kopia lustrzana https://github.com/alecmuffett/eotk
Merge pull request #95 from alecmuffett/20210518-update-TIPS-FOR-MINING-ONIONSmd
commit: updated.pull/96/head
commit
33207bbda1
|
@ -1,59 +1,73 @@
|
|||
# Tips when mining Onion Addresses
|
||||
|
||||
## for v2 and v3 onion addresses; updated 26 jun 2019
|
||||
## For v3 onion addresses; updated 18 May 2021
|
||||
|
||||
* Copied from:
|
||||
https://medium.com/@alecmuffett/tips-when-mining-onion-addresses-8eece14cbd95
|
||||
Hello from Alec - and congratulations! You are setting up an Onion
|
||||
site! And you want a vanity onion address! There is lots of software
|
||||
out there that you can use to generate them!
|
||||
|
||||
Congratulations! You are setting up an Onion site! And you want a
|
||||
vanity onion address! There is lots of software out there that you can
|
||||
use to generate them!
|
||||
## What do I use?
|
||||
|
||||
I'm not going to make strong software recommendations, because it's a
|
||||
matter of what you have at your disposal already, and what fits the
|
||||
hardware that you have access to.
|
||||
Some people mine onion addresses on local hardware for privacy and
|
||||
safety, whilst others are happy to rent a GPU-based compute-heavy
|
||||
instance from AWS, or similar.
|
||||
|
||||
* for v2: Onions: `Scallion` (C# or Mono, GPU accelerated), `Shallot`,
|
||||
or `Eschalot`; go for the latest versions of each.
|
||||
I'm not going to make terribly strong software recommendations,
|
||||
because it's a matter of what you have at your disposal already,
|
||||
and what fits the hardware that you have access to.
|
||||
|
||||
* for v3 Onions: I have no idea of the standout tools, please check
|
||||
back and/or suggest something in the comments
|
||||
In my case I have a small cluster of Raspberry Pi, and I use
|
||||
[`mkp224o`](https://github.com/cathugger/mkp224o) for mining with them.
|
||||
I compiled the code manually, using
|
||||
[the instructions](https://github.com/cathugger/mkp224o/blob/master/README.md)
|
||||
and
|
||||
[the tuning instructions](https://github.com/cathugger/mkp224o/blob/master/OPTIMISATION.txt)
|
||||
to build something suitable for me.
|
||||
|
||||
Some people mine onion addresses on local hardware for safety, others
|
||||
are happy to rent a GPU-based compute-heavy instance from AWS, or
|
||||
similar.
|
||||
If you are looking for a really meaningful, long-prefix onion address
|
||||
up front, you will have to expend a lot of money and CPU-time in order
|
||||
to find one. This is why the next section is really important in
|
||||
order to get the most "bang for your buck".
|
||||
|
||||
## How do I best approach this challenge?
|
||||
|
||||
If you're setting up multiple onions for your site -- eg: if there is
|
||||
one/more CDNs associated with your site, it is nice to set up vanity
|
||||
onions for them, too; partly for "cute" but also to stop yourself
|
||||
going crazy during debugging.
|
||||
|
||||
For instance, the NYT onion is https://www.nytimes3xbfgragh.onion/ and
|
||||
their CDN Onion is https://graylady3jvrrxbe.onion/
|
||||
For instance, the (defunct, V2) NYT
|
||||
onion was https://www.nytimes3xbfgragh.onion/ and their CDN
|
||||
onion was https://graylady3jvrrxbe.onion/
|
||||
|
||||
Similarly there exist https://www.facebookcorewwwi.onion/ and
|
||||
https://fbcdn23dssr3jqnq.onion/
|
||||
Similarly there were
|
||||
https://www.facebookcorewwwi.onion/ and
|
||||
https://fbcdn23dssr3jqnq.onion/ for Facebook.
|
||||
|
||||
* Perhaps use your CDN Onion to reflect your own history and
|
||||
site/brand culture?
|
||||
Ask yourself now: perhaps use your CDN Onion to reflect your own
|
||||
history and site/brand culture? Perhaps you can mine several onion
|
||||
addresses at the same time, even speculatively?
|
||||
|
||||
Onion mining is a matter of luck and resource, and
|
||||
(counterintuitively?) the rarest resource that you have, is time, as
|
||||
measured by your wall clock.
|
||||
Onion mining is a matter of luck and expensive resource, and
|
||||
(counterintuitively?) the rarest resource that you have, is time
|
||||
as-measured by your wall clock.
