Running a monero node over Tor

kico
6 min readJan 4, 2018

--

This Tutorial is meant to show you how to install and run a Full Monero Node over Tor Network runing everything through Tor network.It assumes you are running an ubuntu 16.04 LTS fresh install.

Update your packages

sudo apt update

sudo apt upgrade

sudo apt install libssl-dev libzstd-dev

Install Tor

Check your debian release first:

cat /etc/debian_version

Check on Tor website for the right release https://www.torproject.org/docs/debian.html.en

sudo nano /etc/apt/sources.list

And Paste

— — — — — -cut here — — — — — — — — — — — — —
deb http://deb.torproject.org/torproject.org xenial main
deb-src http://deb.torproject.org/torproject.org xenial main

— — — — — -cut here — — — — — — — — — — — — —
Then do:

sudo -i
apt update
gpg — keyserver keys.gnupg.net — recv 886DDD89
gpg — export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
apt install tor deb.torproject.org-keyring
systemctl restart tor

Edit torrc

sudo nano /etc/tor/torrc

Add:

-----------cut here --------------------------

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 18081 127.0.0.1:18081

-----------cut here --------------------------

sudo systemctl restart tor

sudo cat /var/lib/tor/hidden_service/hostname

It will give you your .onion address like: 2fgjjj4lcsewduyb.onion

Install monero and sync chain

From this moment on we will try to do everything over Torsocks so we increase in security and have less “leakage” as possible

sudo torsocks apt install git

sudo torsocks apt install cmake build-essential libboost-all-dev libssl-dev libzmq3-dev libunbound-dev libminiupnpc-dev libunwind8-dev liblzma-dev libreadline6-dev libldns-dev libexpat1-dev

sudo torsocks apt install libgtest-dev && cd /usr/src/gtest && sudo cmake . && sudo make && sudo mv libg* /usr/lib/

cd ~/Documents/

sudo torsocks git clone https://github.com/monero-project/monero.git

ls -la

sudo chown -R tor-node. monero/

cd monero

make

Grab a Coffee while it compiles !!

cd build/release/bin/

sudo torsocks wget -c — progress=bar https://downloads.getmonero.org/blockchain.raw

Only download blockchain.raw from a trusted source such as above! Take a nap this will take some time!

sudo chown tor-node. ./blockchain.raw

./monero-blockchain-import — input-file ./blockchain.raw

This will take a while! Take another nap!

rm -rf ./blockchain.raw <- save disk space

After importing the blockchain.raw run monerod first time to make sure it syncs to latest blockheight we use some "Tor" options and a exclusive node to prevent "leakage". The node used here is node.xmr.pt:18081 an open node run by comunity members, you should really use your own or you can always run with none at all but be more "open" to the network, this is the least recomended "mode" tho.

While Monero isn't made to integrate with Tor, it can be used wrapped with torsocks, if you add --p2p-bind-ip 127.0.0.1 to the monerod command line. You also want to set DNS requests to go over TCP, so they'll be routed through Tor, by setting DNS_PUBLIC=tcp or use a particular DNS server with DNS_PUBLIC=tcp://a.b.c.d (default is 8.8.4.4, which is Google DNS). You may also disable IGD (UPnP port forwarding negotiation), which is pointless with Tor, we also add --hide-my-port so we don't anounce our node to the network itself. To allow local connections from the wallet, you might have to add TORSOCKS_ALLOW_INBOUND=1, some OSes need it and some don't...

DNS_PUBLIC=tcp://8.8.4.4 TORSOCKS_ALLOW_INBOUND=1 torsocks ./monerod — p2p-bind-ip 127.0.0.1 — no-igd — add-exclusive-node 80.172.224.52 — hide-my-port

Please wait for the node to fully sync this might take a while ... use "status" to check and "exit" to quit.
By now your monerod should be fully synced you can kill the process and run it wrapped in torsocks and daemon mode:

DNS_PUBLIC=tcp://8.8.4.4 TORSOCKS_ALLOW_INBOUND=1 torsocks ./monerod — p2p-bind-ip 127.0.0.1 — no-igd — add-exclusive-node 80.172.224.52 — hide-my-port — detach

To make sure all is up runing and working properly you can open tor browser and browse http://youraddress.onion:18081/getinfo or run: curl -L 127.0.0.1:18081/getinfo and check if you get an “Height” and “Target Height” which matches current network height, also you can run: tail -F ~/.bitmonero/bitmonero.log and check your daemon log for any errors.

Install Monero in Client Computer and connecting to your .onion node

Install Tor and TorBrowser in the client computer (if you're running the wallet in the same computer as the node skip this step)

sudo apt install tor torbrowser-launcher

sudo service restart tor

sudo torsocks apt install git

sudo torsocks apt install cmake build-essential libboost-all-dev libssl-dev libzmq3-dev libunbound-dev libminiupnpc-dev libunwind8-dev liblzma-dev libreadline6-dev libldns-dev libexpat1-dev

sudo torsocks apt-get install libgtest-dev && cd /usr/src/gtest && sudo cmake . && sudo make && sudo mv libg* /usr/lib/

sudo torsocks git clone https://github.com/monero-project/monero.git

ls -la

sudo chown tor-node. monero/
cd monero

make

Grab a Coffee while it compiles !!

Remote connecting to your .onion node

cd ~/Documents/monero/build/release/bin/

torsocks ./monero-wallet-cli --daemon-host 2fgjjj4lcsewduyb.onion:18081

or if you want to use GUI, make sure you add your .onion address in the gui -> settings -> remote node​​​​​

torsocks ./monero-wallet-gui

Fedora (client side)

During testing some of the users experienced problems using Fedora distro to connect to the .onion node, this problem seems to be related to Fedora provided binaries, compiling Tor and torsocks fixed it.

mkdir ~/Documents/tor

sudo dnf install git libevent libevent-devel openssl openssl-devel libtool autoconf asciidoc

cd ~/Documents/tor git clone https://git.torproject.org/tor.git

./autogen.sh

./configure make

sudo make install

cd ..

git clone https://git.torproject.org/torsocks.git

cd torsocks

./autogen.sh

./configure make

sudo make install

Edit torsocks.conf

sudo nano /etc/tor/torsocks.conf

-----------cut here --------------------------

TorAddress 127.0.0.1
TorPort 9050

OnionAddrRange 127.42.42.0/24

IsolatePID 1
-----------cut here --------------------------

sudo service tor restart

tor

torsocks ./monero-wallet-cli --daemon-host 2fgjjj4lcsewduyb.onion:18081

or if you want to use GUI, make sure you add your .onion address in the gui -> settings -> remote node​​​​​

torsocks ./monero-wallet-gui

Credits: kico, thrmo, mumuks, lithiumpt, et al.

Sources:

https://www.torproject.org/

https://git.torproject.org/torsocks.git

https://github.com/monero-project/monero

https://github.com/monero-project/monero.git

https://monero.stackexchange.com/questions/2761/what-is-the-fastest-way-to-synchronize-the-daemon/2762#2762

https://garlicgambit.wordpress.com/2017/01/15/monero-how-to-connect-wallet-to-tor-onion-service-node/

Donate:

by mining @ pool.xmr.pt

--

--