Anonymous File Sharing with OnionShare 2.0
Secret Files
OnionShare lets you share files without revealing IP addresses or domain names. The latest version also allows uploads.
The Tor Project [1] has spawned a whole global community dedicated to the concept of anonymous browsing. The project's Tor Browser [2], which lets the user surf the web without leaving a trail or trace, was originally intended to help dissidents in totalitarian countries communicate without surveillance, but since then, it has become popular with whistle-blowers, drug buyers, and millions of everyday users who simply don't want to submit to the culture of tracking and targeting that exists on the mainstream Internet.
The core technology behind the Tor Browser is a technique known as onion routing. Onion routing routes a message through a message of participating routers that could be anywhere on the Internet. A data packet takes a random path through a series of the routers. The packet is encapsulated in multiple layers of encrypted routing information. Each router receives the packet and uses its private key to decrypt the outermost layer, which contains a destination address for where to forward the packet, and then sends the data on to the next link in the chain.
The power of onion routing is that no single router on the network has complete knowledge of where the packet came from and where it is going. Each router can only read the single layer specifically encrypted and addressed to it. This technique is known as onion routing, because the many layers of encrypted routing information resemble the layers of an onion that are gradually peeled away as the packet makes its way through the network. (For more information, see the "How Private?" box.)
How Private?
The onion routing process is considered relatively secure, although various attack scenarios are known [4]. One of the points of criticism lies in the inexperience of the users. To really protect your privacy, you need to do more than simply route your traffic through Tor. You also have to harden the browser and preferably the whole system. For this reason, the project offers the preconfigured Tor Browser with an integrated Tor client for all common operating systems. As an alternative, the developers are also working on Tails [5], a live distribution that offers an inherently secure platform.
Tor comes with the Onion Service Protocol [6] and the hidden services that help users not only use, but also to provide, services anonymously.
Like so many things, hidden services have two sides. Although anonymous routing allows criminal machinations on the one hand, on the other, it genuinely helps people to protect their privacy. Hidden services can also be used to exchange files without participants having to reveal IP addresses, domain names, or account details.
The Tor Browser is a standard tool at this point that is well known to many Linux users, and tutorials on how to use Tor have appeared in many forms – including in this magazine.
Less well known is OnionShare [3], a useful tool that lets you anonymously share files on Tor networks. Even users who are not interested in long-term participation in the Tor community have learned that OnionShare can be an easy and secure way to post a file without the need for commercial cloud services.
Anonymous File Sharing
Version 2.0 of OnionShare was released earlier this year and is not yet available in the package sources of the major distributions. Even the brand-new Ubuntu 19.04 "Disco Dingo" runs version 1.3.2 of the program. On the homepage, however, the developers point users to an Ubuntu PPA that supports the installation of the latest version with just a few commands (Listing 1). On Arch Linux, you will find OnionShare in the AUR of the same name. If you can't find a suitable package for your distribution, see the instructions online for tips on building the current version from scratch [7]. (For a CLI variant, see the "OnionShare as a Service" box.)
Listing 1
Installing on Ubuntu
Listing 2
At the Command Line
After you install, OnionShare will appear in the application menu of the desktop environment. At startup, the program automatically connects to the Tor network. The user interface is very simple. At the top there are two tabs named Share Files and Receive Files. The settings can also be opened via the gearwheel icon. The arrow below expands information about the history in a sidebar.
To share files, drag the desired files from the file manager into the application window or use the Add button at the bottom of the window to open a selection dialog. Once you have added one or more files, start the service by pressing the green Start sharing button (Figure 1).
Download via Browser
To send data to a contact, communicate the OnionShare address now displayed in the window in the style of http://Tor_address.onion/slug
(Figure 2).
The Tor address is a string of characters assigned to you by Tor (as shown in Figure 2). The slug consists of a random combination of two words at the end of the address, adding an additional layer of complexity to resist guess attacks.
You can share the information either through a secure chat or some manual method. Note that the OnionShare address changes each time the application is started, as long as you do not enable a persistent address in the settings. The text cannot be selected directly in the window; to copy it to the clipboard, click Copy Address. Port forwarding or further configuration of the WiFi router are not usually required.
Your contact does not need a special program to download the data. All they need is the Tor Browser, which is available for all common operating systems or any browser with a Tor client enabled in the system (Figure 3). After you press Download Files, the shared data ends up as a ZIP archive on the user's hard disk. However, version 2.0 of the OnionShare client no longer bundles individual files in an archive. In the test, downloading the files also worked on an Android smartphone connected to the Tor network with Orbot [8].
Receiving Anonymous Data
OnionShare 2.0 not only allows users to share files anonymously but also to receive them anonymously [9]. To receive files anonymously, switch to the Receive Files tab and activate Receive mode by pressing Start Receive Mode. You will again see an OnionShare address, similar to the one you received when you sent the mail; you have to give this address to your contact. If, for example, you would like to offer whistle-blowers a portal for sending data in the scope of your journalistic work, you can also publish the address on your homepage.
Uploading data does not differ much from downloading. The Tor Browser acts as the client again. Instead of the list of offered files, you will see an almost empty page. A click on Browse… opens a file browser where you can select the data to be uploaded. On pressing Send Files, the browser then transfers the file. On the OnionShare program page, you will see the transferred files arriving. After the transmission has been completed, terminate the service by clicking on Stop Receive Mode. By default, the program stores the data below OnionShare/
in the user's home directory.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.
-
Fedora 41 Released with New Features
If you're a Fedora fan or just looking for a Linux distribution to help you migrate from Windows, Fedora 41 might be just the ticket.
-
AlmaLinux OS Kitten 10 Gives Power Users a Sneak Preview
If you're looking to kick the tires of AlmaLinux's upstream version, the developers have a purrfect solution.
-
Gnome 47.1 Released with a Few Fixes
The latest release of the Gnome desktop is all about fixing a few nagging issues and not about bringing new features into the mix.