在AWS中为Tor配置隐藏服务

时间:2016-10-20 14:57:18

标签: amazon-web-services ubuntu nginx amazon-ec2 tor

有人可以查看此配置的错误吗?

AWS信息:

EC2: Ubuntu 16.04.1 LTS(GNU / Linux 4.4.0-45-generic x86_64)

安全组:

HTTP TCP 80 0.0.0.0/0

SSH TCP 22 0.0.0.0/0

ubuntu @ ip-172-31-58-168:〜$ tor --version 

Tor version 0.2.8.9 (git-cabd4ef300c6b3d6).

ubuntu @ ip-172-31-58-168:〜$ nginx -v 

nginx version: nginx/1.10.2

ubuntu @ ip-172-31-58-168:〜$ sudo service tor status 

● tor.service - Anonymizing overlay network for TCP (multi-instance-master)
   Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
   Active: active (exited) since Thu 2016-10-20 10:03:51 ART; 1h 2min ago
  Process: 667 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 667 (code=exited, status=0/SUCCESS)
    Tasks: 0
   Memory: 0B
      CPU: 0
   CGroup: /system.slice/tor.service

Oct 20 10:03:50 ip-172-31-58-168 systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)...
Oct 20 10:03:51 ip-172-31-58-168 systemd[1]: Started Anonymizing overlay network for TCP (multi-instance-master).

ubuntu @ ip-172-31-58-168:〜$ sudo service nginx status 

● nginx.service - LSB: Stop/start nginx
   Loaded: loaded (/etc/init.d/nginx; bad; vendor preset: enabled)
   Active: active (running) since Thu 2016-10-20 10:04:23 ART; 1h 2min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 1284 ExecStart=/etc/init.d/nginx start (code=exited, status=0/SUCCESS)
    Tasks: 2
   Memory: 2.6M
      CPU: 14ms
   CGroup: /system.slice/nginx.service
           ├─1332 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.con
           └─1333 nginx: worker process                   

Oct 20 10:04:23 ip-172-31-58-168 systemd[1]: Starting LSB: Stop/start nginx...
Oct 20 10:04:23 ip-172-31-58-168 systemd[1]: Started LSB: Stop/start nginx.

torrc(Tor配置文件)

ubuntu@ip-172-31-58-168:~$ cat /etc/tor/torrc
HiddenServiceDir /var/lib/tor/sitio1
HiddenServicePort 80 127.0.0.1:81

hostname和private_key文件:

root@ip-172-31-58-168:/home/ubuntu# cat /var/lib/tor/sitio1/hostname 
zptym3k5xi2dyngl.onion

root@ip-172-31-58-168:/home/ubuntu# cat /var/lib/tor/sitio1/private_key 
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDPVfcNF7uaBTqgLZqfr9zOQKCXF4g5FsMFa+u8I46d4/UAgODD
w+DxpUf/wPM7ibSLPuuVU/WTq2+fMu8QXTX+AuMboca0REeSuxb+NUOQxpEBxKHy
vqKB6emRA3D6X1e2X1i2f/dC2kqa/8nkuTOw+nUJthGYHHlN5xlAyVl72QIDAQAB
AoGARIzDlcyW9iFsdLEfQlS+yGKNtebN3zIrYIuB8T5AVOudgYEazx7gLITc/S4q
PlalalallalalalalalalalalalalalalalalalalaxTsb3lKt1EAyF049lX9MKj
qPDLOyAFFW9SQq/HCe5stnQl1zLfRIbbhTX6esArvLnv7VECQQD9PsT8AnVvh9J4
ybzJr5M2KZxy90rGmeWCZLB0l3UHxX2AKOIWC9qekeAURqHRN9Ys9iWY4TgEQunN
vRK+4YM3AkEA0ZdZKsx/s1DDaaieSn4h7zez7bpXYCTnSGzYTelPaiRMrpo9Lmyu
3GFsW9zOWzJmHNxsSczxQWDeLx3t/FShbwJARtppApktgibeHC1VRJh694xs2T2X
DjnAnNrPA8/cTnBSzKijmMd4QyVNLF8Wpxputoelqueleeat84IS3JT7wQJAEICC
HMSNKWkqeZ81F1hnA5a3K/iH+KHvM9yeC0RbZFgHUZgDSSx1eBSTm4f/F18Yex0/
yW/BbwxZcgxBOKTRholaZHM2UZ3TG6DfdYxY/Pur9/rlbXMGhx1RJnbdWFkC1CnW
9D9i6oto0iWHS9c46o3phYDceWC9/tuh04NboXBsKg==
-----END RSA PRIVATE KEY-----

