Opened 2 years ago

Last modified 2 years ago

#22304 new enhancement

Support generating HS private key / onion address without publishing

Reported by: segfault Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: AffectsTails tor-hs needs-design intro keygen ui
Cc: segfault@…, arma Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

While developing Tails Server, we encountered the need to know the onion address of a service before making it available via Tor. It would be awesome if this could be achieved via the control port, e.g. with a DontPublish flag to ADD_ONION.

Child Tickets

Change History (7)

comment:1 in reply to:  description Changed 2 years ago by segfault

Note that we currently have a workaround, which is to generate the RSA key and derive the onion address ourselves. But with this workaround, we always have to keep an eye on whether the key generation in Tor changes, and update the workaround accordingly (for example in a few months for the next-generation onion services). So having this feature in Tor would be a better long-term solution for us.

comment:2 Changed 2 years ago by arma

I wonder if you would like something like "tor --hash-password", except to generate an onion service key for you.

comment:3 Changed 2 years ago by arma

(I don't know if Nick considers that (mis)use of the Tor program as an abomination, or a nice clean way to separate things.)

comment:4 Changed 2 years ago by arma

Cc: arma added

comment:5 in reply to:  2 Changed 2 years ago by segfault

Replying to arma:

I wonder if you would like something like "tor --hash-password", except to generate an onion service key for you.

Sure, that should work just as well.

comment:6 Changed 2 years ago by dgoulet

Milestone: Tor: unspecified

Missing milestone.

comment:7 Changed 2 years ago by nickm

Keywords: tor-hs needs-design intro keygen ui added
Note: See TracTickets for help on using tickets.