Anonymous File Sharing with OnionShare 2.0
OnionShare Settings
In most cases, no further configuration is required. In certain scenarios, however, you can check out the settings below the gear icon (Figure 4). For example, to run a permanently active OnionShare server, you need to enable Public mode and Use persistent address.
Public mode disables a measure that is actually fairly well established as a security function (see the "Slug Protection" box). The second option tells OnionShare to always use the same address. This setting affects privacy but does let you make a share or upload option accessible via OnionShare for a longer period of time. Setting both options is therefore recommended if you are setting up an upload server.
Slug Protection
In theory, an attacker could get to an OnionShare by simply trying out Onion addresses. The slug adds another hurdle. If the attacker tries to guess the attachment, OnionShare locks the door completely after a few unsuccessful attempts. However, attackers could use this as a DoS attack and kick OnionShare servers off the network in a targeted manner. To prevent this, the function can be completely deactivated via Public mode if required.
But if you want to provide data as a user, and only for a short time – or only for one person – the Use auto-stop timer and Stop sharing after files have been sent options can help. If you activate the timer, OnionShare will display a dialog when starting the service stating Stop the share at; you can now set a time at which OnionShare will automatically remove the share from the network. Alternatively, the program disables sharing as soon as a user has downloaded the files.
Conclusions
OnionShare is a practical tool even if you are not seeking protection from persecution as a whistle-blower. Without accounts, without commercial cloud services, and without any additional router configuration, you can easily exchange data with other network participants. Your own IP address remains hidden, as do the IP addresses of your contacts. The Tor client included in OnionShare and the Tor Browser with its privacy optimizations ensure that even inexperienced users will receive protection.
Infos
- Tor Project: https://www.torproject.org
- Tor Browser: https://www.torproject.org/download/
- OnionShare: https://onionshare.org
- Criticism of Tor: https://https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Weaknesses
- Tails: https://tails.boum.org
- Tor Onion Service Protocol: https://2019.www.torproject.org/docs/onion-services.html.en
- OnionShare building instructions: https://github.com/micahflee/onionshare/blob/master/BUILD.md#gnulinux
- Orbot for Android: https://play.google.com/store/apps/details?id=org.torproject.android&hl=de
- Changes in OnionShare 2: https://github.com/micahflee/onionshare/releases/tag/v2.0
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs