A little outdated, but still interesting.

https://pastebin.com/Fy6c1wB8

Note some formatting has been messed up. To get the original
pdf and script click the links below:
PDF:
https://docs.google.com/file/d/0Bw8hxGGZbI5dR2xmY1VuZmQ3ZFk/edit?usp=sharing
script:
https://docs.google.com/file/d/0Bw8hxGGZbI5dS3dNdmJrb3BzOEk/edit?usp=sharing

There is also a git repository with a lot of automated
scripts to use, I would suggest reading both, finding the
methods that work for you.
https://github.com/whackashoe/tor-hidden-service-setup/

Hidden Service Setup Guide for Newbies
Version .2
So, you've decided to set up a hidden service and join the
information underground? That's fantastic,
but be aware of what you're getting into. If you're setting
up a hidden service, you're probably doing so
because whatever you're publishing could put you at risk.
Maybe it's legal risk, maybe you might lose
your job, maybe your friends might disown you, or maybe you
might end up in prison for the rest of
your life or worse. It could also be that you're a Tor
fanatic and that you're setting up a hidden service
to help those who are taking the risk.
Tor is an amazing technology and there's lots of technology
that when combined with it can make your
hidden service almost bulletproof, but that doesn't mean you
can remove risk from the equation.
Whatever it is you're doing, you need to accept the risk and
the potential consequences. If you aren't
prepared to take the fall, you might want to reconsider what
you're doing or how you're doing it.
Nobody has ever been caught for running a hidden service and
those who will be will most likely do so
through their own stupid mistakes - Tor won't be at fault.
Tor is beautiful and so is the resistance to the
current system that is inherently built into it. If you're
ready to join the revolution and fall in love, be
my guest. All good things in life, all struggles must be
won. There is no easy way, this is a conflict.
Since you've taken it up to learn how to arm yourself, I'll
show you how to use your weapons.
Just as a clarification, I am not a lawyer. I'm not
qualified to give legal advice. You should learn about
what you're doing before you do it. This guide is not the
be-all end-all. You're going to have to use
your brain and some common sense if you're going to survive
out here. This guide is written for
laypersons, but that isn't an excuse for you not to do your
research. I didn't write this myself, it comes
from decades of research and work by individuals too
numerous to name. People have gotten hurt,
people have been thrown in jail, and some people have been
killed simply for taking the red pill.
I didn't write this guide to help people break laws. If you
do something stupid with this, it's your fault.
This, like the Tor software, is a tool and how you use it is
up to you.
There is no warranty of fitness or accuracy on this guide
whatsoever. You are using it at your own risk
and if you mess something up, it's not my fault. By using
this guide, you agree to hold its author(s)
harmless for any damage that may arise as a result.
This guide is anti-copyright. You are free to mercilessly
update it, edit it, share it, etc. If you give me
attribution, that's great but absolutely not required or
expected. If you have any questions/clafifications/
edits to the guide, you can reach me at
ringo{at}hackbloc.org. My PGP key is below:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (GNU/Linux)
mQGiBEniUKIRBADfn8kULsRd3si+zPnVbeVp4C/cjxfOxvPURPjRMDPRZPuD
uEI5
QIiMP+lZs0Y1BS/zubrwJ/R+knZW0dfkCbd0IBqhtcci4ZiDXRCNxxYow0My
sweG
sbZE0QY4T2u40ffOLs9m/ENiDebUxknTyAg8/Jim9aBdEDgurCc7HCX+iwCg
hfLh
1POMWQRkXB4zUmXQfp+u+0MD/j5SUN6ct6fH4ex3L/WeIHRA+PZXBEpQv5HC
wcYO
9VAtS0KYTtrBePXuhabjmiyhWIVsPHa8A+5RW3ONkK4gQ71E7sh2nu44p0rO
SVkz
9/ZQiHVCjxZJNhvCsabIFT2/G8OFo2XPnJ0+8Gfluueb5a/HKArUWHIvkws8
2kQ5
75RJBACJp436/Bvk/CpKDkIG8v/4dQkyNKhv5AEAbx3jNjdOAxNSK0tBaQAu
lgCk
GFNkk+wpv6OWaawgQzFh71KvmEswSLObXk+S6WZgC+Epy4XmfzzDG/gIHD0V
uBQ+
2D8JzFT/TiDMu6wdYu4kgDg5sO4a5Yzn7xoYMF5YWzXnPKhXi7QacmluZ28g
PHJp
bmdvQGhhY2tibG9jLm9yZz6IZgQTEQIAJgUCSeJQogIbIwUJAeEzgAYLCQgH
AwIE
FQIIAwQWAgMBAh4BAheAAAoJEFUc7QiIWsvrdtkAn3KtPdxxC/qWmmIFZ4Nc
4cFE
as42AJoDwdk/N9I3sPvc91wTTlbsKhoHLrkEDQRJ4lCiEBAAs2JYGr1k1Dgi
3DMyh0ziX+22tIWWyIJoGKWKFspA7nGeniOBodLBvR+POtqqGCh+bkm9I0X/
YMF9oVcP
xXBql7H6E4JSgtCk7xtohDpLlfcCpsddVxcJdXYLynTUMcmJtCER0bCNIkTm
YoV7
uNXAqmUNAp4zaI70yWsidpAVHme0+sBUYNinfBdlcaMddzslbDtRV7yGKgvW
3E5e
