annotate mod_onions.wiki @ 443:aed976928537

mod_s2s_auth_dnssec_srv: Note about merger into DANE module
author Kim Alvefur <zash@zash.se>
date Tue, 25 Mar 2014 11:33:15 +0100
parents c133cef513f9
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
361
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
1 #summary s2s to Tor hidden services
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
2 #labels Stage-Alpha
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
3
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
4 = Introduction =
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
5
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
6 This plugin allows Prosody to connect to other servers that are running as a Tor hidden service. Running Prosody on a hidden service works without this module, this module is only necessary to allow Prosody to federate to hidden XMPP servers.
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
7
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
8 For general info about creating a hidden service, see https://www.torproject.org/docs/tor-hidden-service.html.en.
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
9
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
10 = Usage =
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
11 This module depends on the bit32 Lua library.
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
12
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
13 To create a hidden service that can federate with other hidden XMPP servers, first add a hidden serivce to Tor. It should listen on port 5269 and optionally also on 5222 (if c2s connections to the hidden service should be allowed).
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
14
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
15 Use the hostname that Tor gives with a virtualhost:
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
16
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
17 {{{
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
18 VirtualHost "555abcdefhijklmn.onion"
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
19 modules_enabled = { "onions" };
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
20 }}}
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
21
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
22 = Configuration =
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
23 || *Name* || *Description* || *Type* || *Default value* ||
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
24 || onions_socks5_host || the host to connect to for Tor's SOCKS5 proxy || string || "127.0.0.1" ||
362
c133cef513f9 Edited wiki page mod_onions through web user interface.
thijsalkemade@gmail.com
parents: 361
diff changeset
25 || onions_socks5_port || the port to connect to for Tor's SOCKS5 proxy || integer || 9050 ||
361
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
26 || onions_only || forbid all connection attempts to non-onion servers || boolean || false ||
362
c133cef513f9 Edited wiki page mod_onions through web user interface.
thijsalkemade@gmail.com
parents: 361
diff changeset
27 || onions_tor_all || pass all s2s connections through Tor || boolean || false ||
361
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
28
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
29
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
30 = Compatibility =
e935bb1e8299 Created wiki page through web user interface.
thijsalkemade@gmail.com
parents:
diff changeset
31 ||0.8||Doesn't work||
362
c133cef513f9 Edited wiki page mod_onions through web user interface.
thijsalkemade@gmail.com
parents: 361
diff changeset
32 ||0.9||Works||
c133cef513f9 Edited wiki page mod_onions through web user interface.
thijsalkemade@gmail.com
parents: 361
diff changeset
33
c133cef513f9 Edited wiki page mod_onions through web user interface.
thijsalkemade@gmail.com
parents: 361
diff changeset
34 = Security considerations =
c133cef513f9 Edited wiki page mod_onions through web user interface.
thijsalkemade@gmail.com
parents: 361
diff changeset
35 * Running a hidden service on a server together with a normal server might expose the hidden service.
c133cef513f9 Edited wiki page mod_onions through web user interface.
thijsalkemade@gmail.com
parents: 361
diff changeset
36 * A hidden service that wants to remain hidden should either disallow s2s to non-hidden servers or pass all s2s traffic through Tor (setting either {{{onions_only}}} or {{{onions_tor_all}}}).