Make Knots reachable over Tor on Windows, Mac, and Linux

Below are instructions (for the three main operating systems) for installing Tor and configuring Bitcoin Knots to be a “reachable” node. Confirm by looking up your node’s new .onion address from BitNodes.io). Click “Details” to expand the relevant section.


Windows (11)

#1. Launch PowerShell as Admininstrator, and enable scripts:

Set-ExecutionPolicy Bypass -Scope Process -Force

#2. Install Choco:

iwr https://community.chocolatey.org/install.ps1 -UseBasicParsing | iex

(shut down PowerShell, and re-launch again as Administrator)

#3. Install Tor Expert Bundle:

choco install tor -y

#4. Create the Tor service:

$torExe  = 'C:\ProgramData\chocolatey\lib\tor\tools\tor\tor.exe'
$torBase = 'C:\ProgramData\tor'
$torrc   = "$torBase\torrc"
New-Item -Force -ItemType Directory "$torBase\data" | Out-Null
Set-Content -Encoding ASCII $torrc @"
DataDirectory $torBase\data
ControlPort   9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1
"@
icacls $torBase /grant "NT AUTHORITY\LOCAL SERVICE:(OI)(CI)F" /T
& $torExe --service install --options -f $torrc
sc.exe config tor start= auto
sleep 20
$cookie = 'C:\ProgramData\tor\data\control_auth_cookie'
icacls $cookie /grant "$($env:USERNAME):(R)"

#5. Enable RPC Server:
From Bitcoin Knots, open Settings > Options
Check “Enable RPC server”, and click OK

#6. Configure Bitcoin Knots:
From Bitcoin Knots, open Settings > Options > Open Configuration File > Continue
Paste in:

torcontrol=127.0.0.1:9051
proxy=127.0.0.1:9050
listen=1
listenonion=1

(save)

#7. Shut down Knots and re-start it. Then grab your node’s new .onion address:
From Bitcoin Knots, open Window > Console and enter:

getnetworkinfo

And look under “localaddresses” for the .onion address


MacOS (Sequoia)

#1. Install Tor via Homebrew

brew install tor
brew services start tor

#2. Permit control-port access

sudo tee -a "$(brew --prefix)/etc/tor/torrc" >/dev/null <<'EOF'
ControlPort 9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1
EOF
brew services restart tor

#3. Enable RPC Server:
From Bitcoin Knots, open Settings > Options
Check “Enable RPC server”, and click OK

#4. Configure Bitcoin Konts
From Bitcoin Knots, open Settings > Options > Open Configuration File > Continue
Paste in:

proxy=127.0.0.1:9050
listen=1
listenonion=1

(save)

#5. Shut down Knots and re-start it. Then grab your node’s new .onion address:
From Bitcoin Knots, open Window > Console and enter:

getnetworkinfo

And look under “localaddresses” for the .onion address


Linux (Debian)

#1. Install & start Tor:

sudo apt update && sudo apt install tor -y
sudo systemctl enable --now tor

#2. Expose Tor’s control port (and make the cookie readable):

sudo tee -a /etc/tor/torrc >/dev/null <<'EOF'
ControlPort 9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1
EOF
sudo systemctl restart tor

#3. Give your login user access to the cookie, then log out/in once

sudo usermod -aG debian-tor $USER

(log out and back in to apply the change)

#4. Enable RPC Server:
From Bitcoin Knots, open Settings > Options
Check “Enable RPC server”, and click OK

#5. Tell Bitcoin Knots to use Tor:
From Bitcoin Knots, open Settings > Options > Open Configuration File > Continue
Paste in:

proxy=127.0.0.1:9050
listen=1
listenonion=1

(save)

#6. Shut down Knots and re-start it. Then grab your node’s new .onion address:

bitcoin-cli getnetworkinfo | grep ".onion"


I have been trying to follow your guide and setup knots on ubuntu. I had a working install of knots but when I went to #4 Enable RPC server my node hangs on exit and I have to reboot to recover this happens everytime not. What should I do?

That is strange. You don’t actually need to enable the RPC server (it is only needed for step 6 to use bitcoin-cli) Instead, you can get your .onion address a different way. After skipping step 4 and completing step 5:

Shut down Bitcoin Knots and restart it, then open Window > Console and enter:

getnetworkinfo

And look under “localaddresses” for the .onion address

Dear Paul!
Love your videos and topics here!
Anyway… I have sort of a noob question…
If i dont`t want to run my node over Tor. How do i go back from that? Is it just to remove everything in the bitcoin.conf file exept “server=1”, or do i have to do more?
Do i have to do any changes in Sparrow?
I run Ubuntu
Is privacy the only difference running over Tor or are there other benefits?

Thanks

Yes, reverting the bitcoin.conf changes is sufficient to stop knots from being reachable on Tor. There shouldn’t be any changes to Sparrow, although I didn’t cover Sparrow in my videos, so depends on how you connnected it. Since you posted this on the Windows/Mac/Linux thread, I assume you are just connecting Sparrow to bitcoin-qt on the same computer via localhost. Tor would not be a factor in that setup.

Thanks!
Yeah I thought that would be sufficient too, but it still says I am connected trought Tor when I search for it at bitnodes.io… Will it take some time to update? I did a reboot of the computer after changing the config file…

Hmm, I hadn’t really checked on caching, I suppose that is possible. With the listenonion and proxy configurations gone, it should not be reachable anymore.

I suppose you could always uninstall Tor if you aren’t using it for anything else:

sudo apt-get remove --purge tor

Then reboot again.

1 Like

Well, I uninstalled Tor and that certainly made a difference… Now it is not reachable when Im searching the IP (both IPV4/6).. But I believe it is still running OK tought.. Again, sorry for the newbie questions.. Im in the learning stage of node-running…