kopia lustrzana https://github.com/alecmuffett/eotk
commit: updated.
Alec Muffett
rodzic
8344ee81c1
commit
9448247091
|
|
@ -1,59 +1,73 @@
|
||||||
# Tips when mining Onion Addresses
|
# Tips when mining Onion Addresses
|
||||||
|
|
||||||
## for v2 and v3 onion addresses; updated 26 jun 2019
|
## For v3 onion addresses; updated 18 May 2021
|
||||||
|
|
||||||
* Copied from:
|
Hello from Alec - and congratulations! You are setting up an Onion
|
||||||
https://medium.com/@alecmuffett/tips-when-mining-onion-addresses-8eece14cbd95
|
site! And you want a vanity onion address! There is lots of software
|
||||||
|
out there that you can use to generate them!
|
||||||
|
|
||||||
Congratulations! You are setting up an Onion site! And you want a
|
## What do I use?
|
||||||
vanity onion address! There is lots of software out there that you can
|
|
||||||
use to generate them!
|
|
||||||
|
|
||||||
I'm not going to make strong software recommendations, because it's a
|
Some people mine onion addresses on local hardware for privacy and
|
||||||
matter of what you have at your disposal already, and what fits the
|
safety, whilst others are happy to rent a GPU-based compute-heavy
|
||||||
hardware that you have access to.
|
instance from AWS, or similar.
|
||||||
|
|
||||||
* for v2: Onions: `Scallion` (C# or Mono, GPU accelerated), `Shallot`,
|
I'm not going to make terribly strong software recommendations,
|
||||||
or `Eschalot`; go for the latest versions of each.
|
because it's a matter of what you have at your disposal already,
|
||||||
|
and what fits the hardware that you have access to.
|
||||||
|
|
||||||
* for v3 Onions: I have no idea of the standout tools, please check
|
In my case I have a small cluster of Raspberry Pi, and I use
|
||||||
back and/or suggest something in the comments
|
[`mkp224o`](https://github.com/cathugger/mkp224o) for mining with them.
|
||||||
|
I compiled the code manually, using
|
||||||
|
[the instructions](https://github.com/cathugger/mkp224o/blob/master/README.md)
|
||||||
|
and
|
||||||
|
[the tuning instructions](https://github.com/cathugger/mkp224o/blob/master/OPTIMISATION.txt)
|
||||||
|
to build something suitable for me.
|
||||||
|
|
||||||
Some people mine onion addresses on local hardware for safety, others
|
If you are looking for a really meaningful, long-prefix onion address
|
||||||
are happy to rent a GPU-based compute-heavy instance from AWS, or
|
up front, you will have to expend a lot of money and CPU-time in order
|
||||||
similar.
|
to find one. This is why the next section is really important in
|
||||||
|
order to get the most "bang for your buck".
|
||||||
|
|
||||||
|
## How do I best approach this challenge?
|
||||||
|
|
||||||
If you're setting up multiple onions for your site -- eg: if there is
|
If you're setting up multiple onions for your site -- eg: if there is
|
||||||
one/more CDNs associated with your site, it is nice to set up vanity
|
one/more CDNs associated with your site, it is nice to set up vanity
|
||||||
onions for them, too; partly for "cute" but also to stop yourself
|
onions for them, too; partly for "cute" but also to stop yourself
|
||||||
going crazy during debugging.
|
going crazy during debugging.
|
||||||
|
|
||||||
For instance, the NYT onion is https://www.nytimes3xbfgragh.onion/ and
|
For instance, the (defunct, V2) NYT
|
||||||
their CDN Onion is https://graylady3jvrrxbe.onion/
|
onion was https://www.nytimes3xbfgragh.onion/ and their CDN
|
||||||
|
onion was https://graylady3jvrrxbe.onion/
|
||||||
|
|
||||||
Similarly there exist https://www.facebookcorewwwi.onion/ and
|
Similarly there were
|
||||||
https://fbcdn23dssr3jqnq.onion/
|
https://www.facebookcorewwwi.onion/ and
|
||||||
|
https://fbcdn23dssr3jqnq.onion/ for Facebook.
|
||||||
|
|
||||||
* Perhaps use your CDN Onion to reflect your own history and
|
Ask yourself now: perhaps use your CDN Onion to reflect your own
|
||||||
site/brand culture?
|
history and site/brand culture? Perhaps you can mine several onion
|
||||||
|
addresses at the same time, even speculatively?
|
||||||
|
|
||||||
Onion mining is a matter of luck and resource, and
|
Onion mining is a matter of luck and expensive resource, and
|
||||||
(counterintuitively?) the rarest resource that you have, is time, as
|
(counterintuitively?) the rarest resource that you have, is time
|
||||||
measured by your wall clock.
|
as-measured by your wall clock.
|
||||||
|
|
||||||
Therefore, if you are mining onions for a lot of sites, the best
|
Therefore, if you are mining onions for a lot of sites, the best
|
||||||
strategy is follows:
|
strategy is follows:
|
||||||
|
|
||||||
* Have breakfast and some tea or coffee. Try to get into a creative
|
* Have breakfast and some tea or coffee. Try to get into a creative
|
||||||
mood.
|
mood. You are making an investment of time *now* to save yourself
|
||||||
|
time and effort, later.
|
||||||
|
|
||||||
* Sit down, open a document, and try to think inclusively of every
|
* Sit down, open a document, and try to think inclusively of EVERY
|
||||||
possible prefix that you might ever find acceptable at the start (or
|
POSSIBLE PREFIX THAT YOU MIGHT EVER FIND ACCEPTABLE at the start (or
|
||||||
finish) of your onion addresses, for all of your sites, and write
|
suffix, at the end) of your onion addresses, for all of your sites
|
||||||
them all down. You may create 10, 20, or more. No ideas are bad
|
and CDNs, and write them all down. You may create 10, 20, or
|
||||||
ideas. Deduplicate them (eg: it's pointless to look especially for
|
more. No ideas are bad ideas. Deduplicate them (e.g.: it's pointless
|
||||||
`nytimes` if you are already happy to have anything beginning with
|
to look for `nytimes` if you're already looking for anything
|
||||||
`nyt`)
|
beginning with `nyt`). Each additional prefix is nearly zero-cost,
|
||||||
|
compared to the days, weeks, or months of time that your computers
|
||||||
|
will spend in grinding their way through cryptography.
|
||||||
|
|
||||||
* Configure your software to search for all of these, for all of your
|
* Configure your software to search for all of these, for all of your
|
||||||
sites, simultaneously. Set it running. Make sure to configure
|
sites, simultaneously. Set it running. Make sure to configure
|
||||||
|
|
@ -73,9 +87,9 @@ strategy is follows:
|
||||||
dealing with randomness here, and raw entropy is more creative than
|
dealing with randomness here, and raw entropy is more creative than
|
||||||
you'd ever imagine.
|
you'd ever imagine.
|
||||||
|
|
||||||
* There is also a vast amount of noise -- huge, enormous quantities
|
* There is also a vast amount of noise -- huge, enormous quantities of
|
||||||
of gibberish -- but that's okay, because `storage+grep` is cheaper
|
gibberish -- but that's okay, because (again) `storage+grep` is
|
||||||
than `encryption+wallclocktime`.
|
mucg cheaper than `encryption+wallclocktime`.
|
||||||
|
|
||||||
* When we mined the Facebook onion address, the search-patterns were
|
* When we mined the Facebook onion address, the search-patterns were
|
||||||
`^(facebook|fbcdn|fbsbx|...)` and a few others all in a single
|
`^(facebook|fbcdn|fbsbx|...)` and a few others all in a single
|
||||||
|
|
@ -103,6 +117,29 @@ strategy is follows:
|
||||||
|
|
||||||
Best of luck to you. :-)
|
Best of luck to you. :-)
|
||||||
|
|
||||||
|
## Converting your V3 onion addresses for EOTK
|
||||||
|
|
||||||
|
Tools like `mkp224o` save the keys they generate as three separate
|
||||||
|
files: `hs_ed25519_public_key`, `hs_ed25519_secret_key`, and
|
||||||
|
`hostname`; this is elegant but hard to manipulate, so EOTK creates
|
||||||
|
its own standard for storing v3 onion addresses in the `secrets.d`
|
||||||
|
folder.
|
||||||
|
|
||||||
|
If you are in a directory which contains the above-named three files,
|
||||||
|
you can run a helper shellscript by using a command, something like:
|
||||||
|
|
||||||
|
```
|
||||||
|
~/eotk/lib.d/rename-v3-keys-for-eotk-secrets.sh
|
||||||
|
```
|
||||||
|
|
||||||
|
...which will safely create TWO files:
|
||||||
|
|
||||||
|
* `someverylongonionaddressinvolvingalotofbase32characterss.v3pub.key`
|
||||||
|
* `someverylongonionaddressinvolvingalotofbase32characterss.v3sec.key`
|
||||||
|
|
||||||
|
...that can be moved into your `~/eotk/secrets.d/` folder, for EOTK to
|
||||||
|
use when you run `eotk config ...`
|
||||||
|
|
||||||
## War Stories and Problems When Mining Onions
|
## War Stories and Problems When Mining Onions
|
||||||
|
|
||||||
A long time ago I mined a bunch of test onion addresses for the New
|
A long time ago I mined a bunch of test onion addresses for the New
|
||||||
|
|
@ -131,9 +168,9 @@ rather than actual, `hostname` file during install; so it might not
|
||||||
reflect reality if your V2 onion keys are thusly afflicted - for
|
reflect reality if your V2 onion keys are thusly afflicted - for
|
||||||
instance if your Onion site is 100% unreachable.
|
instance if your Onion site is 100% unreachable.
|
||||||
|
|
||||||
The way to test a **V2 Onion** address for this syndrome is to `cd`
|
The way to test a **V2 Onion** address for this syndrome is to
|
||||||
into `projects.d/.../foofoofoofoofoo.d/` and then **remove** the
|
`cd` into `projects.d/.../foofoofoofoofoo.d/` and then **remove**
|
||||||
`hostname` file in that directory.
|
the `hostname` file in that directory.
|
||||||
|
|
||||||
Then do:
|
Then do:
|
||||||
|
|
||||||
|
|
|
||||||
Ładowanie…
Reference in New Issue