hPNTJ0pWF6WJg4VsEOFoP7pldtQ4YWScskvuCk957K4t4Of3QZs13Nn9sQZl
eFJU
E2L1bxEHuSqY/f1F/pbKmc7in8qkoBBAyhUbzCNxxELdof3uJpBy0pw0468G
vSyb
Z4jyh2XFvxFFAcelzc453y9GOylIC0OQczkrzOa6QrIWQSmeCzn/byjLoi+T
RFve
usRmJn5H9MJg+k+mG5LJM2mcyQJU2UOPDvSurKmk50vByBED6Qn5CvhXJp18
H6Uk
2r+PICG4h8aN9KZpSrMAqYggyKgAxHTlCaQzGCwvJGiX6lx6iIm2GLoqeHdR
HZZX
9XognVcbTwUWJkL0LR9nhm5U0GhFGM9eRdLw89C/Z/s1/Q/QLjoDh60qXcYo
+vFS
5bJtiT52HnlA002opyi+Zn5mk9aXQiksOJruIdNw1rvJSe+uAIYQeBv+rinx
zAyL
4f/p/+vvgnfgkEc2G1hLuGTvWMsAAwYP+gIhIgQ6UwQ0Bu1gyRN88Gs9H0fn
Q74Z
RmFXDgUtpn1YrFzFfTNegQh8vvgo1pXV4ZDPc0w9Cs8QHrspnkYrvSymAEmw
YtGd
nvnAVVROIJfN5d140Z1FJXCgFp/3m2SAX1omYyN3/5WX9ef1uaYWub48kSdq
fHlr
xe8Z15nXQ9E6WMgDtP5jXpfCkAnweW6/WSGRrHlRyBUevCTyRSZ4dwtim0GH
sls9
VbfDYWJVxiKWdgjtjg+PfsXrdQG2KICEHXprS9/tYCheWaHP4couXVHDPUNM
GK/w
HSYXbr0/xA0i0JHpRzVCDweKZ32hgbYkTXp0U7ArBYLtbfpWlB8uWHFFAIS5
yJQL
YMwc8/qFCgl5fUGMk4ZLTgbftQo/sfcOAIPQl2nVjhnvzucj8PgBBaJgH9OR
TpW6
89zIzOtfXfju0dq4LC6Xj4h6SA/duh8dEiBzewNJ1FwnlrywvaQjsVdx5+5R
olAk
gZKcT4hHCj+s2vCAyF5R70rfKkZkKhMuUzEWc4R4AzbkmI1eTtEl/FJVCzBs
JRan
HC+YMgCdf2ujTxvBltytpWrs0nvzFVY6+RyihQsqlV6KeOtDBTv38a8Q5gdA
RK0j
5og+X3SWHW0p29PSKk6a3NeSB08J0wlXsrNOJ/JXlYw/yIifZdgl6fO8V7rP
BoQt
xIQB5UKSXj8YiE8EGBECAA8FAkniUKICGwwFCQHhM4AACgkQVRztCIhay+vX
kQCf
beWbtPmJOWbXn+9LEaJTqcN73REAn2MmtesdDs24QjWfZeTfc8dyEZ2n
=O0oE
-----END PGP PUBLIC KEY BLOCK-----
Because this guide is written for newbies, it's not the best
way to do it. It's meant to be as easy and
secure as possible. If you learn more and work on this
knowledge-base for a few years, you'll look back
on this guide as ridiculous. You'll realize that it could
have been done easier, better, faster, and without
such a nice computer. Since you are probably a newbie, let's
define some important terms we'll be
using.
Administrator - An administrator controls the computer. They
can do system updates, install software,
and mess with all kinds of internal system things. In the
wrong hands (or in the case of a mis-typed
command), the administrator account can wreak all sorts of
havoc.
Anonymity - Anonymity is the ability to operate without
anybody knowing who you are. It is not an
absolute, you are simply more anonymous than the average
person. Any adversary, given sufficient
resources and time, can break your anonymity. If somebody
can buy and control every internet router
in the world (or even a fair portion of them), tracking
somebody through Tor would be fairly easy.
Fortunately, few people/organizations have this power and
even fewer use it for this purpose. In terms
of using Tor or running a hidden service, the goal is to
obscure your browsing profile which includes
things like your browser configuration and your IP address.
Adversary - The adversary is the enemy, the person or entity
you use Tor to defend against. Maybe it
is your government, the police, your boss, or your
significant other.
Algorithm - A method for encrypting data. It describes how
data should be encrypted and decrypted,
kind of like a recipe.
Boot - To turn on a computer or operating system
Command - A command is something you tell a computer to do.
We'll be issuing them through the
terminal aka the shell or command line. After you type
enter, the command is executed. For instance,
typing "ls" and then the enter key causes the computer to
list all the files/folder in the current directory.
Encryption - Encryption takes regular data (emails, files,
etc.) and turns it into unreadable data. Onlythose who know
the secret (a password, private key, etc.) can theoretically
access that data in a format
that is readable. Encryption is strong these days.
Flag - A flag (also called an option) is something that's
added onto a command to change the way it
operates. For instance, the cp command (copy) when invoked
(used) by typing 'cp oldfilelocation
newfilelocation' will copy a file from one location to
another. If you want to copy an entire folder, you
would type 'cp -r oldfolder newfolder'. The -r is the
recursive flag and it tells the copy command to go
inside directories. Flags can also have values in this
format (usually, but there are a few exceptions)
'command -flag anumberorsometext'
Identity Somebody or something that an entity claims to be.
This could be your name, a pseudonym
you use, or the name of a corporation. Identity is important
and when you're hosting a hidden service,
and should probably be kept secret. Identity is
authenticated by some form of credential, like an ID
card, a passphrase, or the address of your hidden service.
