Onionservice is a minimal requirement, portable collection of scripts and documentation to help the service operator juggle (manage) his onion(s).
WARNING: do not trust this repo yet
, backup your hs keys in another location. This project has not been released and should be considered for development only.
History
This project was started after seeing the amazing OnionShare CLI python scripts, which possibilitates ephemeral onion services that never touch the disk and can be run on Tails or Whonix easily. Then after seeing the RaspiBlitz onion service bash script for the Raspberry Pi, the idea to port it to any Debian distribution started. As the idea grew, using GNU Bash and Linux was a single point of failure 1 2, so the making the script POSIX compliant to be compatible with any Unix-like system was a definitive goal.
The goal of this project is:
Mitigation from a single point of failure:
Linux
to also BSD
and any other Unix-like system.Bash
to also any POSIX shell such as ksh
, (y,d)ash
and Zsh
(emulating sh).Systemd
to also RC
, OpenRC
, SysVinit
, Runit
.Editing the tor configuration file (torrc) is not difficult, but automation solves problem of misconfiguration and having:
<HiddenServiceDir>/authorized_clients/<client>.auth
. If any client is configured, the service will not be acessible without authentication.<ClientOnionAuthDir>/<SOME_ONION>.auth_private
.torrc
lines containing hidden service configuration, all of your directories of HiddenServiceDir
and ClientOnionAuthDir
.torrc
and the directories HiddenServiceDir
and ClientOnionAuthDir
to your current system. This option should be used after creating a backup and importing to the current host.dialog
and whiptail
.@all
to include all services or clients depending on the option --service
or --client
, list enabled arguments[SERV1,SERV2,...]
and [CLIENT1,CLIENT2,...]
, the command will loop the variables and apply the combination.doas
or sudo
.dash
0.5.4+, bash
2.03+, ksh
88+, mksh
R28+, yash
2.29+, busybox ash
1.1.3+, zsh
3.1.9+ (zsh --emulate sh
) etc.If using Vanguards, python2.6
is the minimal required for Stem, but it is not going to be installed by default.
git clone https://github.com/nyxnor/onionjuggler.git
cd onionjuggler
et custom variables
You should not modify the default configuration on /etc/onionjuggler/onionjuggler.conf
, it will be modified on every update. Your local configurations should be on /etc/onionjuggler/conf.d/*.conf
.
To assign values to the variables, yyou can either:
or insert configuration to the end of the file with tee:
printf “su_cmd=\”sudo\”\n” | tee -a /etc/onionjuggler/cond.d/local.conf
or edit with sed:
sed -i” “s|^su_cmd=.*|su_cmd=\”doas\”|” /etc/onionjuggler/cond.d/local.conf
Setup the enviroment
Run from inside the cloned repository to create the tor directories, create manual pages and copy scripts to path:
./configure.sh –install
Usage
configure.sh setup the environment for OnionJuggler by adding the scripts and manual pages to path and detecting your operating system to fit with its default configuration. It can also be used to uninstall. Common development use is to create manual pages, check shell syntax and do all of the aforementioned and give the git status for files to be commited. The update option is raw and only recommended for development as of now.
Install
configure.sh –install ## -i
Uninstall
configure.sh –uninstall ## -d
Update
configure.sh –update ## -u
tui
onionjuggler-tui wraps the CLI in a Terminal User Interface. Some TUI options will let you edit the authorization files, which is recommended to set your favorite text editor to an environment variable that will be tried on the following order: DOAS_EDITOR
/SUDO_EDITOR
, if empty will try VISUAL
, if empty will try EDITOR
, if empty WILL fallback to Vi
.
Read the tui manual
man onionjuggler-tui
To use the TUI, just run:
onionjuggler-tui
cli
onionjuggler-cli is the main script that manages the HiddenServices. Take a look at the documentation inside docs
folder, there are many other onion services management guides. Read:
Don’t forget the cli manual and the conf manual for advanced usage:
man onionjuggler-cli
man onionjuggler.conf
To create a service named terminator
, it is as easy as possible:
onionjuggler-cli activate -s terminator -p 80
But can be as advanced as specifying all the parameters:
onionjuggler-cli activate –service terminator –socket unix –version 3 –port 80,127.0.0.1:80
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…