Raspberry Pi Torified Wifi

From Leo's Notes
Last edited on 15 June 2020, at 03:11.

These steps were used to set up a Raspberry Pi as a wireless access point as a gateway to Tor. The end goal here is the same as OnionPi. 

pacman -Syy # Update repos
pacman -Syu # Update system
pacman -Ss hostpad tor bridge-utils dnsmasq
vi /etc/hostapd/hostapd.conf
cat /etc/hostapd/hostapd.conf

ssid=You_Are_Being_Watched
wpa_passphrase=viciousdragon
interface=wlan0
bridge=br0
auth_algs=3
channel=1
driver=nl80211
hw_mode=g
logger_stdout=-1
logger_stdout_level=2
max_num_sta=5
rsn_pairwise=CCMP
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP

# You can then start the AP using systemd:
systemctl start hostapd.service

vi /etc/tor/torrc
cat /etc/tor/torrc

Log notice file /var/log/tor/notices.log

VirtualAddrNetwork 10.192.0.0/10
AutomapHostsSuffixes .onion.exit
AutomapHostsOnResolve 1

TransPort 9040
TransListenAddress 192.168.192.10

DNSPort 53
DNSListenAddress  192.168.192.11

vi /root/tor_chroot.sh
cat /root/tor_chroot.sh

cat ~/torchroot.sh
#!/bin/bash
export TORCHROOT=/opt/torchroot

mkdir -p $TORCHROOT
mkdir -p $TORCHROOT/etc/tor
mkdir -p $TORCHROOT/dev
mkdir -p $TORCHROOT/usr/bin
mkdir -p $TORCHROOT/usr/lib
mkdir -p $TORCHROOT/usr/share/tor
mkdir -p $TORCHROOT/var/lib

ln -s /usr/lib  $TORCHROOT/lib
cp /etc/hosts           $TORCHROOT/etc/
cp /etc/host.conf       $TORCHROOT/etc/
cp /etc/localtime       $TORCHROOT/etc/
cp /etc/nsswitch.conf   $TORCHROOT/etc/
cp /etc/resolv.conf     $TORCHROOT/etc/
cp /etc/tor/torrc       $TORCHROOT/etc/tor/

cp /usr/bin/tor         $TORCHROOT/usr/bin/
cp /usr/share/tor/geoip* $TORCHROOT/usr/share/tor/
cp /lib/libnss* /lib/libnsl* /lib/ld-linux-*.so* /lib/libresolv* /lib/libgcc_s.so* $TORCHROOT/usr/lib/
cp $(ldd /usr/bin/tor | awk '{print $3}'|grep --color=never "^/") $TORCHROOT/usr/lib/
cp -r /var/lib/tor      $TORCHROOT/var/lib/
chown -R tor:tor $TORCHROOT/var/lib/tor

sh -c "grep --color=never ^tor /etc/passwd > $TORCHROOT/etc/passwd"
sh -c "grep --color=never ^tor /etc/group > $TORCHROOT/etc/group"

mknod -m 644 $TORCHROOT/dev/random c 1 8
mknod -m 644 $TORCHROOT/dev/urandom c 1 9
mknod -m 666 $TORCHROOT/dev/null c 1 3

if [[ "$(uname -m)" == "x86_64" ]]; then
  cp /usr/lib/ld-linux-x86-64.so* $TORCHROOT/usr/lib/.
  ln -sr /usr/lib64 $TORCHROOT/lib64
  ln -s $TORCHROOT/usr/lib ${TORCHROOT}/usr/lib64
fi

At this point, if the AP is running, you should have a br0 bridge: 

$ brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.00e01210462b       no              wlan0
Various Linux Notes
Linux Tools and Utilites
Package Management
Linux Distributions
Networking
Containers

Recent Changes

Recent Changes under Linux

Recent Changes under Guides

Ad-Free + Tracker-Free

I respect your privacy. This site does not serve ads, use trackers/analytics, or load resources from 3rd party websites.

Cookies may be created by MediaWiki but will contain no user identifiable information.


Back to top