Jump to: navigation, search

Hidden Services Guides


Whonix handles the anonymity aspect safely and transparently allowing you to concentrate on running and managing your service.

Here are guides for some interesting use cases.

To make your service better known you can list it on ahmia.fi - a public directory of Onion sites that works closely with the Tor Project.


Some very useful info on scaling Onion sites was recently published in an article series on the Tor blog. [1]

For making a production level Onion mirror of you clearnet site, look over some tips.


Project main site

Install Guide from GlobaLeaks third party repository

This is a guide to help you set up your own secure and anonymous whistle blowing platform. Note that this is a standalone node and not part of a network, although you can optionally list yourself in the Leaks Directory.

To decide between GlobaLeaks and SecureDrop read this detailed comparison written by a Tor Project developer.


SecureDrop is another widely used whistle-blowing platform installed at many news organizations. To set it up please refer to the official guide. To use SecureDrop as a source, refer to this documentation and for using SecureDrop as a journalist go here. For general information and project code go to their main Github page.

If you are a news or whistle-blowing site operator you may be interested in having your Hidden Service address listed at the Freedom of The Press Foundation.


For a private and anonymous DropBox alternative you can run Sparkleshare as a Hidden Service. To ensure that only you and the intended parties can access the service you need to set up Hidden Service Authentication, see instructions.


Secure Shell is the dominant protocol for secure remote login and system administration. It is a critical component of server and internet infrastructure. Recent revelations from the Snowden documents and further analysis[2] has uncovered weaknesses in some of the included cipher-suites, allowing abuses by resourceful Nation-State adversaries. If you run SSH in this day and age, it should be done from behind a Tor Hidden Service.


  • Protection by Tor
  • Robust access control provided by Hidden Services authentication[3]
  • NAT traversal
  • No need for services like DynDNS

1. Setup Hidden Service Authentication

2. Run SSH like normal or follow this guide if you are a beginner


Stormy is a simple Hidden Service blog setup script. The developer hopes to have it packaged for Debian at some point. You can see it on Github.

See Also[edit]


  1. https://blog.torproject.org/blog/cooking-onions-finding-onionbalance
  2. https://stribika.github.io/2015/01/04/secure-secure-shell.html
  3. Shields SSH from brute-force attacks and exploit attacks against the SSH server daemon.

Random News:

Don't mind having your name connected to Whonix? Follow us. Twitter / Facebook / g+

Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+
This is a wiki. Want to improve this page? Help welcome, volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation. Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.