Your real world identity and the identity you
use on your hidden service should never come in contact
unless that's your goal.
Keyspace - A set of keys that could potentially be private
keys (ie keys that could unlock encryption).
The more keyspace you have, the more keys must be tried to
crack your encryption.
Linux - Linux is an operating system. It's actually just the
kernel of the operating system, but we'll call
it an operating system for simplicity's sake. Most servers
in the world run it (as opposed to Windows)
for the simple reason that it works better, is cheaper, is
faster, and is more secure. Linux (or at least the
variants we'll be using) is free (as in freedom) software.
You have the right to use it, copy it, give it to
friends, modify it for your own purposes, and distribute
those modifications. Being free (as in money)
is a byproduct of this. It's designed for communities and
built by communities. It's not built by a big
corporation or monitored by a government. There isn't one
person or entity who can backdoor it. It's
ours.
Noob/Newb/Newbie - Somebody who is new at something and
lacking or devoid of skill. This is who
this guide is written for.
Operating System - An operating system is what your computer
runs. The programs you run
communicate to the operating system and it handles all of
the hard stuff like writing to the hard drive,
managing memory, etc. Windows, OS X, and Linux are all
examples of operating systems.
Password - A password is used to protect unauthorized access
to whatever you're protecting. You use a
password on your email account, to enter a secret location,
etc.
Passphrase - This is like a password, but longer, harder to
guess, and much more secure.
Privacy - Privacy is the idea that a person has things or
information that should be kept inaccessible to
the rest of the world if the person so desires. Normally
these include things like medical records,
personal thoughts, and corporate records. Tor extends your
privacy by giving you control over what
you share and with whom. You get to decide if you want to be
identified and if you want to reveal your
true IP address. If you decide to post your personal
information online, you're giving up a lot of your
privacy. Like anonymity, privacy is not an absolute.
Private Key - In encryption, the private key is the secret
that is needed (usually in combination with a
passphrase) to decrypt information. You don't give this to
other people as it's private. If an adversaryobtains this
key and your password, they will be able to decrypt your
data. If they only have the private
key, cracking the password is still a fairly easy process.
Divulging your private key will result in your
encrypted data being unsafe.
Protocol - A standard procedure that is understood by more
than on party. A protocol insures that two
different entities can interact and produce a pre-designated
result, kind of like a recipe. For instance,
when you buy a hot dog, the protocol is that you pay for the
food before you get it. This insures that the
seller is not ripped off by you running away before paying.
If the seller decides to take the money and
run, you can always take the hot dog cart. Computers use
protocols to communicate information.
Random Unpredictable or difficult to predict. All modern
encryption relies on obtaining random data
to make private and public keys which in turn are used to
encrypt data. An adversary would have a hard
time guessing something random right? Random is also not a
binary as some data are more random
than others. The 'randomness' of a set of data is called its
entropy.
Security - Security is the degree of protection from forces
external from or internal to an entity. This
could be a fence around a building, laws that protect data,
or a firewall on your computer.
Sudo - A command that when used by allowed users executes a
given command as if the user were the
administrator.
Traffic - Stuff that goes over the network. This could be
web browsing, Tor connections, hidden
service downloads, or whatever.
Virtual Machine (VM) - A virtual machine is an operating
system that runs inside another operating
system. It is (often) completely separated from the other
operating system. It can't see files in the host
operating system, access the internal communications bus for
the host operating system, or see the IP
address of the host operating system. This is useful for
testing programs, sandboxing users, or
protecting information about your computer.
Ubuntu - Ubuntu is a distribution of Linux, think of it as a
'flavor'. A group of people took previous
Linux flavors and packaged it together with the goals of it
being newbie-friendly, compatible with as
much hardware as possible, and being flexible.
User - An account usually associated with a single person on
a machine. This user can log in and out of
the machine and is granted specific abilities
Great, you're this far and about a day or so away from
running a hidden service using this guide! This is
going to take a while and it's going to take even longer if
you have an older machine. I strongly suggest
that you grab some snacks and coffee before you start this.
As a note, this guide was designed for the
Ubuntu 9.04 release. If you're using a different version,
you'll have to adapt these instructions. The
computer you're running this on should be recent, something
made around 2005 or later. If your
machine came with XP installed, it may struggle a little.
Dual-core processors and processors with
hyperthreading will handle the load much better. 64bit
machines will as well, but many of the programs
I'm expecting you to use do not have 64-bit versions
available in the Ubuntu software repositories so
you may spend quite some time finding them manually or even
compiling them from scratch. You can
run a secure hidden service on a machine that came with
Windows 98, but it is much more complicated
and requires more knowledge than I can fit in a guide that
is already turning into a textbook. You'll also
need a way to burn CDs.In order to write this guide, a lot
of things had to be assumed. We are assuming there is no
all-knowing
entity watching the internet. This not true. If you do some
research about ECHELON, the UKUSA
agreement, or the history of the intelligence trade you'll
find this out. Rather, we're assuming that
entities capable of being all-knowing are also not concerned
with with whatever you're doing. Usually
divulging what they know would compromise their purpose and
therefore you have little to worry
about. We are assuming that encryption will protect you.
Again, intelligence agencies like the NSA can
probably break encryption but they won't for the reasons
stated above. In our model, we're also
assuming that the Tor software will never have
vulnerabilities that could result in an attacker running
remote code on your machine and that, if put at gunpoint,
the Tor developers would refuse to put in
backdoors or that in such a case somebody would notice.
