Pi Zero Tor-Routed Access Point 📶

Quick guide on creating an always-on Tor-routed secondary wireless access point on a Pi Zero

Set up the Pi

1. Download and Extract Raspberry Pi OS Lite
2. Flash the ISO onto a MicroSD Card, with Etcher or similar software
3. Place a file called ssh into the boot dir (to allow for SSH access)
4. Insert SD card into Pi, plug in the Ethernet and power it up
5. Determine the IP of the new Pi with nmap, or in your router settings
6. SSH into ssh pi@<ip>, the password is raspberry
7. Change the password with: sudo passwd

Set up the Access Point

1. Update packages, and get dependencies:
   sudo apt-get update
sudo apt-get install iptables-persistent git

2. Get Pi Hostpot setup script:
   git clone https://github.com/unixabg/RPI-Wireless-Hotspot.git

3. Begin the Install Process
   cd RPI-Wireless-Hotspot
sudo ./install
   The script will walk you through setting up a WiFi network, choosing a name, authentication type and password

Configure Tor

1. Install Tor
   sudo apt-get install tor

2. Configure
   sudo nano /etc/tor/torrc

   # Then enter the following at the bottom of the file
   Log notice file /var/log/tor/notices.log
   VirtualAddrNetwork 10.192.0.0/10
   AutomapHostsSuffixes .onion,.exit
   AutomapHostsOnResolve 1
   TransPort 9040
   TransListenAddress 192.168.42.1
   DNSPort 53
   DNSListenAddress 192.168.42.1
   # Save and exit
   

3. Update IP Tables
   sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 22 -j REDIRECT --to-ports 22
sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53
sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040
sudo sh -c iptables-save > /etc/iptables/rules.v4

Start Tor Service

1. Start the Tor service
   sudo service tor start

2. Check if it's running okay
   sudo service tor status

3. Start tor on boot
   sudo update-rc.d tor enable

4. Finally, reboot the device
   sudo reboot

Done!