mirror
/
oragono
miroir de https://github.com/oragono/oragono
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Versions 69 Wiki Activité
Parcourir la source

add a note about tor vs. tls

tags/v1.1.0-rc1
Shivaram Lingamneni il y a 5 ans
Parent
18169cbedf
révision
63502b8da4
1 fichiers modifiés avec 2 ajouts et 0 suppressions
Vue séparée Afficher les stats Diff
  1. 2
    0
      docs/MANUAL.md

+ 2
- 0
docs/MANUAL.md Voir le fichier 

@@ -619,6 +619,8 @@ HiddenServiceNonAnonymousMode 1
619 619 
 HiddenServiceSingleHopMode 1
620 620 
 ````
621 621
622 
+Tor provides end-to-end encryption for hidden services, so there's no need to enable TLS in Oragono for the listener (`127.0.0.2:6668` in this example). Doing so is not recommended, given the difficulty in obtaining a TLS certificate valid for an .onion address.
623 
+
622 624 
 The second way is to run Oragono as a true hidden service, where the server's actual IP address is a secret. This requires hardening measures on the Oragono side:
623 625
624 626 
 * Oragono should not accept any connections on its public interfaces. You should remove any listener that starts with the address of a public interface, or with `:`, which means "listen on all available interfaces". You should listen only on `127.0.0.1:6667` and a Unix domain socket such as `/hidden_service_sockets/oragono.sock`.

Écrire Aperçu
Chargement…
Annuler
Enregistrer