OpenBSD is a new beast for me. I’m still learning, experimenting, and trying out new things. Yesterday I was able to create 3 onion services on it quite easily but it takes time to learn the correct order of operations and to learn how to find out why things don’t work when you think they should.

A word about OpenBSD

OpenBSD isn’t friendly to newbies. The developers, users, and management work to make the best and most secure OS that they can. When you work with OpenBSD, it is assumed that you have at least a moderate to advanced amount of Linux or Unix knowledge and experience before starting and that you know how to read documentation, man pages, etc. Don’t bother asking for help unless you’ve done your homework first. Here’s an unedited quote from a recent mailing list post:

Let me show you what it looks like from the internet’s point of view when I go to a simple website using a normal Browser (Brave):

111.222.333.444 - - [18/Dec/2019:16:29:05 +0000] “GET / HTTP/1.1” 200 7094 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36”

The 111.222.333.444 would be my IP address. With that, anyone can get a lot of information about. With just a simple google search, you can actually see in the general vicinity where an IP address originates from. For example, the public IP address for Google is 172.217.23.238. You can use services like https://whatismyipaddress.com/ to what company owns an IP and a map to where it is located. In this case, the IP for Google is probably in a datacenter in Kansas. When I look up my personal IP, the website shows a map of Prague and the company that I use for my internet provider.

Notes:

The following is a proof of concept tutorial on how to create a Tor onion service on Windows 10 using Ubuntu in Windows Subsystem for Linux. This has not been security tested by anyone in the Tor project. It is also not exactly the same directions that I would give someone who wants create an onion service in Linux. Namely that WSfL doesn’t use systemd the way it is meant to be used natively. Instead you have to start system daemons using the old SysV method with /etc/init.d/ Also, services do not continue running after the window has been closed. If someone can find a workaround for that, I’ll gladly update this tutorial.

We’ll do this in four parts for Windows, Linux, Mac, and Android users.

Windows

1. Go to: https://www.torproject.org/projects/torbrowser.html.en
2. Download the latest version for Windows
3. Run the installer
4. You will now see a new folder on your Desktop. Open that and run Tor Browser.
5. Click Connect
6. Congrats, you are on Tor!
7. Go to https://check.torproject.org/ in the Tor Browser

Linux

1. Go to: https://www.torproject.org/projects/torbrowser.html.en
2. Download the latest version for Linux
3. Open a command line
4. Unzip the application. Replace xxxxxx with the current version that you downloaded

tar -xvJf tor-browser-linux64-xxxxxx.tar.xz

10 hours of jetlag and rainy afternoon naps don’t mix. It’s 2 minutes to 2AM here in Provo, UT and I can’t sleep so I’m blogging.

I want to ssh into a machine that doesn’t have any external IP. In the case of my situation at home, I get a 192.168… IP from my ISP because of a shared connection. In other cases, I have VM’s with natted IP’s that also have no direct way in.