I am of the view having a .gopher and .onion version of sites is important for avoiding government blocking where possible and to keep information as free as possible.
> I'm not sure if this is generally considered acceptable within the Tor network
Tor is already encrypted, that’s why you don’t need TLS. Some services (Like the hidden service from Facebook back in the days) have https but that was more of a vanity from what I remember.
It is also very useful to expose services to the world wide web behind a restrictive network, Tor takes care of the Nat punching and all that jazz, and you get free dns and encryption as an extra bonus :)
NAT punching to ssh is an incredibly useful feature of this kind of setup. As long as the machine has an internet connection, and you know the onion URL, you can tunnel into it and proceed from there. I usually do this to any machine I'm putting behind NAT.
I don't know if onion links are discoverable/crawlable, so I can't claim if this is more secure than just listening on port 22 on the open internet.
torsocks is a very useful tool for easily running programs like ssh through tor with no advance setup.
One problem with .onion is that it is not for casual sites or people trying to build lasting communities. The Tor Project only prioritizes security and they can and have and will again wipe out the entire tor web to nothing if they feel it is required by security. They have full control of the network. No v2 tor sites exist anymore, none of the communities, they were are just wiped out by the Tor Project because only their security use case matters. They care nothing for communities that use their software. Do not try to build communities on Tor .onion. It'll just be made inaccessible some day. All the hyperlinks will become useless. All the databases of sites, all the discussions, just gone. Because the tor project cannot abide potential lax security of older protocols.
.onion is not a way to own your domain. Even though you may have the private key and no one else does, the true owners of your domain remain the tor project themselves, as they can make it inaccessible to tor clients any time they want. They have before, they will again. And they aren't going to listen to any community feedback about it. Tor .onion is only for people that don't care about longevity or links working. Only for people who have 'security' as their number 1 and only concern.
I wasted a decade building my personal sites and casual communities on .onion. I won't be fooled again. A dot com or org is just as much mine as a .onion is, unfortunately, and at least those don't all disappear every 10 years.
I'm not an expert. I'm asking because I don't know.
Did I understand correctly? You can create a site with a .onion extension without a domain on a hosting service.
I'm thinking. If you can do it this way with .onion, can you do it with something else? That would be a bit unusual.
If that were possible, being able to customize the extensions would be interesting. Being able to customize brand names. Like .mybrand, or .egg, .bread, whatever you want.
20 comments
[ 3.0 ms ] story [ 34.3 ms ] threadTIL that Onion-Location is a header, only new about the <meta> element.
Tor is already encrypted, that’s why you don’t need TLS. Some services (Like the hidden service from Facebook back in the days) have https but that was more of a vanity from what I remember.
https://tpo.pages.torproject.net/core/arti/
https://gitlab.torproject.org/tpo/core/arti/-/blob/main/CHAN...
Hosting onion services is apparently still a work-in-progress, though, and turned off by default.
Just saying, this is an important distinction to me and I've been hosting tor nodes since the 2000s.
Archiving information, and making it available, is sometimes more powerful than anonymous proxying.
Especially if there's an anonymous proxy available to that archive. ;)
I don't know if onion links are discoverable/crawlable, so I can't claim if this is more secure than just listening on port 22 on the open internet.
torsocks is a very useful tool for easily running programs like ssh through tor with no advance setup.
That jazz is increasingly played by the same band of 185.220.0.0/16 exit nodes, and plays it in a scale which is all but Anonymian.
Noting the default configuration does not turn your server into a relay or exit node, in case anyone interprets this that way.
Thanks for offering a .onion, bookmarked for the caddy configuration.
.onion is not a way to own your domain. Even though you may have the private key and no one else does, the true owners of your domain remain the tor project themselves, as they can make it inaccessible to tor clients any time they want. They have before, they will again. And they aren't going to listen to any community feedback about it. Tor .onion is only for people that don't care about longevity or links working. Only for people who have 'security' as their number 1 and only concern.
I wasted a decade building my personal sites and casual communities on .onion. I won't be fooled again. A dot com or org is just as much mine as a .onion is, unfortunately, and at least those don't all disappear every 10 years.
Did I understand correctly? You can create a site with a .onion extension without a domain on a hosting service.
I'm thinking. If you can do it this way with .onion, can you do it with something else? That would be a bit unusual.
If that were possible, being able to customize the extensions would be interesting. Being able to customize brand names. Like .mybrand, or .egg, .bread, whatever you want.