OnionShare - Tool For Sharing Files Securely and Anonymously (Windows, Linux, Mac OS X)


OnionShare is an open source tool that allows you to share files securely and anonymously. It supports file(s) of any size.

It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn't require setting up a server on the internet somewhere or using a third party filesharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet. The other user just needs to use Tor Browser to download the file from you.

How To Use OnionShare

First, download OnionShare onto your computer. Then install it.

(Download link is at the end of this article)

Open the program (It will automatically connect itself to the Tor network)


After that, click on the "Add" button to add files to the program or just drag and drop files into the program. 


Then click on the "Start Sharing" button. 

Wait for few seconds, it will show you a unique .onion URL. 


Now you can send this URL to the person you're sending the files to. 

If the files you're sending aren't secret, you can use normal means of sending the URL, like by emailing it, or sending it in a Facebook or Twitter private message. If you're sending secret files then it's important to send this URL securely.

Note: The other user (receiver) needs to use Tor Browser to download the file from you. But doesn't need the OnionShare.


Configuring OnionShare

You can access Settings by clicking on the 'cog' icon in the bottom right corner of the OnionShare application.

Some of the settings are described below.

Sharing Options

  • Stop sharing after first download:
If this setting is checked (enabled), then the Onion Hidden Service will stop automatically once the user has started downloading your share for the first time.

If you need to share your file with several users or allow the user to download it more than once in one sitting, you should uncheck (disable) this setting.

This setting is enabled by default.

  • Show desktop notifications:
If this setting is checked, the sender will receive a desktop notification (e.g pop-up or systray bubble) when a user commences or completes a download.

This can be convenient if you don't wish to watch the OnionShare application's status bar itself and move on to other tasks, but wish to be notified when the user starts the download process.

If you don't wish to receive desktop notifications, you should uncheck this setting.

This setting is also enabled by default.

Stealth (advanced)

  • Create stealth onion services:
If you want to use stealth onion services, you should enable this setting. This will make your onion service much more secure, but it also makes it much more difficult for the recipient to connect to it.

If you're using a stealth onion service and an attacker learns your onion address, they can't connect to it. To connect, you need to edit your Tor configuration file and add a secret HidServAuth string to it. This way, even malicious Tor nodes that are hidden service directories can't connect to your OnionShare service at all.

This setting is disabled by default.

How to send files with stealth onion services:

Open OnionShare and add the files you'd like to share. Check "Advanced Options", and then check "Create Stealth Onion Service" before you click "Start Sharing". After the onion service is ready, OnionShare will include two buttons, "Copy URL" and "Copy HidServAuth". You'll need to copy both of these and send them to the recipient.


In this example, here are the two pieces of information I need to send to the recipient for them to download the file:
  • URL: http://e3gwbdifcjde23zs.onion/stank-compactly
  • HidServAuth: HidServAuth e3gwbdifcjde23zs.onion YabcyjP4CasHKhwWVH2+Ag
Note that if I just send someone the URL, their Tor Browser will refuse to ever connect to it. First, they need to add the HidServAuth string to their Tor config file and restart Tor Browser. Then, they'll be able to load the URL with Tor Browser.

How to receive files with stealth onion services:

This isn't the easiest thing to do for newbies, which is why stealth onion service support is an advanced option in OnionShare. You'll have to know how to navigate your filesystem and edit text files.

Make sure Tor Browser is closed. Now, open the "torrc" file that's built-in to Tor Browser in a text editor. This process is slightly different depending on your operating system.

In macOS X, edit ~/Library/Application Support/TorBrowser-Data/Tor/torrc.

In Windows, edit C:\Users\[user]\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\torrc.

In Linux, edit ~/[path_to_tor_browser]/Browser/TorBrowser/Data/Tor/torrc.

Add the HidServAuth string to the bottom of the file. For example, I'm going to add this line to the end of my "torrc" file:
HidServAuth e3gwbdifcjde23zs.onion YabcyjP4CasHKhwWVH2+Ag
Now save the file and exit, and restart Tor Browser. Now you can load the corresponding OnionShare URL in Tor Browser (in my case, http://e3gwbdifcjde23zs.onion/stank-compactly) and it will work. After you're done downloading the file being shared, you can remove the HidServAuth line from your "torrc" file again.


Check for Updates

  • Notify me when updates are available:
If this setting is checked, Windows and macOS users will receive notifications when a new version of OnionShare is available. You may also click the 'Check For Updates' button to force a check.

This setting is not shown for Linux users. Instead, Linux users should rely on their package management system (e.g apt) to install updates.

How should Onionshare connect to Tor?

Several options exist for obtaining a Tor connection:
  • Use Tor that is bundled with OnionShare
  • Attempt automatic configuration with Tor Browser
  • Connect using (Tor) control port
  • Connect using (Tor) socket file

'Use Tor that is bundled with OnionShare' is usually the easiest and most convenient setting, because it requires no further action from the user to set up.

When you open OnionShare, it will launch a Tor process in the background that's configured specifically for OnionShare to use. This Tor process won't interfere with other Tor processes on your computer, so you're free to run Tor Browser or use a system Tor in the background.

Attempt automatic configuration with Tor Browser: You can configure OnionShare to connect to the Tor that comes with Tor Browser. First, download Tor Browser if you don't already have it. With this setting selected, you need to keep Tor Browser open in the background while you're using OnionShare.

Connect using control port or socket file: If you'd like, you can install Tor system-wide and configure OnionShare to connect to that. Or you can even connect to Tor that's running on a different operating system, for example, if you'd like to run OnionShare in a Whonix workstation, where the Tor process itself runs in a Whonix gateway.

Note that if your version of Tor is older than 0.2.7.1, it won't support ephemeral onion services, and if it's older than 0.2.9.8, it won't support stealth onion services. You always run the latest stable version of Tor, as opposed to old versions that might be in your operating system's package repository.




No comments

Powered by Blogger.