How to set the username and password to use Tor?

hack3rcon · July 14, 2023, 10:42am

Hello,
If someone has the IP address and port of my Tor server, they can connect to it and get services.
How can I authenticate it?

Thank you.

championquizzer · July 14, 2023, 10:43am

hack3rcon · July 14, 2023, 10:50am

Hello,
Thank you so much for your reply.
Isn’t there something simpler like setting the username and password?

championquizzer · July 14, 2023, 10:59am

I think the simplest solution would be to setup a Onionshare (see: How OnionShare Works — OnionShare 2.6 documentation)

hack3rcon · July 14, 2023, 12:14pm

Hello,
Thanks again.
Please see the following image that I found via Google search:

proxycap-2

As you see, it has a Proxy require authentication option. The client must enter the username and password for using the proxy.
I want when someone enters the IP address of my Tor server to his\her browser proxy section to use it as a proxy server, then he\she must enter the username and password to use.

WofWca · July 15, 2023, 10:31pm

I believe the question is about limiting access to a Tor bridge (relay?), not an Onion service. With that said, firstly, I don’t know a direct solution, but:

I know that in order to use a Tor bridge you have to specify its fingerprint and certificate (see https://bridges.torproject.org/bridges/). But I don’t know whether this makes a bridge unusable if you don’t know these values beforehand. If it’s the case, then nobody can use your bridge by default, as long as BridgeDistribution is none.
I’m curious to know what your use case is, because it seems unrealistic to me that someone would want to scan random IPs to find a bridge just to use it, because why would you do that when you can just use one of the thousands of public Tor relays.

hack3rcon · July 16, 2023, 8:32am

Hello,
Thank you so much for your reply.
Consider a company that lunched a Tor server and by default if anyone enters the Tor server IP address and port, then he\she can use the proxy. I want to limit it.

hack3rcon · July 18, 2023, 8:29am

Hello,
How about the following lines?

Socks5ProxyUsername username
Socks5ProxyPassword password

atari · July 18, 2023, 12:33pm

Socks5Proxy host[:port]

Tor will make all OR connections through the SOCKS 5 proxy at host:port (or host:1080 if port is not specified).

Socks5ProxyUsername username

Socks5ProxyPassword password

If defined, authenticate to the SOCKS 5 server using username and password in accordance to RFC 1929. Both username and password must be between 1 and 255 characters.

These are used, when your Tor needs to connect through a proxy to reach the internet - not for Tor to provide a SOCKS-proxy.

hack3rcon · July 20, 2023, 4:02pm

Hello,
Thank you for your reply.
Why did the Tor not consider such a feature?