Quick guide on creating an always-on Tor-routed secondary wireless access point on a Pi Zero
Set up the Pi
- Download and Extract Raspberry Pi OS Lite
- Flash the ISO onto a MicroSD Card, with Etcher or similar software
- Place a file called
ssh
into the boot dir (to allow for SSH access) - Insert SD card into Pi, plug in the Ethernet and power it up
- Determine the IP of the new Pi with nmap, or in your router settings
- SSH into ssh
pi@<ip>
, the password israspberry
- Change the password with:
sudo passwd
Set up the Access Point
Update packages, and get dependencies:
sudo apt-get update
sudo apt-get install iptables-persistent git
Get Pi Hostpot setup script:
git clone https://github.com/unixabg/RPI-Wireless-Hotspot.git
Begin the Install Process
cd RPI-Wireless-Hotspot
sudo ./install
The script will walk you through setting up a WiFi network, choosing a name, authentication type and password
Configure Tor
Install Tor
sudo apt-get install tor
Configure
sudo nano /etc/tor/torrc
# Then enter the following at the bottom of the file Log notice file /var/log/tor/notices.log VirtualAddrNetwork 10.192.0.0/10 AutomapHostsSuffixes .onion,.exit AutomapHostsOnResolve 1 TransPort 9040 TransListenAddress 192.168.42.1 DNSPort 53 DNSListenAddress 192.168.42.1 # Save and exit
Update IP Tables
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 22 -j REDIRECT --to-ports 22
sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040
sudo sh -c iptables-save > /etc/iptables/rules.v4
Start Tor Service
Start the Tor service
sudo service tor start
Check if it's running okay
sudo service tor status
Start tor on boot
sudo update-rc.d tor enable
Finally, reboot the device
sudo reboot
Done!