connect to OpenVPN in Tor hidden service

[dgj]

Hi, hope someone can help me.

Background: I am running OpenVPN on a FreedomBox server [1]. My FreedomBox is behind a Carrier-Grade Nat and thus I do not have a public-facing IP, and so my FreedomBox is only accessible as a Tor hidden service.

Problem: I am trying to connect to OpenVPN over Tor at the onion address, but am having no luck. Is anyone able to help?

I found some information online, but nothing has worked. Here is what I have done:

(i) I modified the ovpn client config file in the following way (looking at [2] for an example):

client
remote ****.onion 1194
socks-proxy localhost 9150 socks-proxy-retry
proto tcp
dev tun
nobind
remote-cert-tls server
cipher AES-256-CBC
comp-lzo
redirect-gateway
verb 3
ca ca.crt
cert client.crt
key client.key

(ii) Note I had copied the text between <ca> and </ca> and saved it as ca.crt, and so on for <cert>... </cert> and <key> ... </key> and saved them in the same directory as the ovpn client configuration file. [3,4]

(iii) I added this line to the "/etc/tor/torrc" file to tunnel vpn traffic [5]:

SocksPort 9150 PreferSOCKSNoAuth

In the terminal restarted tor "sudo service tor restart" and reloaded the config for tor with "sudo service tor reload" [5].

Finally, I ran the following [5]:

$ sudo openvpn --config config.ovpn

This is the output I get:

WARNING: file 'client.key' is group or others accessible
OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
library versions: OpenSSL 1.1.1c 28 May 2019, LZO 2.10
TCP/UDP: Preserving recently used remote address: [AF_INET6]::1:9150
Socket Buffers: R=[87380->87380] S=[16384->16384]
Attempting to establish TCP connection with [AF_INET6]::1:9150 [nonblock]
TCP: connect to [AF_INET6]::1:9150 failed: Connection refused
SIGUSR1[connection failed(soft),init_instance] received, process restarting
Restart pause, 5 second(s)
TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:9150
Socket Buffers: R=[87380->87380] S=[16384->16384]
Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150 [nonblock]
TCP connection established with [AF_INET]127.0.0.1:9150
Error opening 'SOCKS Proxy' auth file: socks-proxy-retry: No such file or directory (errno=2)
Exiting due to fatal error

Any help would be greatly appreciated.

Cheers,
DJ

[1] https://freedombox.org/
[2] https://askubuntu.com/questions/870037/ ... en-service
[3] https://askubuntu.com/questions/446057/ ... client-key
[4] https://alioth-lists.debian.net/piperma ... 07168.html
[5] https://tor.stackexchange.com/questions ... hrough-tor

[TinCanTech]

TCP connection established with [AF_INET]127.0.0.1:9150
Error opening 'SOCKS Proxy' auth file: socks-proxy-retry: No such file or directory (errno=2)
Exiting due to fatal error

See --socks-proxy in the manual.

[dgj]

@TinCanTech thank you for the reply. I have not had time to look into it, but will do so soon.

OT how does one delete spam like the above post? I have added thecredible0 to my foe list. Is there anything else I can do?

[TinCanTech]

Use the report button.