SET UP YOUR DARKNET SITE
1. CONFIGURE THE SERVER FOLDER
Follow “Setting Up TAILS” to boot from a USB stick, and set up
persistence. Open “Applications > Terminal,” run sudo mkdir /var/www , then sudo mkdir /live/persistence/TailsData_ unlocked/www . Edit the persistence config file with sudo nano
/live/persistence/ TailsData_unlocked/persistence.conf/ , and add the line /var/www source=www at the end. Press Ctrl-X, then Y, then Enter to save and exit. Reboot TAILS, open Terminal, and run sudo apt-get update , then sudo apt-get install nginx
light . Run sudo nano /etc/nginx/sites-available/default , paste the text in Step 2 at the end, save and exit.
3. SET UP STEALTH SERVICES
Run sudo nano /etc/tor/torrc . Scroll down to “this section is just for location-hidden services.” This is where you’ll set up a hidden service for each user. Modify the names in the last line before pasting: HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:8080 HiddenServiceAuthorizeClient stealth tom,dick,harry
Save and exit.
5. SET UP CLIENT ACCESS (TOR BROWSER)
Run sudo cat /var/ lib/tor/ hidden_service/ hostname to list access tokens for all users. Ask your user to open their Tor Browser Bundle folder and use a text editor to open the “torrc” file. This is found in “~/[path_to_tor_browser]/Browser/ TorBrowser/Data/ Tor/torrc” on Linux. Type HidServAuth , then paste the line for their Hidden Service Authentication address and cookie at the end.
2. SET UP A WEB SERVER
server { listen 127.0.0.1:8080 default_server; server_name localhost; server_tokens off; root /var/www; index index.html index.htm; location / { allow 127.0.0.1; deny all;
}
}
4. CREATE AN INDEX PAGE WITH PERMISSIONS
Create a simple landing page for your website with sudo nano /var/
www/index.htm . Type in some text, such as “This is your secret page running from TAILS,” then save, and exit. Give the www user ownership of the “/var/www” folder with sudo chown -Rv www
data:www-data /var/www . Restart Tor and Nginx with: sudo service tor restart sudo service nginx restart
6. SET UP CLIENT ACCESS (ORBOT)
If your contacts prefer to use mobile devices, ask them to install the apps Orbot and Orweb on their Android device. Next, start Orbot and go to “Menu > Settings > Torrc Custom Config.” Type the word
HidServAuth , then leave a space, and paste in their entry from hostname. They can now access your hidden service using the Orfox browser.