How to Host A Monero Node on Tor in Linux

Monero is the current gold standard for a private cryptocurrency. Unlike Bitcoin, it allows you to easily and seamlessly transact value online without any visible record in the Monero blockchain, so users often prefer Monero in transactions where they want to be anonymous. Here we show you how to install a Monero node, setting it up to broadcast over Tor and connecting it through a mobile wallet.

Why Host Your Own Monero Node

One issue with Monero is that, if you are using it through a mobile wallet, you can expose your current location with your IP address. Not only that, but it is also possible for a malicious node operator to snoop into your transactions if you do not use your own node.

One way to deal with this issue is by hosting your own Monero node through Tor. Similar to hosting a hidden website, doing this will make sure that any connection you make is private and that you can host your node even in a CG-NAT network.

Installing a Monero Node

Before you can install Monero, you need to make sure that you have the following resources available and ready:

  • Machine that is constantly connected to the Internet. This could either be an old PC in your home or VPS that you are currently renting.
  • Ample amount of hard disk space and memory on your machine. For the most part, a 1TB hard disk and 8GB of RAM should be enough to hold the entire Monero blockchain.
  • Root access to your machine, as installing a Monero node will require you to configure and modify system files.

This tutorial was created on a Ubuntu 22.04.1 LTS machine, though the steps for other LInux distributions are similar.

Obtaining Monero

Obtain a copy of Monero’s latest binaries. By default, the current version of both the Monero daemon and client are not available as installable packages in apt.

  1. Download a copy of the latest binary from the developer’s website with the following command:
Monero Node Tor Linux 04 Downloading Node
  1. Create a new directory to extract and run the Monero daemon:
mkdir monero && cd monero
  1. Extract the Monero archive to your new directory:
tar xvf ./monero-linux-x64-v0.18.1.2.tar.bz2 && cd ./monero-linux-x64-v0.18.1.2
Monero Node Tor Linux 05 Unpacking Node

Synchronizing Your Monero Node

You will find a number of binaries in your “monero” directory. To initialize the daemon, run the following command:

Monero Node Tor Linux 06 Syncing Node

This command will create all the necessary files and folders for Monero on the current user’s home directory, cleanly detach itself from the currently active terminal process and quietly synchronize in the background.

In most cases, synchronizing with the Monero blockchain can take one to three days, as the block verification process for this blockchain is CPU intensive. For example, my Core2Duo machine took four days to fully synchronize with the network.

Monero Node Tor Linux 07 Node Done

Installing Tor and Creating a Hidden Service

Once you have a properly running node, start configuring it to work over the Tor network.

  1. Install Tor along with its utilities:
sudo apt install tor torsocks
Monero Node Tor Linux 08 Installing Tor
  1. Create a new hidden service entry for your Monero node by editing your “/etc/tor/torrc” file using your favorite text editor:
  1. Find the section in the configuration file for hidden services by pressing Ctrl + W, then typing “HiddenServiceDir.”
Monero Node Tor Linux 09 Hiddenservicedir
  1. Add a new service directory and port to allow Tor to pass any listening programs in the local machine to the Tor network by adding the following lines of code on your “/etc/tor/torrc” file:
HiddenServiceDir /var/lib/tor/monero/
HiddenServicePort 18081
Monero Node Tor Linux 10 Inserting Monero Node Details
  1. Restart the Tor daemon to apply your new settings:
sudo systemctl restart tor

Configuring Your Node to Use Tor

  1. Make sure the Monero daemon is completely stopped by running the following commands:
cd /home/$USER/monero/monero-linux-x64-v0.18.1.2
./monerod stop_daemon
Monero Node Tor Linux 12 Restart Monero Daemon
  1. Create and edit your daemon’s configuration file:
nano /home/$USER/.bitmonero/bitmonero.conf
  1. Add the following lines of code to your configuration file:
  • Both the “rpc-bind-ip” and “rpc-bind-port” options tell the Monero node where to broadcast its service. In this case, you are telling it to broadcast all interfaces in port 18081.
  • The “restricted-rpc” option tells the node to require a password whenever a client attempts to connect to it.
  • The “rpc-login” sets the username and password for this Monero node. In my case, I am setting the username to “ramces” and the password to “averysecurepassword.”
  • The “no-igd” value tells the node to disable UPnP, which prevents your node from accidentally broadcasting its real IP address over the Internet.
Monero Node Tor Linux 13 Configure Rpc Daemon
  1. Save your configuration file by pressing Ctrl + O then Ctrl + X. Restart your daemon by running ./monerod --detach.

