Torifying outgoing connections


#1

Hi,

Yunohost onion service works great for incoming connections. It would be nice to have some help on how to torify Yunohost apps so that outgoing connections are hidden too.

If I want to use an external onion service as the remote storage for my Yunohost backups, how can I torify Borgbackup in Yunohost?
-Of course, I would start by doing the first backup through the LAN, I look after the Tor network!

Any suggestion? Maybe @alb1 can guide us here?

Cheers!


#2

From my point of view it doesn’t work great. See the warning comments on the tuto:
https://yunohost.org/#/torhiddenservice_en

It’s dangerous especially if you mix tor onion service with normal domain on the same yunohost, don’t deactivate upnp or bonjour protocol.

If your instance is dedicated to be a full torify instance, it may be possible with a very good knowledge on tor and yunohost to do something good. But I think it’s quite difficult.

The idea should be to setuptor and make ip tablmes rules to force the use of tor like with the vpnclient app. You should check it doesn’t leak data at boot on the normal connexion (for example with wireshark).