We're missing documentation on how to run Mastodon as a hidden (e.g. #Tor) service. If you know how to do it, please either submit it or tell me so I can write it down


@Gargron Requires ssl so it's like normal but you need to have a self signed cert

@Sir_Boops Imagine you're explaining it to someone who never used Tor (because you are)


> Setup mastodon following the usual steps except generate a self-signed cert ( Because you /can't/ get certs for .onion addresses )

> Install tor and add append these three lines to the end of the torrc file

HiddenServiceDir /var/lib/tor/<some name>/
HiddenServicePort 80
HiddenServicePort 443

And that's it it's now on tor

Now it won't fed because other instances won't take the broken ssl but that's a masto issue ;p

@Sir_Boops @Gargron If you're using Debian Testing (or even Debian Sid), you can pull tor from Debian's repos

It is also recommended to use the new version of Onion Services by adding HiddenServiceVersion 3 right after what Sir_Boops said, as explained here: torproject.org/docs/tor-onion-


@mrtino @Gargron v3s are buggy af

I havn't used them in a while so they might be better now but when I was using them half the time they'd take a good 30 min to start working where-as v2 is near-instant

· · Web · 2 · 0 · 0

@Sir_Boops @mrtino Wait hold on so federation with Tor instances doesn't work? The person who submitted the changes that added Tor support didn't mention that

@Gargron @mrtino No federation with onion instances works just fine but those instances are modded to not use https at all

@Gargron @mrtino So when my instance talks to an onion instance ( Hi @notjeff ) their instance will only talk using http

Hopefully I'm making some sense x.x

@Sir_Boops @mrtino But he have those rules where https is required in ActivityPub URIs, and I don't believe there is a special case for Tor there.

@Gargron @mrtino afaik Masto will just send to whatever the server tells it You tell it http it'll use http

Also I can't connect to that instance over https so masto has to be using http

@Sir_Boops @mrtino @Gargron Ahhh thank you, I just noticed that Pleroma/Anarogu (this instance) was down x3

@Sir_Boops @Gargron @mrtino onion routing and https are doing basically the same job (ensuring that you're talking to who you think you are and hiding the data from MITM attacks) so there's no real reason to use both

@Sir_Boops @Gargron @mrtino the difference is that onion routing confirms the identity by making it really hard to claim a specific identity (you'd need to generate a key with the same hash) whereas HTTPS confirms the identity of something human-readable (a domain name) and therefore requires at least some level of trust in the certificate before you can send any data

Sign in to participate in the conversation
Sergal.org - Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!