The technical name for these "onion endpoints" are called "Tor hidden services" .
They basically are TCP sockets. But without IP underneath them. Or you could compare them to a socket file on Unix.
The stock config file for tor has instructions in the config file. But if I recall right you make a directory and then you declare that directory as a hidden service dir in the config and it will generate a key pair there the next time you restart.
The public key is reduced by an equation that is kind of a hybrid between a hash and base64 encoding to a typeable string which will become your .onion address.
You don't get to choose the onion address in advance. You get what you get and you can retry as many times as you like.
You also add a line in the config for what ports should be open on this host and where it should forward the connections to. It has to forward the connections to a TCP port. Services have to bind to a localhost IP or some other IP.
Typically you would use localhost 22 or 80. There's genuinely no point in forwarding it to localhost 443 because you can't get a cert for a .onion address, and the fact that the traffic routes to you at all is proof of your authenticity. But you can probably also forward it to a public IP somewhere else on the internet or something on your local lan.
Once your local tor service is up with the hidden service config installed anyone in the world can interact with your hidden service by its .onion address.
It doesn't matter if they have routeability to you or you to them. But if they can reach a handful of tor nodes those nodes will forward onto you, without even knowing exactly where you are.
Tor hidden services basically create a globally reputable, unique namespace for hosts completely independent of IP addresses.
Cheers!
On Fri, Jan 30, 2026, 16:58 David Nicol [email protected] wrote:
On Wed, Jan 28, 2026 at 9:44 AM Jonathan Hale [email protected] wrote:
since Luke-Jr was part of our club but hasn't actually been seen in a meeting since shortly before Gerald (Combs) moved to California
Ha. I worked for employers with both of those guys. FWIW, we also had a moment of silence for Oren Beck at the meeting.
There was discussion of creating Onion endpoints -- all the instructions regarding those I found (in a rather shallow search) were concerned with HTTP endpoints. What libraries (C or other) does one need to include to create a generic Onion endpoint, without presuming any kind of purpose for it? I understand you get a thin bidirectional stream, semantically similar to accepting a connection on a TCP socket. Am I correct?
· Distributed filesystem ideas, David Nicol walked us through his concept for a distributed file system. It was an ambitious, entertaining discussion (and a familiar kind of “this is cool and also… a lot” project that many of us can relate to).
not just file systems -- arbitrary blobs, including a simple file system abstraction and a general purpose "list of lists of typed scalars" abstraction too, the intended use case for the Content-Addressable Paged Table is public ledgers.
Ledgers.
-- "Plot complication appearing on sensors now" _______________________________________________ KCLUG mailing list -- [email protected] To unsubscribe send an email to [email protected] https://kclug.org/mailman3/postorius/lists/kclug.kclug.org/