Tor Hidden Services are accessed through a web address ending in .onion. Generally speaking these appear to be random strings of letters and numbers, though they're actually a representation of the public key generated when the operator created their hidden service.
Whilst it's possible to generate a V2 vanity .onion address with eschallot, V3 Onions use
ed25519 requiring use of a different tool.
This documentation details how to generate a vanity .onion address for Version 3 Onions
First we start by installing a couple of dependencies
apt-get install gcc libsodium-dev make autoconf
yum install libsodium-devel yum groupinstall "Development Tools"
mp224o is the workhorse that'll be doing the backbreaking work of generating key combinations, so we need to grab and install it
git clone https://github.com/cathugger/mkp224o.git cd mkp224o/ # Configure and compile ./autogen.sh ./configure make
Once that's completed, we should be ready to try and generate our first URL
./mkp224o filter ben -t 4 -v -n 4 -d /tmp/ set workdir: /tmp/ sorting filters... done. filters: ben filter in total, 2 filters using 4 threads benyfkc7gc2pptco6hx7t3sk57q7ahzz6fjtur36ar3pm5euvbwx5pqd.onion ben3jyzyjq7tfzswwfftgylgrphsjf5wpperztzusnes5e4mc7cfftqd.onion ben4xyknoitu7qk5gt7t55l25cl35bk3dgxj7y5jdb5v3l2c46aglvad.onion ben24n2tfjdw23zfysv5frttdbpqkteco4edqrnoay4elywz7wverbyd.onion waiting for threads to finish... done.
The options passed are
filter ben: Look for the string ben - our vanity string
-t 4: use 4 threads
-v: Be verbose
-n 4: Generate 4 suggestions
-d /tmp/: Write generated keymatter out to directories under
The output directory (in the example above
/tmp) will have a directory created within it for each of the found suggestions. Copy this to your tor server and put into
/var/lib/tor (or wherever you've configured Tor to run) and rename the directory to be that of your hidden service (as defined in
torrc - in the tutorial I posted previously, this was /var/lib/tor/myonion/), then fix permissions
mv benyfkc7gc2pptco6hx7t3sk57q7ahzz6fjtur36ar3pm5euvbwx5pqd.onion /var/lib/tor/bens_new_hs chown -R tor: /var/lib/tor/bens_new_hs chmod -R u+rwX,og-rwx /var/lib/tor/bens_new_hs
If you've not already added the service to
torrc then add it
vi /etc/tor/torrc HiddenServiceDir /var/lib/tor/bens_new_hs HiddenServiceVersion 3 HiddenServicePort 80 127.0.0.1:80
Then, either way, restart or reload tor
systemctl reload tor
Once TOR restarts, your new service should come up
Things to note
- It gets progressively harder to bruteforce the keys, the more characters you specify (god only knows what resources Facebook's facebookcorewwwi.onion took to generate!)
- If you've any config that relies on a specific hostname (such as an NGinx server block, remember to change it if you change the URL!)
- It might take multiple attempts to find a vanity URL that you actually like