I would like to ask your opinion about TOR enabled nodes.
Do you think it is worthy to enabled TOR in every one of our nodes?
I can see in bitnodes21.co the amount of TOR nodes in the network and it is not even then half. I'm considering my self to enable TOR network in mine.
Also, because I think it is better to enabled it to accept incoming connections rather than open the 8333 port on my router.
What are my odds of my privacy and security being compromised if I enable TOR network? I have read is not 100% fail safe.
If my ISP start sharing public my public IP with another clients I wont be able to open the 8333 port.
If anyone can send me links or publish here the pros and cons of enabling TOR network in my nodes you are welcome.
Thanks,
You came to the right place since I know a lot about Tor nodes. There are three types of nodes to choose from. But since you are worried about your ISP. It is better to turn your nodes into Entry node or a Middle node. No fuss. No mess. You don't have to worry about anything. But if want tips exit node is your choice. You will get bitcoin tips. Very rare but if you put your bitcoin address in the settings people will donate because only a few people are setting up exit nodes. But this one is messy because you are the exit node authorities will always target the nodes especially when your node was used to download copyrighted content. Since most authorities are ignorant about nodes. You will always have to explain that you are just a node. Through email. You are not doing anything illegal. That will be your job if you are going to set up an exit node. Really messy.
hello, that is such a nice information the one you are giving me. I would take a look deeper to the kind of TOR nodes available.
I don't mind setting an exit node if that would work as a help to others. I don't live in US so I guess I could be in gray territory (fingers crossed).
I follow this walkthrough to install my current TOR node:
https://medium.com/@lopp/how-to-run-bitcoin-as-a-tor-hidden-service-on-ubuntu-cff52d543756At this moment my TOR node has been some kind of failure, only outgoing connections and sometimes just one incoming connections, no matter how many days the node is up or the netscore.
thanks again
You are talking about two different things. OP is not asking to run a Tor relay and help the Tor network, he is asking about running Bitcoin Core as a hidden service to help the Bitcoin network.
You are not running neither entry, middle nor exit relay. You are not running any kind of relay, you are just using a hidden service.
Your errors from the debug.log have nothing to do with inbound connections, they are all outbound, which you have plenty of.
Also that inbound connection was not yourself, but someone else, they all show 127.0.0.1 as that is only what your Bitcoin Core client can see. Remember that Tor hides IP addresses so it makes sense that you are not going to be able to tell apart the inbound connections to your node.
I suggest two things as someone who gets inbound Tor connections quickly when I start the node.
First, show us your configuration file here, move it somewhere and make a new one like this
proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=zmuzcuoflsycriya.onion
Also move somewhere all your data folder data that doesn't have anything to do with the blockchain or the wallet (blocks,chainstate and wallet.dat is all you need). You can keep the logs tho, they can still be useful.
Secondly, check your Tor configuration and set the hidden service manually if you haven't. Could you please say how you have setup the hidden service and all of that? What OS are you using? In torrc file you need to uncomment (remove the # character) the line where it says
#HiddenServiceDir /var/lib/tor/hidden_service/
Add the following line under that line
HiddenServicePort 8333 127.0.0.1:8333
According to bitnodes.21.co your node is unreachable right now, so you probably haven't set it up correctly, but since you had one connection, it seemed to be working. The truth is that you will not get inbound connections that easily. It can take days to get 3-4. But you shouldn't concern yourself with that, only with the reachability of the node. It helps the network just by being a reliable option to connect to if someone needs it.
Hello , you are right I have no TOR node. Nevertheless, I would like to set one but that is another history..
First of all you cannot see my node on bitnodes21.co because I have changed back to IPv6 (where I can only get just 8 outgoing connections)
I will turn back again to TOR mode.
This is the last part of my current configuration file. The other lines are all commented
# Enable pruning to reduce storage requirements by deleting old blocks.
# This mode is incompatible with -txindex and -rescan.
# 0 = default (no pruning).
# 1 = allows manual pruning via RPC.
# >=550 = target to stay under in MiB.
prune=1000
# User interface options
# Start Bitcoin minimized
#min=1
# Minimize to the system tray
#minimizetotray=1
proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
externalip=zmuzcuoflsycriya.onion
and this is what I have in my bitcoin folder. As you can see I am running a pruned node in a Raspberry Pi
pi@raspberrypi:~ $ ls -la .bitcoin/
total 19836
drwxr-xr-x 4 pi pi 4096 Oct 21 17:35 .
drwxr-xr-x 8 pi pi 4096 Oct 21 17:33 ..
-rw------- 1 pi pi 37 Sep 21 17:55 banlist.dat
-rw-r--r-- 1 pi pi 6131 Oct 21 17:35 bitcoin.conf
-rw------- 1 pi pi 4 Oct 20 08:22 bitcoind.pid
drwx------ 3 pi pi 4096 Oct 21 08:47 blocks
drwx------ 2 pi pi 69632 Oct 21 11:19 chainstate
-rw------- 1 pi pi 75 Oct 20 08:22 .cookie
-rw-r--r-- 1 pi pi 0 Sep 20 17:10 db.log
-rw------- 1 pi pi 2089402 Oct 21 17:35 debug.log
-rw------- 1 pi pi 247985 Oct 20 08:22 fee_estimates.dat
-rw------- 1 pi pi 0 Sep 20 17:10 .lock
-rw------- 1 pi pi 13545876 Oct 20 08:16 mempool.dat
-rw------- 1 pi pi 820 Oct 20 08:20 onion_private_key
-rw------- 1 pi pi 4305024 Oct 21 17:28 peers.dat
so you are suggesting to move everything but folders blocks and chainstate ?
wont that broke my node? I dont want to reindex it.
I have uncommented the lines from /etc/tor/torrc and now it is like this:
############### This section is just for location-hidden services ###
## Once you have configured a hidden service, you can look at the
## contents of the file ".../hidden_service/hostname" for the address
## to tell people.
##
## HiddenServicePort x y:z says to redirect requests on port x to the
## address y:z.
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 8333 127.0.0.1:8333
#HiddenServiceDir /var/lib/tor/other_hidden_service/
#HiddenServicePort 80 127.0.0.1:80
#HiddenServicePort 22 127.0.0.1:22
At this moment my TOR node is reachable again
thanks for your comments
Get the Tor node running on your network - isn't secure solution - it should be running in DMZ.
It is a bitcoin tor node, not a tor node. elaborate the security issue please