Go to the profile of Peter Fox
Peter Fox
Programmer, Developer, Server engineer and Technology enthusiast

Simple Tasks made Simpler — Generating Onion Addresses

So this is a bit out of my usual space but a friend asked and I thought it to both documenting for all. Generating Tor addresses are pretty simple, they are just asymmetric keys (you know the private/public pair kind) but sometimes you might want to generate an onion address that meets a certain pattern. The software we’re going to use for this is Shallot. Is this the best thing for the job, not exactly, it will only make use of our hardwares CPU, we could easily use a GPU or even a FPGA but we’re doing this the simple way. Using a CPU will be by no means fast, generating an Onion address can take up to from anywhere between a few seconds to a millennium depending on the complexity.

Our Hardware

We can use any hardware for this tutorial a virtual machine or full PC but again we’re going simple. I’ve had a Raspberry Pi 2 setting around in my draw for a few months so it’s time to dust off the old boy, get a micro SD card with Ubuntu Xenial on it and boot up. Once we have it ready and booted, just SSH into your Ubuntu instance in my case the Raspberry Pi.

Setting up the Software

As typical with using Ubuntu we’ll install the majority of the tools we need via apt running the following commands:

sudo apt-get update
sudo apt-get install build-essential git libssl-dev tmux mailutils

build-essential, git and libssl-dev will be required for making Shallot work. tmux and mailutils will just be for making our lives easier when we start making addresses. If you get asked for configuration parameters for mailutils, don’t worry, just stick with the defaults.

Now we just need to compile Shallot for ourselves. Run the following:

git clone https://github.com/katmagic/Shallot.git
cd Shallot
./configure && make

This should make us our local shallot binary for the Raspberry Pi (or which ever device you’re on) which we can execute. Try it, run:

./shallot ^key

And you should be shown a successful key generation. In your console. Note the onion address provided will start with ‘key’. You can supply any argument of ^something and it will keep generating random keys until it finds and address that starts with the pattern provided, just bare in mind your hardware. Anything over 8 characters is going to involve an insane amount of time to wait.

Great, so we’re done?

Well not quite, this is fine but did you look at the predicted rate of generating an address that starts with the pattern we want from the Shallot github page? Generating an address with 7+ characters is a large undertaking and you can’t just keep a SSH session open. If the connection closes or is lost that’s it, all the time spent waiting for nothing so instead we use tmux to run our process inside a session we can disconnect and reattach to at any point. To do this we need to run:

tmux

Which will open up a terminal session we can return to each time we SSH into the Raspberry Pi by simply running:

tmux attach

When in a tmux session we simple press Ctrl + B and then D to exit back to our regular terminal, then we can safely exit that knowing we can just SSH back in and reattach.

This is great but not quite there, we don’t want to keep SSHing into a Raspberry Pi each time to check if our key is done and that’s where mailutils comes in. Inside tmux we’ll run the following: (Make sure your terminal is in the Shallot directory where we built the shallot executable)

./shallot ^key | mail -s “Onion Address” <your email here>

Now when our key is generated it will fire off an email to you with the key details. While technically this is a bit silly, security wise we should really not be sending ourselves security keys by email it does make life easier. Just please try a small address pattern before going for that big one you want, last thing we need is to finish and find your key got put in the spam folder of your email account. Copy the key and address to somewhere safe and then delete it.

Finally there

Now we can generate Onion addresses without leaving terminals open to be interrupted and cancelled by pesky human interactions with the machine. In my case I put my Raspberry Pi somewhere safe and just have to hope no one unplugs it or that I have a power outage in the mean time.