nginx站点配置文件

root@ip-172-31-58-168:/home/ubuntu# cat /etc/nginx/conf.d/sitio1.onion 

    server {
        listen       81;
        server_name  zptym3k5xi2dyngl.onion;

        root   /directorio/carpeta/sitio1;
        index  index.php index.html index.htm;

        access_log  /directorio/de/los/logs/hidden-access.log;
        error_log   /directorio/de/los/logs/hidden-error.log;

        error_page 404 /404.html;
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root /usr/share/nginx/html;
        }

        location ~ \.php$ {
            try_files $uri =404;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
        }
    }

最后,syslog和tor log 

root@ip-172-31-58-168:/home/ubuntu# cat /var/log/syslog
Oct 20 10:04:21 ip-172-31-58-168 systemd[1]: Starting Anonymizing overlay network for TCP...
Oct 20 10:04:22 ip-172-31-58-168 tor[1162]: Oct 20 10:04:22.078 [notice] Tor v0.2.8.9 (git-cabd4ef300c6b3d6) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g and Zlib 1.2.8.
Oct 20 10:04:22 ip-172-31-58-168 tor[1162]: Oct 20 10:04:22.079 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Oct 20 10:04:22 ip-172-31-58-168 tor[1162]: Oct 20 10:04:22.080 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Oct 20 10:04:22 ip-172-31-58-168 tor[1162]: Oct 20 10:04:22.080 [notice] Read configuration file "/etc/tor/torrc".
Oct 20 10:04:22 ip-172-31-58-168 tor[1162]: Configuration was valid
Oct 20 10:04:22 ip-172-31-58-168 tor[1168]: Oct 20 10:04:22.215 [notice] Tor v0.2.8.9 (git-cabd4ef300c6b3d6) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g and Zlib 1.2.8.
Oct 20 10:04:22 ip-172-31-58-168 tor[1168]: Oct 20 10:04:22.229 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Oct 20 10:04:22 ip-172-31-58-168 tor[1168]: Oct 20 10:04:22.229 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Oct 20 10:04:22 ip-172-31-58-168 tor[1168]: Oct 20 10:04:22.229 [notice] Read configuration file "/etc/tor/torrc".
Oct 20 10:04:22 ip-172-31-58-168 tor[1168]: Oct 20 10:04:22.241 [notice] Opening Socks listener on 127.0.0.1:9050
Oct 20 10:04:22 ip-172-31-58-168 systemd[1]: Started Anonymizing overlay network for TCP.


root@ip-172-31-58-168:/home/ubuntu# cat /var/log/tor/log 
Oct 20 10:04:22.000 [notice] Tor 0.2.8.9 (git-cabd4ef300c6b3d6) opening log file.
Oct 20 10:04:22.215 [notice] Tor v0.2.8.9 (git-cabd4ef300c6b3d6) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.2g and Zlib 1.2.8.
Oct 20 10:04:22.229 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Oct 20 10:04:22.229 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
Oct 20 10:04:22.229 [notice] Read configuration file "/etc/tor/torrc".
Oct 20 10:04:22.241 [notice] Opening Socks listener on 127.0.0.1:9050
Oct 20 10:04:22.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Oct 20 10:04:22.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Oct 20 10:04:22.000 [notice] Bootstrapped 0%: Starting
Oct 20 10:04:22.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Oct 20 10:04:22.000 [notice] Signaled readiness to systemd
Oct 20 10:04:23.000 [notice] Opening Socks listener on /var/run/tor/socks
Oct 20 10:04:23.000 [notice] Opening Control listener on /var/run/tor/control
Oct 20 10:04:24.000 [notice] Bootstrapped 85%: Finishing handshake with first hop
Oct 20 10:04:24.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Oct 20 10:04:24.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
Oct 20 10:04:24.000 [notice] Bootstrapped 100%: Done

流量到达我的隐藏服务但是"无法连接"

arm - screenshot

这个确切的配置适用于我家的服务器。

0 个答案:

没有答案
相关问题
最新问题