We're also assuming that the Ubuntu
operating system doesn't have any major backdoors or that if
it did whoever used them wouldn't be
interested in you. Assuming all of this is a risk but we're
going to do it to keep both of us sane and
within the realm of possibilities that reality offers as
opposed to the possibilities that tin foil hat land
offers.
When you use a machine for a hidden service, it's absolutely
critical that you only use it for that
purpose. NEVER use it for anything else, especially
activities that have connection to you personally. It
might be obnoxious to have a computer you can never use, but
given the possible consequences it's
probably worth it. The same goes for your virtual machine
which we'll talk more about later. The more
programs you install on your hidden service machine, the
more avenues of attack you will create for
your adversary.
While this guide seeks to protect you from all reasonable
risks, you should realize that there are some
attacks this guide doesn't cover.
1. Cold Boot Attacks
One of the problems with encryption is that in order for it
to work, your computer has to know the
private key and any other information needed for decryption.
This information is stored in memory and
while memory isn't a good place to store things long term,
it does store data for an amount of time from
seconds to minutes after your machine has been turned off.
An adversary, knowing that they are facing
a locked down machine with lots of encryption, may perform a
cold boot attack. This involves turning
off your computer, spraying your memory with liquid nitrogen
(or something to keep it cold), and then
recovering your encryption key from memory. Once frozen,
data in memory can be retained (and then
further reconstructed) for hours. If you feel this is a
risk, you need to implement physical security
measures that deal with the possible threat. This could be
as simple as a laser tripwire on a door that
triggers a shutdown.
2. Radio Leakage, TEMPEST, etc.
All electronics create radio interference as a consequence
of their operation. While this radio
interference is often useless it can also provide valuable
information for your adversary. For instance,
the radio interference generated by keyboards can divulge
your passwords to an adversary sitting across
the street from your house. RF shielding is the only
solution for this problem and involves surrounding
your machine in some type of metal. This isn't all though,
as the power pull generated when you use thekeyboard, etc.
can also be monitored through your wall socket. I don't know
of any solutions to this.
One idea would be to lock your machine in a box with a UPS
to filter the electricity and a security
scheme similar to the one used to prevent cold boot attacks
but I'm not sure how effective this would
be.
3. Physical Security
An adversary may put a camera, microphone, or some other
recording device in the room with your
hidden service machine. If they capture your encryption
passphrase, your data will be compromised.
Recently the FBI and Secret Service used this technique
against a bust of the ShadowCrew carding
board and it's been used for a long time by both law
enforcement and intelligence. While using a
blanket will deter a camera, the audio generated by your
keyboard may not be sufficiently muffled to
stop a microphone from knowing what's going on.
4. Traffic Correlation
If your adversary suspects you run a hidden service, they
can watch your internet connection and try to
use traffic analysis to determine if the hidden service is
run on your network. If your adversary
downloads a few 50 megabyte files from your server and every
time around 50MB of encrypted traffic
goes across your network, it's pretty good evidence. Combine
that with shutting off the power to your
machine and watching the hidden service go down and you've
got somebody who knows what's going
on. There are creative ways of dealing with this such as
cover traffic, UPSs, redundant servers, and
physical security.
Installing Ubuntu
The first thing we need to do is download the version of
Ubuntu this guide was written for. In the event
that you're doing this in a time so far away that Ubuntu
9.04 is an outdated version, you can use the
newest version but realize that you might have to change
some of what this guide tells you to do to get
it to work. The fastest way to get the most recent release
is via BitTorrent. Not only is this usually
faster than downloading the file directly from Ubuntu, but
it also reduces load on their servers. You'll
need a BitTorrent program to do this. If you're doing this
on Windows, I suggest Vuze (vuze.com) but a
lot of people like uTorrent (utorrent.com). It doesn't
really matter what program you use.
You can grab the Ubuntu 9.04 Alternate Install CD at:
http://releases.ubuntu.com/9.04/ubuntu-9.04-alternate-i386.iso.torrent
While you're waiting for it to download, it might help to
look at some basic Linux commands. There's a
good tutorial at
http://www.reallylinux.com/docs/basic.shtml
Once you've downloaded the file (hopefully on a different
computer to make your life easier), I
encourage you to leave your BitTorrent program open (let it
seed) so that you upload the file to other
people. If there was nobody to help you get this file, you
wouldn't have it so please do your part and
seed for a day or two.You'll need to burn the ISO image to a
disk. Most commercial CD burning programs, such as Roxio or
Nero will do the trick. If you don't have one, you can get a
free ISO burner from
http://www.magiciso.com or go to http://download.com and
just search for ISO Burner.
Meanwhile, on the machine you're installing your hidden
service on...
1. Put the CD into your computer and then restart. On most
computers, this will cause it to boot off the
CD. If it doesn't (ie goes into Windows, etc.), you'll need
to change the 'boot order' in your BIOS. You
can Google on how to do this. Basically, right when you turn
your computer on (and before windows,
etc. loads), just quickly cycle through keys F1-F12, esc,
and del. If the computer starts beeping at you,
you usually have to wait a bit more. Make sure the CD-ROM
boots before the hard drive/hdd.
2. If you booted off the CD, choose the language you want
(using the up/down keys and enter) and then
select "Install Ubuntu"
3. You'll be asked to choose a language again at the next
screen. Keep in mind that (without additional
precautions), your webserver and any documents/emails/etc.
you produce on this machine will indicate
which language you chose to a trained eye.
4. Next you'll be choosing your time zone. Again, this is
something to think about wisely as people will
be able to tell what time zone you choose through your web
server, other services, etc. Think about
where you want your adversary to think you are ; )
5. You'll be asked if you want your keyboard layout
detected. I suggest you choose no unless you've
got a very weird keyboard. Then choose your keyboard's most
likely origin and you're set.
6. If you get an error saying that "network
autoconfiguration failed", it's probably because it doesn't
recognize your wireless card or that you're not plugged into
the internet. Just go to 'continue' and then
'do not configure network at this time'. This will get
sorted out later.
7. This is where you choose your computer's name. Usually
people name their computers after
themselves, but this wouldn't be a good idea here. I suggest
something generic like "computer" "laptop"
"desktop" etc. You can also choose something deliberately
deceptive to throw off an adversary who
may obtain this through leaks such as "windows machine".
8. The time zone seems like an obvious choice but again
consider what an adversary could gain from
knowing it.
9. CAUTION: THIS IS THE POINT IN THE SETUP PROCESS WHERE
EVERYTHING GETS
DELETED FROM YOUR HARD DRIVE. Before installing, you might
benefit from "wiping" your
hard drive as opposed to "deleting" the stuff on it, which
is analogous with removing all the highway
signs to New York City and hoping nobody will find it. The
city is still there. A good wiping program
called Darik's Boot and Nuke (dban.sourceforge.net) is
available for those who are interested.
This is where it can get tricky. If you don't know what
you're doing, it's best to just go with "guided -
use entire disk and set up encrypted LVM". You can also make
your own custom encrypted LVM but
this can always be changed later.
After you select this, it will ask you which hard drive to
partition. If you have multiples, you'll need toknow how big
each of them is and which you want to install Ubuntu on. If
you only have one (most
people), just select the only one that's available.
To finish this step, just select yes at the next screen.
10. Encrypting Your Hard Drive
This is where you choose the passphrase to encrypt your hard
drive. Under current US law, you cannot
be forced to give up your encryption passphrase in a
criminal proceeding (but that won't stop the judge
from jailing you for contempt or using other illegal tactics
to entice you) however in a civil proceeding
if encrypted data is subject to discovery you may have to.
Under UK law, you are required to give up
your password in certain circumstances but there's nothing
that can be done if you forget. In some
countries, you could go to jail for life or worse for not
giving up your passphrase.
If you're serious about this, you'll choose a good one and
only type it in under a blanket. Authorities
have been known to put cameras in vents, etc. to catch
passwords.
DO NOT USE:
Words found in the dictionary (or combinations thereof)
Words or phrases that could easily be associated with you
(your birthday, personal mantra, etc.)
Short passphrases
DO USE:
Letters, numbers, symbols, spaces, uppercase, and lowercase
A long passphrase
DO NOT:
Write down this password (unless to temporarily remember it
and make sure you keep a damn good
eye on it)
Share the password with anybody else unless they "need to
know" it to administrate the server
For more information about passphrases and how to choose a
good one (which is really important if
you want your data to stay private) see these links:
http://www.queen.clara.net/pgp/pass.html
http://www.iusmentis.com/security/passphrasefaq/
http://www.unix-ag.uni-kl.de/~conrad/krypto/passphrase-faq.html
11. Next it may ask you the "amount of volume group to use
for guided partitioning". Just use what it
suggests as the default.
12. Tell it to write the changes to disk and it will start
re-partitioning your hard drive. This basically
means it's setting it up so you can put data onto it,
dividing it up into the proper chunks and installing
the file system (which keeps track of where files physically
are on the hard drive, among other things).
It will also start installing Ubuntu. This may take a long
time, especially on computers with slow
drives, big drives, or a slow cd reader. Be patient.
13. Choosing a Username
Once your system is installed, you'll need to configure it.
The first thing you'll have to do is choose a
username. It's best if this can't be guessed, so choose
something random but also consider what your
adversary might know about you if they saw it. When you
choose your password, try and make it assecure as your
passphrase but don't make it the same. Also consider what
somebody might know if they
cracked your password. Under our model, the adversary will
never be able to find out this account
information but it never hurts to be safe.
14. Encrypting Your Home Directory
This doesn't really offer any additional protection and will
just slow your computer down. Your entire
disk is encrypted anyways.
15. Install Software
Now that you've answered a few questions, it's back to
watching the loading bar.
16. Set the Clocks
Once you're done installing software, it's going to ask you
about your system clock. In most cases,
choosing Yes is the best option here. After this the CD will
eject. You should remove it and then select
continue.
Configuring Ubuntu
Once you've logged into your system, the first thing you'll
want to do is select your software sources
and update your computer. Go to System> Administration>
Software Sources. You're presented with a
list of software sources from which you can update your
programs and install new ones. You should
make sure that "Canonical Supported" software is enabled. If
you have odd hardware (mainly laptops),
Ubuntu will need special drivers which aren't open source.
In this case, make sure you also enable
"Proprietary drivers".
One of the things that makes Ubuntu so powerful is its
community repositories. These contain
programs and updates that are contributed by community
members (other Ubuntu users). This is nice
because it allows you access to lots of software but it's a
security risk because you don't know who is
delivering it to you or making sure security updates are
available. Anybody can add any program to this
list (for instance, there was an insecure outdated version
of Tor in there for years), meaning that
theoretically somebody could put a trojan, backdoor, etc. in
there and you might accidentally install it. I
suggest turning off these repositories and manually enabling
them when you need specific programs.
Everything that's installed on your system right now will
update through Canonical (which we're
assuming for the sake of simplicity is 100% trustable
although this obviously isn't true).
Next go to the Updates tab and select "Install Security
Updates without Confirmation". Unless you plan
on sitting by your computer waiting for updates, this is the
best thing to do. It will insure that your
software is as secure and up-to-date as possible.
Now, go to Applications > Accessories > Terminal and type
the following commands (followed by
enter)
sudo gedit /etc/apt/sources.list
This will allow you to edit your software sources manually.
Because Ubuntu's software repositories
don't contain an up-to-date version of Tor, we'll be using
the noreply.org repositories which are updated
on a regular basis. Now, add the following two lines:
deb http://mirror.noreply.org/pub/tor jaunty maindeb-src
http://mirror.noreply.org/pub/tor jaunty main
Now exit and save the file. Back to the terminal. Type this
command:
gpg --keyserver keys.gnupg.net --recv 94C09C7F
gpg --fingerprint 94C09C7F
This should show you some text, mainly this:
pub 1024D/94C09C7F 1999-11-10
Key fingerprint = 5B00 C96D 5D54 AEE1 206B AF84 DE7A AF6E
94C0 9C7F
uid
[ultimate] Peter Palfrader
If it looks vastly different, something has probably gone
wrong. Now, enter this command:
gpg --export 94C09C7F | sudo apt-key add -
This insures that when we download Tor, we're actually
getting Tor and not a program that somebody
has injected between us and the server we're downloading it
from. This somebody could be your
internet provider, somebody who has hacked into the software
repository, etc.
18. Update Your Software
Go to System> Administration> Update Manager and click
"check". You should have lots of updates
available, so click "install updates". Depending on your
internet connection and your computer's speed,
this could take a long time. You may have to restart
afterwards depending on what updates are
available.
19. Install Tor
Now it's time to install Tor. Go to Applications>
Accessories> Terminal and type the following
command:
sudo aptitude install tor
Say yes to whatever it asks you. Great! Tor should be
installed now.
20. Install Privoxy
Unfortunately, there is no good version of Privoxy in the
Ubuntu 9.04 repositories so we have to add it
manually. Go to privoxy.org, click on 'download recent
releases', click on 'Debian' and download the
i386/x86 version. Run this file once you've saved it and
click install.
Preparing The Virtual Machine
A virtual machine is a complete operating system that runs
inside another operating system. We will
use this to protect your identity. This way, even if
somebody hacks into your hidden service, they won't
be able to find out your IP address, what's on your hard
drive, or any other sensitive information.
Instead, they'll just land in an empty sandbox that has ONLY
hidden service things. It's important that
you only use your virtual machine for your hidden service
and NOTHING ELSE. Tor will run on the
host machine. Tor needs to access the internet, but your
hidden service only needs to access Tor. In this
way, Tor can access the internet, connect to tor servers,
etc. but the machine with your actual hiddenservice can only
communicate through Tor. This removes the risk that an
attacker can force your server
to divulge its IP address and therefore it's
location/operator by requesting external files.
Open up the terminal (you should know where it is by now)
and type the following command: (If you
haven't enabled community repositories, you'll want to do so
before issuing this command.)
sudo aptitude install qemu
Now it's time to restart!
You'll also need to grab a copy of Ubuntu 9.04 Server. I
suggest you download this through the torrent
they provide at:
http://releases.ubuntu.com/9.04/ubuntu-9.04-server-i386.iso.torrent
Please don't just be a leech and download. I suggest
downloading these files and then uploading to
other users so they can get it as well. A good general rule
of thumb is to "seed" (share) until your share
ratio is 1.5 or you've been seeding for 48 hours, whichever
comes first. You can always run
transmission, Ubuntu's Bittorrent program, later and it will
remember what's up.
Once you've installed the software that's needed to install
the virtual machine, you'll need to restart. I'll
be here when you come back.
In order to keep the virtual machine safe, we're going to
install Truecrypt. Ubuntu's encryption (which
we used to encrypt your hard drive) is fairly weak in terms
of the grand scheme of encryption options.
It's also not deniable. Anybody looking at your hard drive
can conclusively prove it's encrypted.
Depending on where you live, you may be legally compelled to
give up the password or a rubber-hose
attack (imagine what somebody could do to you with a rubber
hose) may cause you to give it up. It
uses AES by default, which is approved for classified data
in the United States if I remember correctly.
Encryption isn't foolproof, it's a deterrent -- something
that will make your adversary work harder.
Every encryption scheme people have devised has eventually
been broken, and AES will be no
exception. Right now, AES is still very secure. I believe
Ubuntu uses 128-bit encryption. According to
the National Institute for Standards in Technology
(nist.gov), if you assume that every person on the
planet owned ten computers, and that there are seven billion
people on the planet, and that each of these
computers can test 1 billion possible keys per second, and
that on average you only need to test 50% of
the possible keys to crack a 128-bit encrypted file, then it
would take the entire world
77,000,000,000,000,000,000,000,000 years to crack a 128-bit
key. This example is taken from
http://www.seagate.com/staticfiles/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf
That's assuming you chose a truly random passphrase and that
the adversary guesses your key in a
random order. There's always a chance they could guess the
key the first time around, it's all a game of
chance. Additionally, there have been some attacks published
about AES that reduce the keyspace (the
amount of keys that need to be guessed in order for somebody
to crack the correct one), so AES is
probably on its way out.
TrueCrypt is an open-source encryption program. It works by
creating 'volumes', which show up on
your computer as separate drives. You can read/write to them
like any other hard drive. It has a few
very important features that Ubuntu's default options don't
have. For one, it's deniable. There's no way
(that anybody has figured out) to prove a Truecrypt file is
actually a Truecrypt file. It could be just a
bunch of random data. Another important feature is 'hidden
partitions'. These enable you to create anencrypted file
that actually has two separate volumes with separate
passphrases. In one, you can put
sensitive-looking information should you ever be forced to
divulge your passphrase. In the other one,
you can put the actual sensitive information and there's no
way to prove that a hidden section exists.
Additionally, Truecrypt features 'super encryption', also
known as cascading encryption. This means
that your data is encrypted two or three times, not just
once. This means that even if an adversary
guessed a private key that worked, they'd have to guess more
and they wouldn't know if that key was
correct or just mathematically correct. The final important
feature is that it has no default encryption
algorithm. With Ubuntu's full-disk encryption, an adversary
knows the algorithm the drive is encrypted
with and what the keysize is. In Truecrypt, there's over a
dozen combinations, forcing your adversary to
spend much more time cracking it.
It's worth discussing quantum computing here. All modern
encryption systems rely on the fact that
factoring prime numbers for large numbers (that have 128
digits, for instance) is extremely difficult. It
would take an average computer billions of years to factor a
128 bit key. With a quantum computer,
you ask it to factor a 128 bit key and it gets you the
answers within seconds. Traditionally, intelligence
agencies have been at least a decade ahead of academics.
Right now academics are starting to build
very basic quantum computers (they aren't computers yet,
they're just the basis for doing math using
quantum computing) and I would put money on the idea that
the NSA already has quantum computing.
Needless to say, if you're fighting the NSA you've got
bigger concerns than your computer's encryption
software.
So, after much discussion, let's finally download Truecrypt.
Go to truecrypt.org, click on download,
and get the Ubuntu x86 version. One unfortunate part of the
Truecrypt website is that it doesn't support
SSL. This means that you can't verify that the truecrypt.org
server is the actual truecrypt.org server. It
could be your ISP, the Chinese firewall, etc. The site
provides a PGP signature for verifying the
downloaded file, but if you're getting that PGP signature in
an unauthenticated manner, it won't do
much good. One way to verify the files is to get an "md5
sum". This is way of making a unique
'signature' of a file. I downloaded Truecrypt (version 6.2a)
through two different Tor servers and got
this md5 sum:
7f16f069416b10b4455a7457a625771b
You can check the md5sum by opening the terminal and going
to the directory where you saved the file
using the following command:
cd /directory
It is probably in /home/user or /home/user/Desktop. Then
type "md5sum filename" and it will print out
the file's signature. Also realize that you probably got
this guide in an un-authenticated manner.
Now, open up that file, extract its contents, and open the
file you've extracted. Install it by clicking
install (duh). Once this is done, open Truecrypt. It should
be under your programs. If not, you can go to
the terminal and type truecrypt. I suggest you use the
'hidden volume' feature, but I'm not going to
explain to you how to do it. You have to do some of the work
yourself. Truecrypt has some wonderful
documentation available at http://www.truecrypt.org/docs/.
The hidden service has to go in its own
encrypted volume because we don't want the main (host)
system knowing about it and vice versa. Tor
is in a Truecrypt partition because we don't want an
attacker with the main hard drive encryption key to
be able to find out the address of your hidden service.
Once you've got Truecrypt open, follow these steps:1. Choose
"create volume"
2. Choose "create an encrypted file container" and go to the
next screen
3. Choose "standard Truecrypt volume" and go to the next
screen
4. Click "select file"
5. Navigate to the directory where you want the encrypted
volume to live
6. Type in the file name you want. If you choose something
like 'truecrypt.file', it's going to be obvious
that it's a Truecrypt encrypted container. Something like
"encrypted.test" or "hard_drive_image.raw"
might be a little more deniable. If you want to have fun,
create a few of these so your adversary won't
know which (if any) to try cracking.
7. Click next
8. This is where you choose an encryption algorithm. I would
suggest using multiple ones, but it's up to
you and it doesn't really matter which one you pick. If you
care about speed, hit "test" to see which
ones will run best on your machine.
9. Click next
10. This is where we choose the size of the encrypted
volume. For your hidden service machine,
consider how many files you'll be storing and how big
they'll be. I suggest at least 10GB. You can
always change this later.
11. This is where you choose your passphrase. Make it as
complicated, long, and random as possible
while still being able to remember it later.
12. At this stage, you can also add a keyfile. This is a
good idea if you think your adversary will never
find your keyfiles. You can store them on your hard drive or
on an external device (flash drive, etc.) in
a secure or hard-to-find location. While it doesn't actually
work like this, this example will explain it's
effectiveness -- Using a keyfile is basically like using an
entire file as your password in addition to your
actual password, making it much more difficult to crack. It
takes a while to guess a 20 character
password, but even longer for a 5000 character password.
Random files are the best, but you can use
any file, including a huge zip file or the Ubuntu install
CDs (not recommended, since they might expect
this of hidden service operators who used this guide).
13. Click next
14. Choose "I will store files larger than 4gb on this
volume". While you may never actually do this, it's
important to keep it open as an option. This isn't something
you'll want to have to change in the future.
15. Click next
16. Now you have to choose your file system. A file system
is how the operating system finds out
where files are physically located on a hard drive. FAT32
was used on Windows 98-era machines (and
is still used on most flash drives). The problem with FAT32
is you can't store files larger than 4gb and
if your system crashes without notice (power failure, etc.)
there's a good chance it might not recover.
Ext2 and 3 are better options for recovering from this kind
of a disaster and you can store files larger
than 4gb. Also, you can play more around with the
permissions (only allowing certain users/programs
to access certain files). I'm assuming you don't choose
fat32 here because it's usually a bad choice.
