aljaz/lightning
1
0
Fork 0
mirror of https://github.com/aljazceru/lightning.git synced 2025-12-19 15:14:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

doc/TOR: remove references to deprecated v2 hidden services

Browse Source 
The doc is really confusing and would probably need a refactor, i did my
best to remove references to v2 services without losing any meaning...

Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
This commit is contained in:
Antoine Poinsot
2021-05-21 17:10:41 +02:00
committed by Rusty Russell
parent e6527ccece
commit 9a363c6f9e
1 changed files with 16 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
doc/TOR.md
View File

@@ -2,11 +2,8 @@
To use any Tor features with c-lightning you must have Tor installed and running. To use any Tor features with c-lightning you must have Tor installed and running.
Please note that nodes with V3 onion address i.e `vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion` Note that [Tor v2 onion services are deprecated since mid-2020](https://blog.torproject.org/v2-deprecation-timeline)
will not be reachable over Tor if your Tor version is below 0.3.2.2-alpha and that C-lightning deprecated their support since mid-2021.
Connections to nodes with old Tor V2 address form with less than 10 char prefix before .onion
i.e.`3fyb44wdhnd2ghhl.onion` should work with any version of Tor.
You can check your installed Tor version with `tor --version` or `sudo tor --version` You can check your installed Tor version with `tor --version` or `sudo tor --version`
@@ -284,8 +281,7 @@ You can then specify multiple `statictor:` options with different
`BLOB`s. `BLOB`s.
However, even if you have multiple persistent addresses, you can However, even if you have multiple persistent addresses, you can
only announce up to one each of a Tor V2 and a Tor V3 address. only announce up to one onion service (v3).
`statictor:` uses Tor V3 addresses by default.
This is a limitation of the BOLT spec. This is a limitation of the BOLT spec.
It is still possible for other nodes to contact you by those It is still possible for other nodes to contact you by those
other hidden services. other hidden services.
@@ -297,13 +293,6 @@ address.
##### Explicit Control ##### Explicit Control
Add these lines in the `/etc/tor/torrc` file:
````
HiddenServiceDir /var/lib/tor/lightningd-service_v2/
HiddenServicePort 1234 127.0.0.1:9735
````
If you want to create a version 3 address, you must also add `HiddenServiceVersion 3` so If you want to create a version 3 address, you must also add `HiddenServiceVersion 3` so
the whole section will be: the whole section will be:
@@ -323,49 +312,28 @@ Save the file and restart the Tor service. In linux:
on the configuration of your system. on the configuration of your system.
You will find the newly created address with: You will find the newly created address with:
```
sudo cat /var/lib/tor/lightningd-service_v2/hostname
```
or
``` ```
sudo cat /var/lib/tor/lightningd-service_v3/hostname sudo cat /var/lib/tor/lightningd-service_v3/hostname
``` ```
in the
case of a version 3 Tor address.
Now you are able to create: Now you are able to create:
* Non-persistent version 2 .onion address via auto service (temp-v2) * Persistent version 3 hidden services.
* Persistent version 2 and version 3 .onion addresseses (v2 and v3).
Let's see how to use them. Let's see how to use them.
### What do we support ### What do we support
| Case # | IP Number | Tor address |Incoming / Outgoing Tor | | Case # | IP Number | Hidden service |Incoming / Outgoing Tor |
| ------- | ------------- | ------------------------- |------------------------- | ------- | ------------- | ------------------------- |-------------------------
| 1 | Public | NO | Outgoing | | 1 | Public | NO | Outgoing |
| 2 | Public | v2 [1] | Incoming [4] | | 6 | Public | v3 | Incoming [1] |
| 3 | Public | temp-v2 [2] | Incoming | | 7 | Not Announced | v3 | Incoming |
| 4 | Not Announced | v2 | Incoming |
| 5 | Not Announced | temp-v2 | Incoming |
| 6 | Public | v3 [3] + temp-v2 | Incoming |
| 7 | Not Announced | v3 + v2 + temp-v2 | Incoming |
| 8 | Public | NO | Outcoing socks5 . | | 8 | Public | NO | Outcoing socks5 . |
NOTE: NOTE:
1. v2: The Version 2 onion address is persistent across Tor service restarts. 1. In all the "Incoming" use case, the node can also make "Outgoing" Tor
