deeplow

## split-tor-qubes.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                deeplow
                / split-tor-qubes.md
            
            
              Last active
              July 8, 2025 12:13
            
              
                Split-tor via qubes.ConnectTCP
              
          
    qubes needed:

sd-tor (networked app qube) - where tor client runs
sd-proxy (vault app qube or disposable)  - where sd proxy runs

Instructions:

sd-tor Start arti proxy tor and (optinally) setup authenticated onion address credentials
dom0: Create a new RPC policy with

qubes.ConnectTCP +9150	sd-proxy	@default	allow target=@sd-tor

  
## arti-onion-service.md

      
              1 file
            
          
              0 forks
            
          
                1 comment
              
            
              0 stars
            
          
                deeplow
                / arti-onion-service.md
            
            
              Created
              July 8, 2025 11:29
            
              
                Getting Arti to connect to Restricted Discovery Onion Service (authenticated onion)
              
          
    I couldn't find step by step instructions on how to do this, but after a bit of experimenting, this is how I got it working.

Please note: There is also a way to add keys generated in the ctor format (for that you'll need to look into arti.toml, specifically [[storage.keystore.ctor.clients]]), but I didn't manage to get this working.


Obtain arti's source code and cd into it
Generate a new client key

cargo run -p arti --all-features -- hsc key get --generate=if-needed --output - `
# the key gets stored on ~/data/keystore/client/<onion_address_without_TLD_OR_nickname>/ks_hsc_desc_enc.x25519_private