With your node up and running over the Tor network, test it by pairing it with a mobile wallet. By default, the developers of Monero designed their cryptocurrency to be as modular as possible, making it easy to link multiple wallets together to a single node that provides all the blockchain data.

  1. Download a mobile wallet. In my case, I will use Monerujo, as it supports Tor connections by default.
Monero Node Tor Linux 14 Monerujo Playstore Install
  1. Install a Tor client for your device. For this, you can download Orbot from the Play Store.
Monero Node Tor Linux 15 Orbot Install
  1. Open Orbot and click the “Tor-Enabled Apps” button on the bottom center of the screen.
Monero Node Tor Linux 16 Add App To Orbot
  1. Scroll through the list of your applications and tick the checkbox under Monerujo.
Monero Node Tor Linux 17 Monerujo Checkbot Orbot
  1. Go back to the previous screen and click the “START” button. This will create a small VPN that forces Monerujo to connect to the Internet using Tor.
Monero Node Tor Linux 18 Start Orbot

Connecting Monerujo to Your Tor Node

Once Monerujo is using the Tor network, you can link your Tor-only Monero node to your mobile wallet.

  1. Open the Monerujo app and click the “Network” section.
Monero Node Tor Linux 19 Select Network Monerujo
  1. Tap on the “+” icon in the app’s lower-right corner.
Monero Node Tor Linux 20 Add New Monero Node Monerujo
  1. This will open a small window where you can provide the details of your Monero node. For the first item, you need to provide both the .onion address of your node and its port number. You can quickly check your node’s .onion address by running the following command:
sudo cat /var/lib/tor/monero/hostname
Monero Node Tor Linux 21 Display Node Address
  1. You also need to provide both the username and password for your node’s RPC client. In my case, I will use “ramces” as my username and “averysecurepassword” as my password.
Monero Node Tor Linux 22 Include New User Pass
  1. Click the “TEST” button in the window’s lower-left corner to check whether your wallet can successfully communicate with your node.
Monero Node Tor Linux 23 Test New Connection
  1. Click the “OK” button to save your node’s details and connect to it.
Monero Node Tor Linux 24 Save New Connection

Frequently Asked Questions

Is it possible to speed up the blockchain synchronization process?

Yes. Obtain a copy of the entire blockchain from the developer’s website, then import this external blockchain by going to your Monero folder and running ./monero-blockchain-import --input-file /home/$USER/Downloads/blockchain.raw.

Can you link a desktop Monero wallet to a remote node?

To connect your desktop CLI wallet to your Tor-only node, ensure that this wallet can access the Tor network by installing and running torsocks . on the current terminal session followed by: ./monero-wallet-cli --daemon-address address.onion:18081.

I cannot connect to my Tor-only Monero node. How can I fix this?

This issue is most likely due to a firewall issue in your node machine. By default, the RPC port for Monero should be open, regardless of any firewall program you use. Despite this, there are instances where you might accidentally blacklist all unknown ports from your system while setting up your firewall.

To fix this issue, explicitly tell your firewall to keep port 18081 open at all times. For example, you can run ufw allow 18081/tcp to tell the ufw program to allow any incoming RPC connections.

Image credit: Unsplash. All alterations and screenshots by Ramces Red.

Ramces Red
Ramces Red

Ramces is a technology writer that lived with computers all his life. A prolific reader and a student of Anthropology, he is an eccentric character that writes articles about Linux and anything *nix.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox