1. Forum
  2. USENET
  3. news.software.nntp

  • Configure INN2 to work behind a TOR hidden service

    From G.K.@g@k.invalid to news.software.nntp on Sun Aug 3 11:42:41 2025
    From Newsgroup: news.software.nntp

    Is there any documentation on how to configure INN2 to work behind TOR hidden address services?

    How do I get started?

    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Ivo Gandolfo@usenet@bofh.team to news.software.nntp on Sun Aug 3 18:56:57 2025
    From Newsgroup: news.software.nntp

    On 8/3/2025 6:42 PM, G.K. wrote:
    Is there any documentation on how to configure INN2 to work behind TOR hidden address services?

    How do I get started?


    Work only on TOR it's impossible, you need at least one public interface
    (to peer with other's server). My server it's working with Tor hidden
    services (I setup on my server a dummy tun interface with IP 172.16.1.2,
    and the Tor client it's connected here). All Tor connection to my inn2
    it's from this IP (inn2 listen on this dummy interface).
    If you're setting up a news server, be careful about how it presents
    itself, because everyone enters their own name in the Path, so you'll
    need to agree with your peering network not to disclose your public IP address. You'll also need to ensure your server uses a "fake" name
    (e.g., your.server.tor) to keep your IP address private. However,
    there's always a way to find out, so don't expect to be completely
    anonymous, only your users will be (and even then, I can't guarantee this).


    Sincerely
    --
    Ivo Gandolfo
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Den zuko@denzuko@panix.panix.com to news.software.nntp on Thu Aug 14 20:22:53 2025
    From Newsgroup: news.software.nntp

    On 2025-08-03, Ivo Gandolfo <usenet@bofh.team> wrote:
    On 8/3/2025 6:42 PM, G.K. wrote:
    Is there any documentation on how to configure INN2 to work behind TOR hidden
    address services?

    How do I get started?


    Work only on TOR it's impossible, you need at least one public interface
    (to peer with other's server). My server it's working with Tor hidden services (I setup on my server a dummy tun interface with IP 172.16.1.2,
    and the Tor client it's connected here). All Tor connection to my inn2
    it's from this IP (inn2 listen on this dummy interface).
    If you're setting up a news server, be careful about how it presents
    itself, because everyone enters their own name in the Path, so you'll
    need to agree with your peering network not to disclose your public IP address. You'll also need to ensure your server uses a "fake" name
    (e.g., your.server.tor) to keep your IP address private. However,
    there's always a way to find out, so don't expect to be completely anonymous, only your users will be (and even then, I can't guarantee this).


    Sincerely


    As a onion only service or standalone net news server?

    At the high level, Yeah that just the same as configuring INN for any other domain but use your .onion address.

    If your peering with other onion sites then I'd update the init script to
    have torsocks preepended to the inn daemon so the dns resolves.

    But that is alsp the crux of the issue, clearnet servers would not be able to reach your server if you are configuring it as an onion site.

    One might have to do a dual home configuration for both the clearnet and onion site version.

    Couldn't tell you teh fife foot level since I hven't ran INN since the late 90's.
    --
    ----===========.=============---
    - d-a:677. Discourses 6:12, 21.
    r2600|sdf|panix|fido 1:124/5017
    ----===========.=============---
    --- Synchronet 3.21a-Linux NewsLink 1.2