Hi, hope someone can help me.
Background: I am running OpenVPN on a FreedomBox server [1]. My FreedomBox is behind a Carrier-Grade Nat and thus I do not have a public-facing IP, and so my FreedomBox is only accessible as a Tor hidden service.
Problem: I am trying to connect to OpenVPN over Tor at the onion address, but am having no luck. Is anyone able to help?
I found some information online, but nothing has worked. Here is what I have done:
(i) I modified the ovpn client config file in the following way (looking at [2] for an example):
client
remote ****.onion 1194
socks-proxy localhost 9150 socks-proxy-retry
proto tcp
dev tun
nobind
remote-cert-tls server
cipher AES-256-CBC
comp-lzo
redirect-gateway
verb 3
ca ca.crt
cert client.crt
key client.key
(ii) Note I had copied the text between <ca> and </ca> and saved it as ca.crt, and so on for <cert>... </cert> and <key> ... </key> and saved them in the same directory as the ovpn client configuration file. [3,4]
(iii) I added this line to the "/etc/tor/torrc" file to tunnel vpn traffic [5]:
SocksPort 9150 PreferSOCKSNoAuth
In the terminal restarted tor "sudo service tor restart" and reloaded the config for tor with "sudo service tor reload" [5].
Finally, I ran the following [5]:
$ sudo openvpn --config config.ovpn
This is the output I get:
WARNING: file 'client.key' is group or others accessible
OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
library versions: OpenSSL 1.1.1c 28 May 2019, LZO 2.10
TCP/UDP: Preserving recently used remote address: [AF_INET6]::1:9150
Socket Buffers: R=[87380->87380] S=[16384->16384]
Attempting to establish TCP connection with [AF_INET6]::1:9150 [nonblock]
TCP: connect to [AF_INET6]::1:9150 failed: Connection refused
SIGUSR1[connection failed(soft),init_instance] received, process restarting
Restart pause, 5 second(s)
TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:9150
Socket Buffers: R=[87380->87380] S=[16384->16384]
Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150 [nonblock]
TCP connection established with [AF_INET]127.0.0.1:9150
Error opening 'SOCKS Proxy' auth file: socks-proxy-retry: No such file or directory (errno=2)
Exiting due to fatal error
Any help would be greatly appreciated.
Cheers,
DJ
[1] https://freedombox.org/
[2] https://askubuntu.com/questions/870037/ ... en-service
[3] https://askubuntu.com/questions/446057/ ... client-key
[4] https://alioth-lists.debian.net/piperma ... 07168.html
[5] https://tor.stackexchange.com/questions ... hrough-tor
connect to OpenVPN in Tor hidden service
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 2
- Joined: Sun Jun 23, 2019 4:46 pm
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVpn Newbie
- Posts: 2
- Joined: Sun Jun 23, 2019 4:46 pm
Re: connect to OpenVPN in Tor hidden service
@TinCanTech thank you for the reply. I have not had time to look into it, but will do so soon.
OT how does one delete spam like the above post? I have added thecredible0 to my foe list. Is there anything else I can do?
OT how does one delete spam like the above post? I have added thecredible0 to my foe list. Is there anything else I can do?
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: connect to OpenVPN in Tor hidden service
Use the report button.