|
||||
|
||||
Therefore, if you are mining onions for a lot of sites, the best
|
||||
strategy is follows:
|
||||
|
||||
* Have breakfast and some tea or coffee. Try to get into a creative
|
||||
mood.
|
||||
mood. You are making an investment of time *now* to save yourself
|
||||
time and effort, later.
|
||||
|
||||
* Sit down, open a document, and try to think inclusively of every
|
||||
possible prefix that you might ever find acceptable at the start (or
|
||||
finish) of your onion addresses, for all of your sites, and write
|
||||
them all down. You may create 10, 20, or more. No ideas are bad
|
||||
ideas. Deduplicate them (eg: it's pointless to look especially for
|
||||
`nytimes` if you are already happy to have anything beginning with
|
||||
`nyt`)
|
||||
* Sit down, open a document, and try to think inclusively of EVERY
|
||||
POSSIBLE PREFIX THAT YOU MIGHT EVER FIND ACCEPTABLE at the start (or
|
||||
suffix, at the end) of your onion addresses, for all of your sites
|
||||
and CDNs, and write them all down. You may create 10, 20, or
|
||||
more. No ideas are bad ideas. Deduplicate them (e.g.: it's pointless
|
||||
to look for `nytimes` if you're already looking for anything
|
||||
beginning with `nyt`). Each additional prefix is nearly zero-cost,
|
||||
compared to the days, weeks, or months of time that your computers
|
||||
will spend in grinding their way through cryptography.
|
||||
|
||||
* Configure your software to search for all of these, for all of your
|
||||
sites, simultaneously. Set it running. Make sure to configure
|
||||
|
@ -73,9 +87,9 @@ strategy is follows:
|
|||
dealing with randomness here, and raw entropy is more creative than
|
||||
you'd ever imagine.
|
||||
|
||||
* There is also a vast amount of noise -- huge, enormous quantities
|
||||
of gibberish -- but that's okay, because `storage+grep` is cheaper
|
||||
than `encryption+wallclocktime`.
|
||||
* There is also a vast amount of noise -- huge, enormous quantities of
|
||||
gibberish -- but that's okay, because (again) `storage+grep` is
|
||||
mucg cheaper than `encryption+wallclocktime`.
|
||||
|
||||
* When we mined the Facebook onion address, the search-patterns were
|
||||
`^(facebook|fbcdn|fbsbx|...)` and a few others all in a single
|
||||
|
@ -103,6 +117,29 @@ strategy is follows:
|
|||
|
||||
Best of luck to you. :-)
|
||||
|
||||
## Converting your V3 onion addresses for EOTK
|
||||
|
||||
Tools like `mkp224o` save the keys they generate as three separate
|
||||
files: `hs_ed25519_public_key`, `hs_ed25519_secret_key`, and
|
||||
`hostname`; this is elegant but hard to manipulate, so EOTK creates
|
||||
its own standard for storing v3 onion addresses in the `secrets.d`
|
||||
folder.
|
||||
|
||||
If you are in a directory which contains the above-named three files,
|
||||
you can run a helper shellscript by using a command, something like:
|
||||
|
||||
```
|
||||
~/eotk/lib.d/rename-v3-keys-for-eotk-secrets.sh
|
||||
```
|
||||
|
||||
...which will safely create TWO files:
|
||||
|
||||
* `someverylongonionaddressinvolvingalotofbase32characterss.v3pub.key`
|
||||
* `someverylongonionaddressinvolvingalotofbase32characterss.v3sec.key`
|
||||
|
||||
...that can be moved into your `~/eotk/secrets.d/` folder, for EOTK to
|
||||
use when you run `eotk config ...`
|
||||
|
||||
## War Stories and Problems When Mining Onions
|
||||
|
||||
A long time ago I mined a bunch of test onion addresses for the New
|
||||
|
@ -131,9 +168,9 @@ rather than actual, `hostname` file during install; so it might not
|
|||
reflect reality if your V2 onion keys are thusly afflicted - for
|
||||
instance if your Onion site is 100% unreachable.
|
||||
|
||||
The way to test a **V2 Onion** address for this syndrome is to `cd`
|
||||
into `projects.d/.../foofoofoofoofoo.d/` and then **remove** the
|
||||
`hostname` file in that directory.
|
||||
The way to test a **V2 Onion** address for this syndrome is to
|
||||
`cd` into `projects.d/.../foofoofoofoofoo.d/` and then **remove**
|
||||
the `hostname` file in that directory.
|
||||
|
||||
Then do:
|
||||
|
||||
|
|
Ładowanie…
Reference in New Issue