Template:Non-functional Onion Services

Sometimes the Debian, Kicksecure onion servers are non-functional. This could be due to DDOS attacks on the Tor network. ^[1] In result, this means updates cannot be completed automatically and an error message similar to below will appear.

user@host:~$ sudo apt update Hit:1 https://security.debian.org bookworm/updates InRelease Hit:2 tor+http://deb.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion bookworm InRelease Ign:3 https://ftp.us.debian.org/debian bookworm InRelease Hit:4 https://deb.kicksecure.com bookworm InRelease Hit:5 https://ftp.us.debian.org/debian bookworm Release Err:7 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion bookworm/updates InRelease SOCKS proxy socks5h://localhost:9050 could not connect to 5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion (0.0.0.0:0) due to: Host unreachable (6) Err:8 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm InRelease SOCKS proxy socks5h://localhost:9050 could not connect to 2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion (0.0.0.0:0) due to: Host unreachable (6) Reading package lists… Done W: Failed to fetch tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/dists/bookworm/updates/InRelease SOCKS proxy socks5h://localhost:9050 could not connect to 5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion (0.0.0.0:0) due to: Host unreachable (6) W: Failed to fetch tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian/dists/bookworm/InRelease SOCKS proxy socks5h://localhost:9050 could not connect to 2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion (0.0.0.0:0) due to: Host unreachable (6) W: Some index files failed to download. They have been ignored, or old ones used instead.

Until the onion service is re-established, complete the following steps in Kicksecure to circumvent the issue. ^[2] ^[3]

1. Open Debian sources.list in an editor.

Open file /etc/apt/sources.list.d/debian.list in an editor with root rights.

Select your platform.

See Open File with Root Rights for detailed instructions on why to use sudoedit for better security and how to use it.

Note: Mousepad (or the chosen text editor) must be closed before running the sudoedit command.

sudoedit /etc/apt/sources.list.d/debian.list

NOTES:

When using Kicksecure-Qubes, this needs to be done inside the Template.

sudoedit /etc/apt/sources.list.d/debian.list

After applying this change, shutdown the Template.
All App Qubes based on the Template need to be restarted if they were already running.
This is a general procedure required for Qubes and unspecific to Kicksecure for Qubes.

This is just an example. Other tools could achieve the same goal.
If this example does not work for you or if you are not using Kicksecure, please refer to this link.

sudoedit /etc/apt/sources.list.d/debian.list

2. Comment (#) the .onion address lines and uncomment the clearnet address lines.

The code blocks should look like this; only these entries require editing. ^[4]

deb tor+https://deb.debian.org/debian bullseye main contrib non-free deb tor+https://deb.debian.org/debian bullseye-updates main contrib non-free deb tor+https://deb.debian.org/debian-security bullseye-security main contrib non-free deb tor+https://deb.debian.org/debian bullseye-backports main contrib non-free deb tor+https://fasttrack.debian.net/debian bullseye-fasttrack main contrib non-free #deb tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bullseye main contrib non-free #deb tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bullseye-updates main contrib non-free #deb tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bullseye-security main contrib non-free #deb tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bullseye-backports main contrib non-free

Save and exit.

3. Confirm the clearnet repositories are functional.

sudo apt update

4. Optional: Revert and update the package lists.

Consider reverting these changes later on because onion repositories have various security advantages. Afterwards, apply Updates to refresh the package lists.

↑
↑ If similar issues occur with Kicksecure onion services then follow the same procedure and modify the derivative.list files.
↑ https://forums.whonix.org/t/errors-updating-september-2018/6028
↑ https://salsa.debian.org/fasttrack-team/support/-/issues/27.

[1] 
https://blog.torproject.org/how-handle-millions-new-tor-clients/

https://lists.torproject.org/pipermail/tor-dev/2020-March/014211.html

https://lists.torproject.org/pipermail/tor-dev/2020-June/014381.html

https://forums.whonix.org/t/suspicious-rise-in-of-tor-users/4673

[2] ttps://blog.torproject.org/how-handle-millions-new-tor-clients/

[3] ttps://lists.torproject.org/pipermail/tor-dev/2020-March/014211.html

[4] ttps://lists.torproject.org/pipermail/tor-dev/2020-June/014381.html

[5] ttps://forums.whonix.org/t/suspicious-rise-in-of-tor-users/4673

[2] If similar issues occur with Kicksecure onion services then follow the same procedure and modify the derivative.list files.

[3] ttps://forums.whonix.org/t/errors-updating-september-2018/6028

[4] ttps://salsa.debian.org/fasttrack-team/support/-/issues/27.

[1]

[2]

[3]

[4]

Template:Non-functional Onion Services

Kicksecure

Kicksecure for Qubes

Others and Alternatives

Navigation menu

Template:Non-functional Onion Services

Kicksecure

Kicksecure for Qubes

Others and Alternatives

Navigation menu

Search