content/news/2016-09-18-resurrecting-tor-2.md

   1 ---
   2 Title: Resurrecting Tor, continued
   3 Author: christel
   4 Date: 2016-09-18T20:18+01:00
   5 Slug: tor-online
   6 ---
   7
   8 Following an embarrassingly long period of no Tor support, we [recently
   9 blogged](news/2016-09-05-tor-sasl) about resurrecting Tor.
  10
  11 As of today, Tor users can once more connect to freenode over Tor; the hidden
  12 service address is
  13
  14     freenodeok2gncmy.onion
  15
  16 The hidden service requires SASL authentication, as before. In addition, due to
  17 the abuse that led Tor access to be disabled in the first place, we have
  18 unfortunately had to add another couple of restrictions:
  19
  20 - You must log in using SASL's `EXTERNAL` or `ECDSA-NIST256P-CHALLENGE` (more
  21         below)
  22 - If you log out while connected via Tor, you will not be able to log in without
  23         reconnecting.
  24
  25 If you haven't set up the requisite SASL authentication, we recommend SASL
  26 EXTERNAL. You'll need to generate a client certificate:
  27
  28     openssl req -x509 -sha256 -new -newkey rsa:4096 -days 1000 -nodes -out freenode.pem -keyout freenode.pem
  29
  30 and consult your IRC client's documentation to find out how to use it to
  31 connect. Connect to freenode over TLS on the plain Internet and `/msg NickServ
  32 CERT ADD` to authorise it to your account.
  33
  34 You'll then want to tell your client to try the `EXTERNAL` mechanism. We lack
  35 comprehensive documentation for this, but it's a feature in most modern
  36 clients—check their docs for instructions for now.
  37
  38 It's currently not possible to register an account for use with Tor without
  39 connecting at least once over the Internet. We're investigating our options, and
  40 would like to provide a solution to this in the future.