[tor-talk] hiddden service on openwrt

Griffin Boyce griffin at cryptolab.net
Mon Apr 27 14:17:15 UTC 2015 

Yuri wrote:
> m.wegener at 466buer.de wrote:
>> 
>> as this is under "oldpackages" (sept. 2014) I don know wether this 
>> package might get updated or not.
>> 
>> Right now, I'm creating the Openwrt - cross compile enviroment, takes 
>> longer than excpeted; though I keep beeing patient :)
> 
> You also need to make sure OpenWRT signs packages with their private
> key. Google search results don't contain anything that confirms that
> they are. Somebody mentioned this here before.
> Because if they don't sign packages, it doesn't make sense to even use 
> OpenWRT.
> 
> Yuri

   While working as part of Commotion Wireless [1] (which is built upon 
openwrt), I wound up experimenting a lot with different tor+openwrt and 
tor+commotion configurations.

   I've run hidden services successfully on TP-Link WDR-4300 -- they have 
8mb of flash (storage), 128mb ram, and 2 usb ports.  With an added flash 
drive it's basically a small server.  For the size-conscious, you can 
also run a hidden service on a TP-Link 3040, but it gets a lot trickier 
as you only have 32mb of ram to work with.  For all sorts of reasons I 
wouldn't recommend being a bridge/middle/exit node while running a 
hidden service (especially on a router, which is already extremely 
resource-constrained).

   OpenWRT and Commotion both come with uhttpd (+cyassl), which is fine 
to run basic websites and distribute files. It's also built into 
openwrt.  There's also mini-httpd, which is quite popular.  But if 
you're already using a flash drive as a surrogate hard drive, the 12kb 
difference over uhttpd isn't going to really help.  Of course, 
Apache/nginx/lighttpd are all available.

   The  flash and ram on Ubiquiti pico/nanostations are too low to do 
much of anything except run OpenWRT and act as access points.  And 
anything that is power-over-ethernet is going to be very difficult to 
run a hidden service on full stop.

best,
Griffin

[1] I was briefly working on making a related package for openwrt but 
stopped because of Reasons.


-- 
“Sometimes the questions are complicated and the answers are simple.”
― Dr. Seuss

More information about the tor-talk mailing list