Closed nyxnor closed 2 years ago
the reason why it is planned to be a separate script than tor-ctrl-onion
is because that script is for server administrators, while tor-ctrl-onion-client
is for clients.
Summed up to people not understanding the options, which is very hard to summarize on a help message and maybe a manual will be needed for each script.
This separation is not a definitive one, just seems right at the moment, but can be ammended to tor-ctrl-onion if useful points are made.
ended up on the same script because the help message is better now, more organized and I hope it is understandable.
everything was accomplished.
It is not the same key format used inside
ClientOnionAuthDir/file.auth_private
, as it is in base32 and the controller requires it to be in base 64.Read TPO Client-Auth
To generate a key, you need
openssl
(not libressl as it does not contains alg x25519) andbasez
, as it contains base32 and bas64 scripts to encode and decode.Create certificate:
Generate base32 keys:
private key:
public key:
Keys
Generate base64 keys:
private key:
public key:
Convert key from base64 to base32:
private key:
public key:
Convert key from base32 to base64:
private key:
public key:
Syntax
serviceId
is thehostname
without.onion
.serviceId=HSAddress
ONION_CLIENT_AUTH_ADD
serviceId x25519:privateKeyInBase64
Flags=Permanent
- This client's credentials should be stored in the filesystem. If this is not set, the client's credentials are ephemeral and stored in memory.ONION_CLIENT_AUTH_REMOVE
serviceId
ONION_CLIENT_AUTH_VIEW
[serviceId]
Tells the connected Tor to list all the stored client-side v3 client auth credentials for "HSAddress". If no "HSAddress" is provided, list all the stored client-side v3 client auth credentials.