diff --git a/doc/TOR.md b/doc/TOR.md index 9a9215bb5..e81bf3c94 100644 --- a/doc/TOR.md +++ b/doc/TOR.md @@ -2,11 +2,8 @@ To use any Tor features with c-lightning you must have Tor installed and running. -Please note that nodes with V3 onion address i.e `vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion` -will not be reachable over Tor if your Tor version is below 0.3.2.2-alpha - -Connections to nodes with old Tor V2 address form with less than 10 char prefix before .onion -i.e.`3fyb44wdhnd2ghhl.onion` should work with any version of Tor. +Note that [Tor v2 onion services are deprecated since mid-2020](https://blog.torproject.org/v2-deprecation-timeline) +and that C-lightning deprecated their support since mid-2021. You can check your installed Tor version with `tor --version` or `sudo tor --version` @@ -284,8 +281,7 @@ You can then specify multiple `statictor:` options with different `BLOB`s. However, even if you have multiple persistent addresses, you can -only announce up to one each of a Tor V2 and a Tor V3 address. -`statictor:` uses Tor V3 addresses by default. +only announce up to one onion service (v3). This is a limitation of the BOLT spec. It is still possible for other nodes to contact you by those other hidden services. @@ -297,13 +293,6 @@ address. ##### Explicit Control -Add these lines in the `/etc/tor/torrc` file: - -```` -HiddenServiceDir /var/lib/tor/lightningd-service_v2/ -HiddenServicePort 1234 127.0.0.1:9735 -```` - If you want to create a version 3 address, you must also add `HiddenServiceVersion 3` so the whole section will be: @@ -323,49 +312,28 @@ Save the file and restart the Tor service. In linux: on the configuration of your system. You will find the newly created address with: - -``` -sudo cat /var/lib/tor/lightningd-service_v2/hostname -``` -or ``` sudo cat /var/lib/tor/lightningd-service_v3/hostname ``` -in the -case of a version 3 Tor address. Now you are able to create: -* Non-persistent version 2 .onion address via auto service (temp-v2) - -* Persistent version 2 and version 3 .onion addresseses (v2 and v3). +* Persistent version 3 hidden services. Let's see how to use them. ### What do we support -| Case # | IP Number | Tor address |Incoming / Outgoing Tor | +| Case # | IP Number | Hidden service |Incoming / Outgoing Tor | | ------- | ------------- | ------------------------- |------------------------- | 1 | Public | NO | Outgoing | -| 2 | Public | v2 [1] | Incoming [4] | -| 3 | Public | temp-v2 [2] | Incoming | -| 4 | Not Announced | v2 | Incoming | -| 5 | Not Announced | temp-v2 | Incoming | -| 6 | Public | v3 [3] + temp-v2 | Incoming | -| 7 | Not Announced | v3 + v2 + temp-v2 | Incoming | +| 6 | Public | v3 | Incoming [1] | +| 7 | Not Announced | v3 | Incoming | | 8 | Public | NO | Outcoing socks5 . | NOTE: -1. v2: The Version 2 onion address is persistent across Tor service restarts. -It is created when you create the [Tor Hidden Service](#Creation-of-an-hidden-service-for-a-persistent-onion-address). - -2. temp-v2: The Version 2 onion address changes at each restart of the Tor service. -A non-persistent .onion address is generated by accessing an [auto service](#creation-of-an-auto-service-for-non-persistent-onion-addresses). - -3. All the v3 addresses refer to [.onion addresses version 3]. - -4. In all the "Incoming" use case, the node can also make "Outgoing" Tor +1. In all the "Incoming" use case, the node can also make "Outgoing" Tor connections (connect to a .onion address) by adding the `--proxy=127.0.0.1:9050` option. @@ -493,13 +461,12 @@ Other nodes will not be able to `connect` to you unless you communicate them how You will find your .onion address with the command `lightning-cli getinfo` and the other nodes will be able to connect to it through the 9735 port. -#### Case #6 c-lightning has a public IP address and a fixed Tor V3 service address and a Tor V2 service address +#### Case #6 c-lightning has a public IP address and a fixed Tor v3 hidden service -You will be reachable via Clearnet, via Tor to the .onion V3 address and the -.onion V2 address if this last is communicated to the node that wants to +You will be reachable via Clearnet, via Tor to the .onion if it is communicated to the node that wants to connect with our node. -to make your external IP address public you add: +To make your external IP address public you add: ``` --bind-addr=yourInternalAddress:port --announce-addr=yourexternalIPAddress:port`. ``` @@ -509,15 +476,13 @@ If the node is not on an internal network the option will be: Once the .onion addresses have been created with the procedures [oulined above](#creation-of-an-hidden-service-for-a-persistent-onion-address), the node is already reachable at the .onion address. -To make your external .onion addresses public you add: +To make your external hidden service public you add: ``` ---announce-addr=.onionAddressV2:port --announce-addr=.onionAddressV3:port +--announce-addr=.onionAddressV3:port ``` to the options to publish your IP number. -#### Case #7 c-lightning has no public IP address, a fixed Tor V3 service address, a fixed Tor V2 service address and also a 3rd non persisten V2 address - -External users can connect to this node by Tor V2 and V3 and a random V2 until next tor release, then also (V3 randomly). +#### Case #7 c-lightning has no public IP address, a fixed Tor V3 service address The Persistent addresses can be created with the steps [outlined above](#creation-of-an-hidden-service-for-a-persistent-onion-address). @@ -529,9 +494,9 @@ Also you must specify `--tor-service-password=yourpassword` (not the hash) to ac Tor service at 9051 If you have protected them with the password (no additional options if they are protected with a cookie file. [See above](#creation-of-an-auto-service-for-non-persistent-onion-addresses)). -To make your external .onion address (V2 and V3) public you add: +To make your external onion service public you add: ``` ---bind-addr=yourInternalIPAddress:port --announce-addr=your.onionAddressV2:port --announce-addr=your.onionAddressV3:port +--bind-addr=yourInternalIPAddress:port --announce-addr=your.onionAddressV3:port ``` #### Case #8 c-lightning has a public IP address and no Tor addresses