Pi Zero Tor-Routed Access Point 📶

Published by Alicia's Notes 🚀, View original

Quick guide on creating an always-on Tor-routed secondary wireless access point on a Pi Zero

Set up the Pi

  1. Download and Extract Raspberry Pi OS Lite
  2. Flash the ISO onto a MicroSD Card, with Etcher or similar software
  3. Place a file called ssh into the boot dir (to allow for SSH access)
  4. Insert SD card into Pi, plug in the Ethernet and power it up
  5. Determine the IP of the new Pi with nmap, or in your router settings
  6. SSH into ssh pi@<ip>, the password is raspberry
  7. Change the password with: sudo passwd

Set up the Access Point

  1. Update packages, and get dependencies:
    sudo apt-get update
    sudo apt-get install iptables-persistent git

  2. Get Pi Hostpot setup script:
    git clone https://github.com/unixabg/RPI-Wireless-Hotspot.git

  3. Begin the Install Process
    cd RPI-Wireless-Hotspot
    sudo ./install
    The script will walk you through setting up a WiFi network, choosing a name, authentication type and password


Configure Tor

  1. Install Tor
    sudo apt-get install tor

  2. Configure
    sudo nano /etc/tor/torrc

    # Then enter the following at the bottom of the file
    Log notice file /var/log/tor/notices.log
    VirtualAddrNetwork 10.192.0.0/10
    AutomapHostsSuffixes .onion,.exit
    AutomapHostsOnResolve 1
    TransPort 9040
    TransListenAddress 192.168.42.1
    DNSPort 53
    DNSListenAddress 192.168.42.1
    # Save and exit
    
  3. Update IP Tables
    sudo iptables -F
    sudo iptables -t nat -F
    sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 22 -j REDIRECT --to-ports 22
    sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53
    sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040
    sudo sh -c iptables-save > /etc/iptables/rules.v4


Start Tor Service

  1. Start the Tor service
    sudo service tor start

  2. Check if it's running okay
    sudo service tor status

  3. Start tor on boot
    sudo update-rc.d tor enable

  4. Finally, reboot the device
    sudo reboot

Done!