/ Setting Up a Tor Onion Service


This is a short guide on how to creatie a Tor beacon. Since Tor addresses are persistent, this is a perfect way to access devices or servers that are inside a network you can not control.

NOTE: Onion services provide additional privacy and censorship resistance. They allow visitors to access your service anonymously through the Tor network.

// What is a Tor Onion Service?

An onion service also called a "hidden service", allows you to host a website or provide SSH access (as in our example), through the Tor network. Visitors gain enhanced privacy, and your service becomes more resistant to censorship and surveillance.


// Prerequisites


// Automated Setup Script

Save this script as tor-setup.sh and run as root:

#!/bin/bash

# Tor Onion Service Setup Script
# Run as root: sudo ./tor-setup.sh

echo "Setting up Tor onion service..."

# Install Tor if not already installed
if ! command -v tor &> /dev/null; then
    echo "Installing Tor..."
    apt update
    apt install -y tor
fi

# Create onion service directory
mkdir -p /var/lib/tor/website_onion/
chown debian-tor:debian-tor /var/lib/tor/website_onion/
chmod 700 /var/lib/tor/website_onion/

# Backup original torrc
cp /etc/tor/torrc /etc/tor/torrc.backup.$(date +%Y%m%d)

# Make ssh run on port 2222
sed -i 's/^#\?Port .*/Port 2222/' /etc/ssh/sshd_config

# Add onion service configuration to torrc
cat >> /etc/tor/torrc << 'EOF'

# Onion service for website
HiddenServiceDir /var/lib/tor/website_onion/
# HiddenServicePort 80 127.0.0.1:80   # If you want a website on port 80 use this
HiddenServicePort 22 127.0.0.1:2222   # In our case we would like to forward port 22 (ssh)
HiddenServiceVersion 3
EOF

# Restart tor service
systemctl restart tor
systemctl enable --now tor

echo "Waiting for Tor to generate onion address..."
sleep 5

# Display the onion address
if [ -f /var/lib/tor/website_onion/hostname ]; then
    ONION_ADDRESS=$(cat /var/lib/tor/website_onion/hostname)
    echo "==============================================="
    echo "Onion service configured successfully!"
    echo "Your onion address is: $ONION_ADDRESS"
    echo "==============================================="
    echo "Add this to your website footer:"
    echo "<a href="http://$ONION_ADDRESS">🧅 Onion Mirror</a>"
    echo "==============================================="
else
    echo "Error: Could not generate onion address. Check /var/log/tor/log"
fi

# Restart all services
systemctl restart tor
systemctl restart ssh

Once this is running you can access the server from anywhere on the world through tor.

$ torify ssh <user>@<youronionaddress>

// Resources