connect to OpenVPN in Tor hidden service

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
dgj
OpenVpn Newbie
Posts: 2
Joined: Sun Jun 23, 2019 4:46 pm

connect to OpenVPN in Tor hidden service

Post by dgj » Sun Jun 23, 2019 5:23 pm

Hi, hope someone can help me.

Background: I am running OpenVPN on a FreedomBox server [1]. My FreedomBox is behind a Carrier-Grade Nat and thus I do not have a public-facing IP, and so my FreedomBox is only accessible as a Tor hidden service.

Problem: I am trying to connect to OpenVPN over Tor at the onion address, but am having no luck. Is anyone able to help?

I found some information online, but nothing has worked. Here is what I have done:

(i) I modified the ovpn client config file in the following way (looking at [2] for an example):

client
remote ****.onion 1194
socks-proxy localhost 9150 socks-proxy-retry
proto tcp
dev tun
nobind
remote-cert-tls server
cipher AES-256-CBC
comp-lzo
redirect-gateway
verb 3
ca ca.crt
cert client.crt
key client.key

(ii) Note I had copied the text between <ca> and </ca> and saved it as ca.crt, and so on for <cert>... </cert> and <key> ... </key> and saved them in the same directory as the ovpn client configuration file. [3,4]

(iii) I added this line to the "/etc/tor/torrc" file to tunnel vpn traffic [5]:

SocksPort 9150 PreferSOCKSNoAuth

In the terminal restarted tor "sudo service tor restart" and reloaded the config for tor with "sudo service tor reload" [5].

Finally, I ran the following [5]:

$ sudo openvpn --config config.ovpn

This is the output I get:

WARNING: file 'client.key' is group or others accessible
OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
library versions: OpenSSL 1.1.1c 28 May 2019, LZO 2.10
TCP/UDP: Preserving recently used remote address: [AF_INET6]::1:9150
Socket Buffers: R=[87380->87380] S=[16384->16384]
Attempting to establish TCP connection with [AF_INET6]::1:9150 [nonblock]
TCP: connect to [AF_INET6]::1:9150 failed: Connection refused
SIGUSR1[connection failed(soft),init_instance] received, process restarting
Restart pause, 5 second(s)
TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:9150
Socket Buffers: R=[87380->87380] S=[16384->16384]
Attempting to establish TCP connection with [AF_INET]127.0.0.1:9150 [nonblock]
TCP connection established with [AF_INET]127.0.0.1:9150
Error opening 'SOCKS Proxy' auth file: socks-proxy-retry: No such file or directory (errno=2)
Exiting due to fatal error

Any help would be greatly appreciated.

Cheers,
DJ

[1] https://freedombox.org/
[2] https://askubuntu.com/questions/870037/ ... en-service
[3] https://askubuntu.com/questions/446057/ ... client-key
[4] https://alioth-lists.debian.net/piperma ... 07168.html
[5] https://tor.stackexchange.com/questions ... hrough-tor

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5790
Joined: Fri Jun 03, 2016 1:17 pm

Re: connect to OpenVPN in Tor hidden service

Post by TinCanTech » Sun Jun 23, 2019 6:41 pm

dgj wrote:
Sun Jun 23, 2019 5:23 pm
TCP connection established with [AF_INET]127.0.0.1:9150
Error opening 'SOCKS Proxy' auth file: socks-proxy-retry: No such file or directory (errno=2)
Exiting due to fatal error
See --socks-proxy in the manual.

thecredible0
OpenVpn Newbie
Posts: 1
Joined: Tue Jul 09, 2019 7:20 am

Re: connect to OpenVPN in Tor hidden service

Post by thecredible0 » Tue Jul 09, 2019 7:20 am

Hey! That's an exquisite stuff, excellent enough to make someday admire. The mob today has become an outrageous one than one in the earlier days. So, this kind of post, articles, blogs and newsletters ignites not only the youth;s mind but the whole nation to do something extravagant in the societies development.

dgj
OpenVpn Newbie
Posts: 2
Joined: Sun Jun 23, 2019 4:46 pm

Re: connect to OpenVPN in Tor hidden service

Post by dgj » Thu Jul 11, 2019 11:02 am

@TinCanTech thank you for the reply. I have not had time to look into it, but will do so soon.

OT how does one delete spam like the above post? I have added thecredible0 to my foe list. Is there anything else I can do?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5790
Joined: Fri Jun 03, 2016 1:17 pm

Re: connect to OpenVPN in Tor hidden service

Post by TinCanTech » Thu Jul 11, 2019 12:12 pm

Use the report button.

Post Reply