17. Click next
18. Choose "I will use this file on other platforms". Again
this is one of those things you'd rather have
the option to do because if you don't, changing it will be a
big pain.
19. Click next
20. Un-check "show" and move your mouse around a lot, for a
while. It may also help to surf the web,
open big files, type random stuff, etc. I'm not sure though.
Once your hand gets tired or your patience
runs out, click on format. This will take seconds to hours.
It took half an hour on my test machine.
Now it's time to set up Tor for use with our hidden service.
Normally Tor stores everything in /var/tor,
but we'll be storing everything in our encrypted Truecrypt
volume. Unfortunately, if we just edit Tor'sconfiguration
file to store things where we mount the encrypted volume
(where it shows up when we
open it), it will provide pretty strong proof additional
encryption is used on your machine. It wouldn't
be much of a stretch to blame the Truecrypt volumes. The way
to get around this is to make a script
inside the encrypted volume that changes Tor's settings when
it's opened. First though, we've got to
open the encrypted volume.
Open up truecrypt and click "select file". Pick your
encrypted volume you'll be using and hit "mount".
Enter your passphrase, key files, and whatever else you need
to. Normally Truecrypt mounts things to /
media/truecrypt1, meaning you can access the volume at that
directory.
Go back to the terminal and type these commands:
sudo cp /etc/tor/torrc /media/truecrypt1
sudo chmod 777 /media/truecrypt1/torrc
gedit /media/truecrypt1/torrc
Awesome, now we're editing the Tor configuration file. Add
the below:
## disable logging
log notice file /dev/null
## use encrypted data directory
DataDirectory /media/truecrypt1/tor
## set up the hidden service, 5022 can be anything you want
but make sure you specify it right in the
Qemu setup
HiddenServiceDir /media/truecrypt1/tor/hidden_service
HiddenServicePort 80 127.0.0.1:5022
This sets up a hidden service and redirect all traffic to it
to 127.0.0.1:5022. On port 5022, Qemu is
listening and will forward all of that traffic to your
virtual machine (hidden service). Go to your
Truecrypt volume and create a folder called Tor, which is
where all of Tor's data will be stored
including your hidden service's key and address. As a final
measure, let's make sure Tor can write to
the folder by typing sudo chown debian-tor
/media/truecrypt1/tor.
The way we'll be making sure that your hidden service can
only send traffic through Tor is by making a
user that has all of their connections forwarded to
localhost. This means that you can run programs over
Tor from the hidden service if you set the proxy correctly
and that if you don't, the connection will just
get dropped. This means that if you're running any other
software on your host machine that is listening
on any other port, it will be accessible to your hidden
service. You may need to block connections to it
via iptables or completely disable it. In the example
commands, I created a user called torify. If you
give it a different name, be sure to change the commands
accordingly. To create a new user, go to
System> Administration> Users and Groups and select new
user. You'll need to give them their own
password. Go over to advanced and remember what it says in
"user ID". Once this is done, go to the
terminal and run these two commands replacing id with the
user id you found. This will allow the torify
user to run the kvm modules which may speed up your virtual
machine.
sudo adduser `id -un` libvirtd
sudo adduser `id -un` kvm
Once we've got your new user set up, let's install the
software that will run your virtual machine.
In Linux, iptables is the best and most popular firewall
(technically it actually isn't a firewall, but we'llcall it
one for the sake of simplicity). We'll be using it to make
sure your hidden service only uses Tor
and can't communicate to the outside world any other way. If
you're plugging your computer into the
internet, your network interface is eth0. If you're using
wireless, it's probably wlan0. Modify
accordingly for the below. Anything starting with # is a
comment to explain what's going on and
everything else is a command which you should run! This is
based off of some discussion on the or-talk
mailing list. If you're looking for more explanations on how
this works or other sample commands, see
http://archives.seul.org/or/talk/May-2009/msg00067.html
#redirect all of torify's traffic to localhost
sudo iptables -t nat -A OUTPUT -m owner --uid-owner torify
-j DNAT --to-destination 127.0.0.1
#allow vm to access privoxy, tor
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -p
tcp --dport 8118 -j ACCEPT
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -p
tcp --dport 9050 -j ACCEPT
#allow tor to access vm
sudo iptables -A OUTPUT -o lo -m owner --uid-owner
debian-tor -p tcp --dport 5022 -j ACCEPT
#if we allow it outgoing, allow it incoming and don't
interfere with prior connections
sudo iptables -A INPUT -p tcp -m state --state ESTABLISHED
-j ACCEPT
sudo iptables -A INPUT -p tcp -m state --state RELATED -j
ACCEPT
sudo iptables -A OUTPUT -m state --state ESTABLISHED -j
ACCEPT
sudo iptables -A OUTPUT -m state --state RELATED -j ACCEPT
#don't let anything access vm on localhost
sudo iptables -A OUTPUT -o lo -p tcp --dport 5022 -j DROP
#don't let torify snoop around on listening localhost ports
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -j
DROP
#don't allow external machines to access vm
sudo iptables -A INPUT ! -i lo -p tcp --dport 5022 -j DROP
#drop all torify traffic failsafe and protocol agnostic
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -j
DROP
To make sure the rules stay after reboot, type the following
command:
sudo iptables-save
Next we'll need to make sure Privoxy works with Tor. Type
this command:
sudo gedit /etc/privoxy/config
Delete everything in the file and replace it with this:
# Generally, this file goes in /etc/privoxy/config
#
Click here to read the complete article