It is better to turn your nodes into Entry node or a Middle node. No fuss. No mess. You don't have to worry about anything. But if want tips exit node is your choice. You will get bitcoin tips. Very rare but if you put your bitcoin address in the settings people will donate because only a few people are setting up exit nodes. But this one is messy because you are the exit node authorities will always target the nodes especially when your node was used to download copyrighted content. Since most authorities are ignorant about nodes. You will always have to explain that you are just a node. Through email. You are not doing anything illegal. That will be your job if you are going to set up an exit node. Really messy.
You risk visits from the FBI when running TOR nodes if you are in the States. You don't know what other people are doing on the TOR network and if yours is an exit node, pretty much the NSA or FBI can use traffic analyses to connect the offender on the TOR network to your node and you may receive an unpleasant visit soon after. Be very careful running TOR if you are in the States, a few neighbors of mine have had such visits but I don't know if they were running nodes or only using TOR browser.
Running tor nodes, nothing is worth it!
The more tor nodes, the more complex the tor network,
the higher the anonymity!The future of the Internet is to connect everything,
but some people don't want to be connected again and being monitored. For this part, tor is very necessary!
The more tor nodes, the more complex the tor network,
the higher the anonymity!The future of the Internet is to connect everything,
but some people don't want to be connected again and being monitored. For this part, tor is very necessary!
You can be sure that there is nothing in the world that lasts for ever or works at 100%. But Tor provides you with more security than any other browser potentially would. But that also means less speed 
(which proves to be really irritating). I use TOR rarely, but when I do, I love the feeling of complete security
(which proves to be really irritating). I use TOR rarely, but when I do, I love the feeling of complete security
All right, as promised I am here to update the result of the test.
Finally today after a few days with just 9 connections (only 1 inbound) my TOR node stop receiving incoming connections.
I could successfully connect to other .onion nodes using the addnode command but it seem my only incoming connection was MYSELF
Why I say this? Because part of the result of getpeerinfo was this:
zmuzcuoflsycriya.onion:8333 was my onion address
On the debug I got a lot of these
I got connected to bitnodes21.co and that was my only incoming connection. It seems the purpose was to keep my node status on their website.
I have got a good netscore for the onion address but for me it is not a useful node if it doesnt have incoming connections
Finally today after a few days with just 9 connections (only 1 inbound) my TOR node stop receiving incoming connections.
I could successfully connect to other .onion nodes using the addnode command but it seem my only incoming connection was MYSELF
Why I say this? Because part of the result of getpeerinfo was this:
Code:
"id": 9,
"addr": "127.0.0.1:59768",
"addrlocal": "zmuzcuoflsycriya.onion:8333",
zmuzcuoflsycriya.onion:8333 was my onion address
On the debug I got a lot of these
Code:
2017-10-17 02:30:12 receive version message: /bitnodes.21.co:0.1/: version 70015, blocks=490235, us=
zmuzcuoflsycriya.onion:8333, peer=1848
2017-10-17 02:31:05 Socks5() connect to 46.146.20.179:8333 failed: connection refused
2017-10-17 02:32:05 UpdateTip: new best=000000000000000000769c19d1723e0f53569e154d63fd5c79cffabb8540
9914 height=490236 version=0x20000000 log2_work=87.295696 tx=262776454 date='2017-10-17 02:32:00' pr
ogress=1.000000 cache=72.0MiB(635737txo)
2017-10-17 02:34:03 receive version message: /bitnodes.21.co:0.1/: version 70015, blocks=490235, us=
zmuzcuoflsycriya.onion:8333, peer=1849
2017-10-17 02:35:55 Socks5() connect to 2a00:1298:8011:212::165:8333 failed: general failure
2017-10-17 02:37:17 Socks5() connect to 71.199.96.202:8333 failed: TTL expired
2017-10-17 02:39:53 receive version message: /bitnodes.21.co:0.1/: version 70015, blocks=490236, us=
zmuzcuoflsycriya.onion:8333, peer=1850
2017-10-17 02:41:38 Socks5() connect to 95.154.99.150:8333 failed: connection refused
I got connected to bitnodes21.co and that was my only incoming connection. It seems the purpose was to keep my node status on their website.
I have got a good netscore for the onion address but for me it is not a useful node if it doesnt have incoming connections
Code:
{
"version": 150001,
"subversion": "/Satoshi:0.15.0.1/",
"protocolversion": 70015,
"localservices": "000000000000000c",
"localrelay": true,
"timeoffset": -1,
"networkactive": true,
"connections": 16,
"networks": [
{
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "onion",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
}
],
"relayfee": 0.00001000,
"incrementalfee": 0.00001000,
"localaddresses": [
{
"address": "zmuzcuoflsycriya.onion",
"port": 8333,
"score": 573
}
],
"warnings": ""
}I checked using getpeerinfo and the only incoming connection is though IPv6. I guess I will wait for more. Thank you for your comment.
I wonder if the incoming connections would be more if I create a whitelist with the most stable nodes from bitcoin21.co
Have anyone tried that?
I wonder if the incoming connections would be more if I create a whitelist with the most stable nodes from bitcoin21.co
Have anyone tried that?
That is a bad sign. You might not have something setup properly. There is a bit of a privacy risk to using your Bitcoin node with and without Tor at the same time, but not really very worrying, but still.
I don't know how you setup your Tor node, but check bitcoin.conf in your data directory.
I set it up by installing tor and creating a hidden service in the torrc file. Then I run Bitcoin Core with bitcoin.conf looking something like this:
Code:
proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=examplehiddenservice.onion
This makes routes all the traffic through Tor and the node is only accessible with the hidden service. You can alternatively bind it to a external ip and therefor allow IP connections, but as I said, might be a privacy concern.
Hi, thanks for your comment. I am testing the bitcoin.conf settings you mentioned.
on externalip I have set my .onion hiddenservice
Now I can see when I execute getnetworkinfo that my only local address is the .onion one
The IPv6 address is not longer published.
I will give it a few days to see how is it going and keep you all updated.
peace
I checked using getpeerinfo and the only incoming connection is though IPv6. I guess I will wait for more. Thank you for your comment.
I wonder if the incoming connections would be more if I create a whitelist with the most stable nodes from bitcoin21.co
Have anyone tried that?
I wonder if the incoming connections would be more if I create a whitelist with the most stable nodes from bitcoin21.co
Have anyone tried that?
That is a bad sign. You might not have something setup properly. There is a bit of a privacy risk to using your Bitcoin node with and without Tor at the same time, but not really very worrying, but still.
I don't know how you setup your Tor node, but check bitcoin.conf in your data directory.
I set it up by installing tor and creating a hidden service in the torrc file. Then I run Bitcoin Core with bitcoin.conf looking something like this:
Code:
proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=examplehiddenservice.onion
This makes routes all the traffic through Tor and the node is only accessible with the hidden service. You can alternatively bind it to a external ip and therefor allow IP connections, but as I said, might be a privacy concern.
From what I understand about tor is that anyone who does this will be exposing their information to a tor exit node which can be hosted by anyone. so any sensitive information will be in clear text and be stolen by the person who is hosting the exit node.
Jump to: