[tahoe-lafs-trac-stream] [tahoe-lafs] #517: make tahoe Tor- and I2P-friendly

tahoe-lafs trac at tahoe-lafs.org
Fri Apr 19 20:13:58 UTC 2013 

#517: make tahoe Tor- and I2P-friendly
-------------------------+-------------------------------------------------
     Reporter:  warner   |      Owner:  ioerror
         Type:           |     Status:  new
  enhancement            |  Milestone:  undecided
     Priority:  minor    |    Version:  1.2.0
    Component:  code-    |   Keywords:  easy privacy anonymity anti-
  network                |  censorship
   Resolution:           |
Launchpad Bug:           |
-------------------------+-------------------------------------------------

Old description:

> Jake Appelbaum and I were talking at the last hackfest about what it
> would take to run Tahoe safely through the Tor (anonymizing onion-router)
> proxy.
>
> I figured it wouldn't take much: just removing the automatically-added
> local IP addresses from the advertised FURLs. You'd treat the tubid as a
> pseudonym (i.e. never run this node without Tor). Listeners would be a
> complete loss (that is, other nodes would not be able to establish
> connections to yours, until 1: we get SOCKS4A client-side support into
> Twisted, 2: make sure Foolscap can use .onion names in connection hints,
> and 3: add a Foolscap Listener that establishes itself on a Tor hidden-
> service port).
>
> But beyond that, it should just be a question of running Tahoe under
> 'tsocks', so that all of its outbound connections go through the socks
> proxy and then through Tor to the other servers.
>
> So the task for this ticket: provide a configuration knob to override the
> default "find all my IP addresses and add them to the connection hints
> (via Tub.setLocation)" behavior, and instead provide a hard-coded list of
> hints instead.

New description:

 Jake Appelbaum and I were talking at the last hackfest about what it would
 take to run Tahoe safely through the Tor (anonymizing onion-router) proxy.

 I figured it wouldn't take much: just removing the automatically-added
 local IP addresses from the advertised FURLs. You'd treat the tubid as a
 pseudonym (i.e. never run this node without Tor). Listeners would be a
 complete loss (that is, other nodes would not be able to establish
 connections to yours, until 1: we get SOCKS4A client-side support into
 Twisted, 2: make sure Foolscap can use .onion names in connection hints,
 and 3: add a Foolscap Listener that establishes itself on a Tor hidden-
 service port).

 But beyond that, it should just be a question of running Tahoe under
 'tsocks', so that all of its outbound connections go through the socks
 proxy and then through Tor to the other servers.

 So the task for this ticket: provide a configuration knob to override the
 default "find all my IP addresses and add them to the connection hints
 (via Tub.setLocation)" behavior, and instead provide a hard-coded list of
 hints instead.

--

Comment (by leif):

 Running a grid on Tor hidden services works for me (by setting
 `tub.location` to an onion address and running tahoe under usewithtor),
 but I've noticed two IP address leaks so far (#1942 and #1947).

-- 
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/517#comment:13>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list