Monero is the current gold standard for a private cryptocurrency. Unlike Bitcoin, it allows you to easily and seamlessly transact value online without any visible record in the Monero blockchain, so users often prefer Monero in transactions where they want to be anonymous. Here we show you how to install a Monero node, setting it up to broadcast over Tor and connecting it through a mobile wallet.
Why Host Your Own Monero Node
One issue with Monero is that, if you are using it through a mobile wallet, you can expose your current location with your IP address. Not only that, but it is also possible for a malicious node operator to snoop into your transactions if you do not use your own node.
One way to deal with this issue is by hosting your own Monero node through Tor. Similar to hosting a hidden website, doing this will make sure that any connection you make is private and that you can host your node even in a CG-NAT network.
Installing a Monero Node
Before you can install Monero, you need to make sure that you have the following resources available and ready:
- Machine that is constantly connected to the Internet. This could either be an old PC in your home or VPS that you are currently renting.
- Ample amount of hard disk space and memory on your machine. For the most part, a 1TB hard disk and 8GB of RAM should be enough to hold the entire Monero blockchain.
- Root access to your machine, as installing a Monero node will require you to configure and modify system files.
This tutorial was created on a Ubuntu 22.04.1 LTS machine, though the steps for other LInux distributions are similar.
Obtaining Monero
Obtain a copy of Monero’s latest binaries. By default, the current version of both the Monero daemon and client are not available as installable packages in apt.
- Download a copy of the latest binary from the developer’s website with the following command:
wget https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.1.2.tar.bz2
- Create a new directory to extract and run the Monero daemon:
mkdir monero && cd monero
- Extract the Monero archive to your new directory:
tar xvf ./monero-linux-x64-v0.18.1.2.tar.bz2 && cd ./monero-linux-x64-v0.18.1.2
Synchronizing Your Monero Node
You will find a number of binaries in your “monero” directory. To initialize the daemon, run the following command:
./monerod --detach
This command will create all the necessary files and folders for Monero on the current user’s home directory, cleanly detach itself from the currently active terminal process and quietly synchronize in the background.
In most cases, synchronizing with the Monero blockchain can take one to three days, as the block verification process for this blockchain is CPU intensive. For example, my Core2Duo machine took four days to fully synchronize with the network.
Installing Tor and Creating a Hidden Service
Once you have a properly running node, start configuring it to work over the Tor network.
- Install Tor along with its utilities:
sudo apt install tor torsocks
- Create a new hidden service entry for your Monero node by editing your “/etc/tor/torrc” file using your favorite text editor:
sudo nano /etc/tor/torrc
- Find the section in the configuration file for hidden services by pressing Ctrl + W, then typing “HiddenServiceDir.”
- Add a new service directory and port to allow Tor to pass any listening programs in the local machine to the Tor network by adding the following lines of code on your “/etc/tor/torrc” file:
HiddenServiceDir /var/lib/tor/monero/ HiddenServicePort 18081 127.0.0.1:18081
- Restart the Tor daemon to apply your new settings:
sudo systemctl restart tor
Configuring Your Node to Use Tor
- Make sure the Monero daemon is completely stopped by running the following commands:
cd /home/$USER/monero/monero-linux-x64-v0.18.1.2 ./monerod stop_daemon
- Create and edit your daemon’s configuration file:
nano /home/$USER/.bitmonero/bitmonero.conf
- Add the following lines of code to your configuration file:
rpc-bind-ip=0.0.0.0 rpc-bind-port=18081 restricted-rpc=1 rpc-login=ramces:averysecurepassword no-igd=1
- Both the “rpc-bind-ip” and “rpc-bind-port” options tell the Monero node where to broadcast its service. In this case, you are telling it to broadcast all interfaces in port 18081.
- The “restricted-rpc” option tells the node to require a password whenever a client attempts to connect to it.
- The “rpc-login” sets the username and password for this Monero node. In my case, I am setting the username to “ramces” and the password to “averysecurepassword.”
- The “no-igd” value tells the node to disable UPnP, which prevents your node from accidentally broadcasting its real IP address over the Internet.
- Save your configuration file by pressing Ctrl + O then Ctrl + X. Restart your daemon by running
./monerod --detach
.
Linking Your Node to a Mobile Wallet
With your node up and running over the Tor network, test it by pairing it with a mobile wallet. By default, the developers of Monero designed their cryptocurrency to be as modular as possible, making it easy to link multiple wallets together to a single node that provides all the blockchain data.
- Download a mobile wallet. In my case, I will use Monerujo, as it supports Tor connections by default.
- Install a Tor client for your device. For this, you can download Orbot from the Play Store.
- Open Orbot and click the “Tor-Enabled Apps” button on the bottom center of the screen.
- Scroll through the list of your applications and tick the checkbox under Monerujo.
- Go back to the previous screen and click the “START” button. This will create a small VPN that forces Monerujo to connect to the Internet using Tor.
Connecting Monerujo to Your Tor Node
Once Monerujo is using the Tor network, you can link your Tor-only Monero node to your mobile wallet.
- Open the Monerujo app and click the “Network” section.
- Tap on the “+” icon in the app’s lower-right corner.
- This will open a small window where you can provide the details of your Monero node. For the first item, you need to provide both the .onion address of your node and its port number. You can quickly check your node’s .onion address by running the following command:
sudo cat /var/lib/tor/monero/hostname
- You also need to provide both the username and password for your node’s RPC client. In my case, I will use “ramces” as my username and “averysecurepassword” as my password.
- Click the “TEST” button in the window’s lower-left corner to check whether your wallet can successfully communicate with your node.
- Click the “OK” button to save your node’s details and connect to it.
Frequently Asked Questions
Is it possible to speed up the blockchain synchronization process?
Yes. Obtain a copy of the entire blockchain from the developer’s website, then import this external blockchain by going to your Monero folder and running ./monero-blockchain-import --input-file /home/$USER/Downloads/blockchain.raw
.
Can you link a desktop Monero wallet to a remote node?
To connect your desktop CLI wallet to your Tor-only node, ensure that this wallet can access the Tor network by installing and running torsocks .
on the current terminal session followed by: ./monero-wallet-cli --daemon-address address.onion:18081
.
I cannot connect to my Tor-only Monero node. How can I fix this?
This issue is most likely due to a firewall issue in your node machine. By default, the RPC port for Monero should be open, regardless of any firewall program you use. Despite this, there are instances where you might accidentally blacklist all unknown ports from your system while setting up your firewall.
To fix this issue, explicitly tell your firewall to keep port 18081 open at all times. For example, you can run ufw allow 18081/tcp
to tell the ufw program to allow any incoming RPC connections.
Image credit: Unsplash. All alterations and screenshots by Ramces Red.
Our latest tutorials delivered straight to your inbox