Clarify documentation for running a tor node #8203

pull nathaniel-mahieu wants to merge 1 commits into bitcoin:master from nathaniel-mahieu:master changing 1 files +14 −4
  1. nathaniel-mahieu commented at 10:52 PM on June 14, 2016: contributor

    Previous wording suggested that no additional setup was required for a tor hidden service to be created.

    Discussed here: #8145

  2. in doc/tor.md:None in 5a8de3d299 outdated 
     111 | +Connecting to Tor's control socket API requires one of two authentication methods to be 
 112 | +configured.  The most straightforward is the use of the `-torpassword` flag and a `hash-password` 
 113 | +which can be enabled in Tor configuration.  Alternatively the user running bitcoind must have 
 114 | +write access to the `CookieAuthFile` specified in Tor configuration.  This can be achieved 
 115 | +by adding both the user running tor, and the user running bitcoind to the same group and setting 
 116 | +permissions appropriately.
    petertodd commented at 4:08 AM on June 15, 2016:

    Note that most distributions already have something along those lines, e.g. on Debian-based there is a debian-tor group, and you make cookie auth work by adding users who need it to the debian-tor group. I'd reword this to just say that you need to make sure the bitcoind user is part of the Tor group.

    Anyone know how non-Debian distros do this?

    laanwj commented at 8:48 AM on June 16, 2016:

    Yes, giving an example for Debian may help here.

    nathaniel-mahieu commented at 4:02 PM on June 16, 2016:

    Added the example for Debian. Are we worried that the debian-tor group includes too many permissions outside of this one cookie permission we are interested in?

  3. jonasschnelli added the label P2P on Jun 15, 2016
  4. in doc/tor.md:None in 5a8de3d299 outdated 
     106 |  This new feature is enabled by default if Bitcoin Core is listening, and
 107 |  a connection to Tor can be made. It can be configured with the `-listenonion`,
 108 |  `-torcontrol` and `-torpassword` settings. To show verbose debugging
 109 |  information, pass `-debug=tor`.
 110 | +
 111 | +Connecting to Tor's control socket API requires one of two authentication methods to be
    laanwj commented at 8:50 AM on June 16, 2016:

    I'd reword this a bit - cookie authentication is by far the most straightforward (even automatic) if bitcoin core has access to tor's cookie file. This is the case on Windows with Tor Browser Bundle, for example. If not, then extra work is needed to set it up.

    nathaniel-mahieu commented at 4:03 PM on June 16, 2016:

    Removed the opinion on simplicity.

  5. nathaniel-mahieu force-pushed on Jun 16, 2016
  6. in doc/tor.md:None in 4ba9f548e2 outdated 
     113 | +to the `CookieAuthFile` specified in Tor configuration. In some cases this is 
 114 | +preconfigured and the creation of a hidden service is automatic.  If permission problems 
 115 | +are seen with `-debug=tor` they can be resolved by adding both the user running tor, and 
 116 | +the user running bitcoind to the same group and setting permissions appropriately.  On 
 117 | +debian based systems Tor automatically creates the debian-tor group and the user running 
 118 | +bitcoind can be added there to receive appropriate permissions. An alternative
    petertodd commented at 5:14 PM on June 16, 2016:

    Rather than saying "Tor automatically creates" how about we just say "On Debian-based systems the user running bitcoind can be added to the debian-tor group, which has the appropriate permissions." - Debian's package management is what's automatically creating debian-tor, not Tor itself.

    nathaniel-mahieu commented at 7:19 PM on June 16, 2016:

    Much better wording.

  7. nathaniel-mahieu force-pushed on Jun 16, 2016
  8. Clarify documentation for running a tor node
    Previous wording suggested that no additional setup was required for a
tor hidden service to be created.
    9e3ec74fac
  9. in doc/tor.md:None in 4af15ac928 outdated 
     112 | +configured.  For cookie authentication the user running bitcoind must have write access 
 113 | +to the `CookieAuthFile` specified in Tor configuration. In some cases this is 
 114 | +preconfigured and the creation of a hidden service is automatic.  If permission problems 
 115 | +are seen with `-debug=tor` they can be resolved by adding both the user running tor and 
 116 | +the user running bitcoind to the same group and setting permissions appropriately.  On 
 117 | +Debian-based systems the user running bitcoind can be added to the debian-tor group,
    laanwj commented at 8:08 AM on June 17, 2016:

    No double spaces please :) We're not Satoshi.

  10. nathaniel-mahieu force-pushed on Jun 17, 2016
  12. laanwj merged this on Jun 20, 2016
  13. laanwj closed this on Jun 20, 2016
  14. laanwj referenced this in commit 377d1310ac on Jun 20, 2016
  15. zkbot referenced this in commit 45faa928ec on Mar 26, 2017
  16. codablock referenced this in commit 5298aa17a7 on Sep 16, 2017
  17. codablock referenced this in commit b40fd6da17 on Sep 19, 2017
  18. codablock referenced this in commit 3f09d48edd on Dec 27, 2017
  19. codablock referenced this in commit 05684db6e3 on Dec 28, 2017
  20. andvgal referenced this in commit 1edb8c0491 on Jan 6, 2019
  21. DrahtBot locked this on Sep 8, 2021
Contributors
nathaniel-mahieupetertoddlaanwj
Labels
P2P
Linked (view graph)
#1325 Better feedback when unprintable characters in Bitcoin address#8145 If bitcoind and tor run as different users bitcoind cannot authenticate with tor control#30041 [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 21:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me