With this manual you are able to create an open wifi access point connected to the Tor Network. Users will be able to browse the web and check their mail and not be traceable back to your IP address.
Reasons why you want to do this:
- Allow everyone to access the internet who is near to your access point
- Allow people to access the internet in an anonymous, private way.
- Don’t be bothered with what people do from your IP adress (your internet connection)
- As Tor is slow, people will not be able to use all your bandwith
- Users of the access point can’t access your private network
What you need:
- A Gl.inet router for $23,-
- The self made version of the software from Radical Open Security.
- An ubuntu or debian based computer or server to make the custom image.
- About an hour of your life.
Step 1 – Building the firmware
You need to build the firmware yourself. Otherwise you do not have SSH access to the router and you can’t remove the wifi password. The following is loosely copid from the [Radical Open Security Git Page.](https:/
- Login to your Ubuntu or Debian based computer:
- Install dependencies
sudo apt-get update
sudo apt-get install git-core build-essential libssl-dev libncurses5-dev unzip subversion gawk python python-passlib jq
- Create a working directory in your home folder and execute the following commands:
git clone https:/
cd netaidkit && make image
- Go grab a coffee or tea. After some time you’ll find the image in netaidkit/openwrt/bin directory.
Look for this file:
Step 2 – Flashing the firmware and setting up the router
Flashing is the action of uploading the firmware you just made to your router. You erase the existing firmware. For this we assume your router no longer has the original firmware. This is easier also if you still have the original firmware.
Flashing the GL-iNet:
- Connect your computer to the router using an ethernet cable. Connect to the WAN port.
- While pressing the reset button on the side of the GL-iNet, power on the device. You will see the green LED flashing.
- Hold the reset button until the green LED flashes 5 times.
- When the red light flashes once, release your finger.
- If you can’t get your device into failsafe mode, you need to check if the ethernet cable is really connected.
- The device is now booting into failsafe mode.
- Manually set your IP address to 192.168.1.2.
- Visit 192.168.1.1 in your browser and upload the image called openwrt-ar71xx-generic-gl-inet-6416A-v1-squashfs-factory.bin to the page and click ‘Update firmware‘.
- Wait for the device to reboot into the new firmware and do not turn it off. Do not disconnect the power cable.
Set-up for normal use.
- Connect to the NETAIDKIT access point using password ‘netaidkit’.
- Browse to 192.168.101.1 and follow the steps to set-up your own AP and change the passwords.
- Disconnect from wifi
Step 3 – Standard setup of the kit
- Connect to the newly created wifi point.
- Open a webbrower and connect to
- Follow the setup from the Net Aid Kit.
Done! You have now a wokring acces point you can use to get people on the tor network. Last thing to do: remove the wifi password so anyone can use it!
Step 4 – Remove the wifi password an open it up.
Note: These steps still need improving as the latest build of the Net Aid Kit no longer allows for SSH access on port 2222. So the devs need to update that.
- Connect to the wifi of your new acces point (if you haven’t already)
- Open a terminal and login to the router with SSH.
$ ssh firstname.lastname@example.org -p 2222
- The default password is:
- Change the password:
Open the wifi config file in /etc/wireless with vi and remove the line about the security
Close vi with ‘esc’ and :wq
type reboot to restart the router and your are done!