Tor - little-t-tor homebrew installation on mac Apple M1 Pro chip

Support Core Tor
1

Hello,

My first post on the forum and I’m fairly new getting to grips with tor on linux and macOS.

I currently have tor running well on an Intel macOS set up, to provide a hidden service for another application.

I tried to follow the same set up, i.e: install through homebrew and use the same ports and torrc config data, however, I have not yet been succesfull in getting tor to play nice with the application via controlport.

brew services list seems to indicate tor has started, with the output

tor started mymachine ~/Library/LaunchAgents/homebrew.mxcl.tor.plist

… but I’m not sure.

when I try to monitor traffic via nyx, for example, terminal spits,

Unable to connect to tor. Are you sure it’s running?

my torrc file looks like this:

ClientOnionAuthDir /Users/mymachine/Library/Application Support/TorBrowser-Data/Tor/onion-auth
ControlPort 9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1
DataDirectory /usr/local/etc/tor
GeoIPFile /Applications/Tor Browser.app/Contents/Resources/TorBrowser/Tor/geoip
GeoIPv6File /Applications/Tor Browser.app/Contents/Resources/TorBrowser/Tor/geoip6
SOCKSPort 9050
Log notice stdout
HiddenServiceDirectory /usr/local/etc/tor/myhiddenservice/
HiddenServicePort 8080 127.0.0.1:8080

at the moment, I’m just trying to try different troubleshooting, namely,

  1. checked permissions on directories
  2. try different directory locations
  3. trying different ports
  4. reinstalling with brew

but nothing seems to give.

If there is any general resources for how to troubleshoot,
or if there are any hints about how Intel and M1 architecture differs, I’d highly appreciate any information.
Guessing that M1 might still be largely unsupported, but was just hoping that someone might have some experience to compare with.

Also. It had crossed my mind that already running tor on another machine on local network could cause problems. But again, I’m unsure.

Also, I’ve been looking for an alternative to Basez that I used on Linux to encode the privatekey into base32, but seem to have difficulty on macOS. Was wondering if anyone has experience with public/private key authentication, hostname / onion-auth files on macOS.

If any pointers greatly appreciated in advance!

2

Could you try to change the Log line to be sending information to syslog instead of stdout and see if anything shows up in your system logging service? I believe on modern macOS that syslog entries show up in the file /private/var/log/system.log, but I’m not 100% sure. Another option could be /var/log/system.log

Currently, none of the team members of the Network Team (the team that writes Tor) have access to M1 Mac’s, so it’s difficult for us to test the described setup, but we can try to help you debug it through. Aarch64 is a supported architecture though, so I cannot think of anything related to the CPU that should cause any of this to not work.

We need to get Tor’s logging system working first though for us to figure out what is happening :slight_smile:

1 Like
3

Thanks for the reply!

I swapped stdout for syslog in torrc and after trying to start and stop tor with brew services start,
brew services stop commands /private/var/log/system.log outputs:

Nov 17 21:20:14 mymachine login[11036]: USER_PROCESS: 11036 ttys000
Nov 17 21:26:04 mymachine login[11091]: USER_PROCESS: 11091 ttys001
Nov 17 21:28:48 mymachine login[11409]: USER_PROCESS: 11409 ttys002
Nov 17 21:29:04 mymachine syslogd[115]: ASL Sender Statistics
Nov 17 21:29:47 mymachine login[11588]: USER_PROCESS: 11588 ttys003
Nov 17 21:29:54 mymachine login[11588]: DEAD_PROCESS: 11588 ttys003
Nov 17 21:39:04 mymachine syslogd[115]: ASL Sender Statistics
Nov 17 21:49:04 mymachine syslogd[115]: ASL Sender Statistics
Nov 17 21:59:04 mymachine syslogd[115]: ASL Sender Statistics
Nov 17 22:09:04 mymachine syslogd[115]: ASL Sender Statistics
Nov 17 22:19:04 mymachine syslogd[115]: ASL Sender Statistics
Nov 17 22:28:18 mymachine login[11091]: DEAD_PROCESS: 11091 ttys001
Nov 17 22:28:23 mymachine login[11409]: DEAD_PROCESS: 11409 ttys002
Nov 17 22:28:24 mymachine login[11036]: DEAD_PROCESS: 11036 ttys000
Nov 17 22:29:04 mymachine syslogd[115]: ASL Sender Statistics
Nov 17 22:39:04 mymachine syslogd[115]: ASL Sender Statistics
Nov 17 22:39:21 mymachine login[14355]: USER_PROCESS: 14355 ttys000
Nov 17 22:40:36 mymachine login[14544]: USER_PROCESS: 14544 ttys001
Nov 17 22:40:45 mymachine login[14579]: USER_PROCESS: 14579 ttys002

when attempting to stop/start I tried putting the config files in various directories. I was going to append more info on my directory setup/config files, but I’ll leave it at this for the moment.

4

Just wanted to say thanks for your help. Seems to be solved.

Problem seemed to be related to setting correct paths.
Previously on Intel, DataDirectory and HiddenServiceDir paths were

/usr/local/tor

I just needed to change to:

DataDirectory /opt/homebrew/etc/tor
HiddenServiceDir /opt/homebrew/etc/tor/myhiddensrvice/

That showed error after starting with brew start tor
Then had to:

sudo chmod -R u+rwX,og-rwx /opt/homebrew
sudo chown -R mymachinename: /opt/homebrew

after that statrting the service was fine.

control_auth_cookie is generated in the DataDirectory
and the onion_v3_private_key generated in /Volumes/datadir/data/ (my hidden service datat dir)

tail -f /Volumes/datadir/data/debug.log | grep tor

021-11-20T03:47:08Z torcontrol thread start
2021-11-20T03:47:08Z tor: Got service ID xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx advertising service xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion:8333

/Volumes/datadir/data/debug.log

Still wondering how, and in which directories the authorization takes place.
I guess that’s ther DataDirectory at /opt/homebrew/etc/tor where:
control_auth_cookie
lock
cached-certs
are generated?

/opt/homebrew/etc/tor/keys
/opt/homebrew/etc/tor/myhiddenservice/authorized_client

/TorBrowser-Data/Tor/keys
/TorBrowser-Data/Tor/onion-auth

directories seem to always be empty on both Intel and M1.
Is that because not being logged in as root or nothing is generated.

Not sure if it’s because Tor Browser is the latest version on the M1,
but the directory is also capitalized ‘Tor’ as opposed to little-t-‘tor’ on the Intel.

Just wanted to point that out, could be overlooked in torrc if copying over.

1 Like