“Securely” generate Custom or Vanity .onion on VPS (Debian/Ubuntu/CentOS)

Word of warning: if you’re using a VPS service, such as Vultr, they may allow you to overclock your CPU which may be a terms of service violation as you’re using shared resources. On our first trial run, the CPU hit 1000% which may get you banned. Even on a dedicated instance we still hit 800% CPU usage. Final run hit 4000% on a 24x CPU instance, which, according to Vultr support, should max out at 2400% CPU usage.

Vultr cpu maximum usage

Security: since the private key is very, very private, you’ll want to use a server with a SATA drive, rather than an SSD, so you can wipe the drive when you’re finished.

Install Shallot .onion tor address generator on Debian & Ubuntu

On Debian 8 install libssl-dev.

1
apt-get install libssl-dev

# install git & make, and gcc

1
apt-get install git make gcc

# clone Shallot

1
git clone https://github.com/katmagic/Shallot.git

# enter the Shallot director

1
cd Shallot

# configure and make shallot

1
./configure && make

Install Shallot .onion tor address generator on CentOS

On CentOS 6 or 7 install openssl-devel.

1
yum install openssl-devel

# install git & make, and gcc

1
yum install git make gcc

# clone Shallot

1
git clone https://github.com/katmagic/Shallot.git

# enter the Shallot director

1
cd Shallot

# configure and make shallot

1
./configure && make

Running Shallot on your VPS

Note: press Ctrl + C to cancel generating an address at any time.

Running Shallot vanity tor address generator on a VPS

Now you can run shallot like this example:

1
./shallot ^test

IMPORTANT: if you’re generating addresses more than 4 characters long, you’ll want to use an output file. The following command will write the private key to a file when it’s finished. This is because if the address takes a long time to generate, you can come back to your server later when it’s finished.

If you lose connection without cancelling Shallot first, log back into your server and reboot it. VPS providers will be very unimpressed if you use 1000% of CPU power for a few hours.

1
./shallot ^test > address.txt

The scrip will go about its work. When it’s finished cat the contents of address.txt

1
cat ~/Shallot/address.txt

Example output:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
-----------------------------------------------------------------
Found matching domain after 2688255 tries: testf46n4iedaarq.onion
-----------------------------------------------------------------
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQC/TBokM3NXE+vTsJV+nTae1GTsr4/mwnHn6KxkWKWMZ4dvaV/B
EDqzfdJztQ5BylB37/N9nEAUuB0l9we4t1NEypine/uTmdEenJdy1zUrBA7sIRvS
gNJc2LzM5oY2HFqSp/LgJ/mYgdWGAxAYOjhsD0E4+GNa69+Gd3Squ/ro8QIDC7Gx
AoGALDSRySHbhHC9KQf8A+CKnOzLnjQXgFK6+X8bHnJiPtNjDCpCVXzNFQl/LcJl
Rauv//8/Y5dnrktAIMS1cCyoGfkBUNzlraZgGsRpnMkf3CU0GgxWTzGbAcPLJ9Zq
rqmntLGMs9SPEokxSBHLCF4WkQY94KtPfJ11AlaWp7kf03UCQQDgdBaq+/eDzgTh
yYaqhIYAIjNN5hApX/qn1yTVd/dw3wAq8fSjG6zApFJoZjqlgRBZ592HZAgU1Kev
GCctt7ZFAkEA2i8K3Sc5c+40/IkobJML0aeg40azjfo/mJvrc/q2FgodqGGKB4Jc
e09SBN7BR+7Kc9v9vFo4/feWzS9NBVV4vQJAQAgdmhtJGpZ/JHpPyALOHJ+hZiIC
AlOnRv9cMcB5rY4PfyY2KGUcV4KlXY8DHA6JtfPXVaqSeoaUTD/k1QjS9QJAC4IA
xf8L5o2LC9U353lCPz4MhQb6QN111w0tBbD4Lc3oCxMGrr5M1MVaE3MsZQU8pkbp
GNTWwraPf7WtNuMcuQJADCAO4Z5kXL5tUP4m2JRPIOAkiSa284iso736DcMBAP/3
+xIFaioKgFfOkvfCV/J8zbCFmGPE8NtdATDqQmx32Q==
-----END RSA PRIVATE KEY-----

Secure erasing the file when you’re finished.

If you’re using a SATA drive, first install secure-delete

Debian/Ubuntu:

1
apt-get install secure-delete

CentOS 6 or 7:

1
yum install srm


Then securely delete the file with srm

1
srm address.txt

The following command will help wipe a SATA disk driver. It will create a new file called nosuchfile and fill it with “zeros” until it fills the drive up completely and then it will delete the file.

Run this 5-6 times to be sure:

1
cat /dev/zero >nosuchfile; rm nosuchfile

If you chose a big server, you may have to wait a long time for the drive to wipe completely.


As per Shallot’s readme page,

“Time to Generate a .onion with a Given Number of Initial Characters on a 1.5Ghz Processor”

characters time to generate (approx.)
1 less than 1 second
2 less than 1 second
3 less than 1 second
4 2 seconds
5 1 minute
6 30 minutes
7 1 day
8 25 days
9 2.5 years
10 40 years
11 640 years
12 10 millenia
13 160 millenia
14 2.6 million years

 

One thought on ““Securely” generate Custom or Vanity .onion on VPS (Debian/Ubuntu/CentOS)”

Leave a Reply

Your email address will not be published. Required fields are marked *