It is created when you create the [Tor Hidden Service](#Creation-of-an-hidden-service-for-a-persistent-onion-address).
2. temp-v2: The Version 2 onion address changes at each restart of the Tor service.
A non-persistent .onion address is generated by accessing an [auto service](#creation-of-an-auto-service-for-non-persistent-onion-addresses).
3. All the v3 addresses refer to [.onion addresses version 3].
4. In all the "Incoming" use case, the node can also make "Outgoing" Tor
connections (connect to a .onion address) by adding the connections (connect to a .onion address) by adding the
`--proxy=127.0.0.1:9050` option. `--proxy=127.0.0.1:9050` option.
@@ -493,13 +461,12 @@ Other nodes will not be able to `connect` to you unless you communicate them how
You will find your .onion address with the command `lightning-cli getinfo` and the other nodes will You will find your .onion address with the command `lightning-cli getinfo` and the other nodes will
be able to connect to it through the 9735 port. be able to connect to it through the 9735 port.
#### Case #6 c-lightning has a public IP address and a fixed Tor V3 service address and a Tor V2 service address #### Case #6 c-lightning has a public IP address and a fixed Tor v3 hidden service
You will be reachable via Clearnet, via Tor to the .onion V3 address and the You will be reachable via Clearnet, via Tor to the .onion if it is communicated to the node that wants to
.onion V2 address if this last is communicated to the node that wants to
connect with our node. connect with our node.
to make your external IP address public you add: To make your external IP address public you add:
``` ```
--bind-addr=yourInternalAddress:port --announce-addr=yourexternalIPAddress:port`. --bind-addr=yourInternalAddress:port --announce-addr=yourexternalIPAddress:port`.
``` ```
@@ -509,15 +476,13 @@ If the node is not on an internal network the option will be:
Once the .onion addresses have been created with the procedures [oulined above](#creation-of-an-hidden-service-for-a-persistent-onion-address), Once the .onion addresses have been created with the procedures [oulined above](#creation-of-an-hidden-service-for-a-persistent-onion-address),
the node is already reachable at the .onion address. the node is already reachable at the .onion address.
To make your external .onion addresses public you add: To make your external hidden service public you add:
``` ```
--announce-addr=.onionAddressV2:port --announce-addr=.onionAddressV3:port --announce-addr=.onionAddressV3:port
``` ```
to the options to publish your IP number. to the options to publish your IP number.
#### Case #7 c-lightning has no public IP address, a fixed Tor V3 service address, a fixed Tor V2 service address and also a 3rd non persisten V2 address #### Case #7 c-lightning has no public IP address, a fixed Tor V3 service address
External users can connect to this node by Tor V2 and V3 and a random V2 until next tor release, then also (V3 randomly).
The Persistent addresses can be created with the steps [outlined above](#creation-of-an-hidden-service-for-a-persistent-onion-address). The Persistent addresses can be created with the steps [outlined above](#creation-of-an-hidden-service-for-a-persistent-onion-address).
@@ -529,9 +494,9 @@ Also you must specify `--tor-service-password=yourpassword` (not the hash) to ac
Tor service at 9051 If you have protected them with the password (no additional options if Tor service at 9051 If you have protected them with the password (no additional options if
they are protected with a cookie file. [See above](#creation-of-an-auto-service-for-non-persistent-onion-addresses)). they are protected with a cookie file. [See above](#creation-of-an-auto-service-for-non-persistent-onion-addresses)).
To make your external .onion address (V2 and V3) public you add: To make your external onion service public you add:
``` ```
--bind-addr=yourInternalIPAddress:port --announce-addr=your.onionAddressV2:port --announce-addr=your.onionAddressV3:port --bind-addr=yourInternalIPAddress:port --announce-addr=your.onionAddressV3:port
``` ```
#### Case #8 c-lightning has a public IP address and no Tor addresses #### Case #8 c-lightning has a public IP address and no Tor addresses