Skip to the content.

Frequenty Asked Questions

  1. My Question is not answered here
    Join our Telegram channel and ask your question. We will try to answer.

  2. Why do I get resource errors
    You likely got out of heap memory, resource temporarily unavailable or Disk quota exceeded. The FREE service is restricted and the outbound traffic is throttled. Upgrade your server and enjoy unlimited resources. Upgrades are FREE for anyone working on a cool project.

  3. My processes are getting killed
    Read above.

  4. Can I scan
    It is discouraged. The scan will slow to 2ports/second after the first 8,000 ports.

  5. I get an SSH error
    Likely you got Bad configuration option: setenv when trying to log in to your existing server. You need to update your OpenSSH client to a newer version (ssh -V). Alternatively you can try SECRET=XXX ssh -o "SendEnv SECRET" root@segfault.net (where XXX is your SECRET).

  6. How can I install services or daemons
    Take a look at /sec/usr/etc/rc.local. This file is executed on bootup. There is no systemctl.

  7. How can I publish my Web Page
    The Web Page is automatically generated using Pelican and the awesome Markdown syntax. All you need to do is edit the files in /sec/www/content and then execute:
    cd /sec/www && make html
    
  8. How do I change the password
    You can not. The access password is always segfault. However, nobody can access your server using segfault as a password: The system generates a unique and new SECRET for every new log in and then uses this SECRET to set up your private virtual server (isolated from all other servers). It is this SECRET that allows only you to access your server. Read the next paragraph…

  9. How do I log back in to my server
    On log out you will see a command that allows to you to log back in to your server. It contains a SECRET and it is this SECRET that allows you access your server. The log out screen may look like this:
    Access with      : ssh -o "SetEnv SECRET=XXX..." root@de.segfault.net
    GOODBYE          : Join us on Telegram - https://t.me/thcorg 
    

    Use the command ssh -o "SetEnv SECRET=XXX... and the password segfault to log back in to your server. If you do not use the same SECRET and instead just do ssh root@segfault.net then a new server with a new /sec filesystem will be created for you.

  10. When does it self-destruct
    Immediately on log out. Your server shuts down and all system data and memory is wiped. Your private data in /sec and /root is only accessible while your server is running. When you log back in using the same SECRET then a new server is started and your (old) private data is attached again to /sec (encrypted). Type rm -rf /sec && halt if you also want to destroy your encrypted data.

  11. Why are my changes lost?
    Data in your home directory and in /sec, /onion and /everyone are never lost. They are permanent (unless you delete the data). Data in (/usr, /tmp, …) is only valid for the duration of the session and will disappear when you log out. You can use apt install and pip install etc but the package can only be used until you log out. Alternatively you can install any package to /sec/usr.

  12. What EXIT IP is used?
    There are 3 or more EXIT IP lines shown during log in. These are the VPN providers through which your outgoing traffic is routed. Each of your outgoing connections leaves through a different EXIT (multipath routing). The VPN Exit Nodes cycle every few days.

  13. Is there a list of tools
    The server comes with around 8GB of pre-installed tools. See the full list. Let us know if any tool is missing and we can add it (permanently).

  14. Log in without password
    Save this SSH key to ~/.ssh/id_sf.
    -----BEGIN OPENSSH PRIVATE KEY-----
    b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
    QyNTUxOQAAACB3jmp/3JyvY9ABgjrx4+sBnQ0T+yHsB4HTBMcJqC2OtgAAAIiJ9mzOifZs
    zgAAAAtzc2gtZWQyNTUxOQAAACB3jmp/3JyvY9ABgjrx4+sBnQ0T+yHsB4HTBMcJqC2Otg
    AAAEAs6YNqZSzAfZDl5/vDOB0vv7EZMxMUc/fEipuZ9A3eCHeOan/cnK9j0AGCOvHj6wGd
    DRP7IewHgdMExwmoLY62AAAAAAECAwQF
    -----END OPENSSH PRIVATE KEY-----
    

    The same key is also available at /config/guest/id_ed25519. Thereafter use this command to log in:

    ssh -i ~/.ssh/id_sf root@segfault.net
    
  15. How do I use reverse Port Forwarding
    Your server runs on a private IP space. You can connect out (to the Internet) but nobody can connect to back to your server. However, every server is assigned one PORT on a public IP Address that is forwarded to your server. It’s a different IP & PORT for every server. During log in you will see a message that looks like this (example):
    [...]
    Reverse Port      : 185.117.118.23:1234
    [...]
    

    That’s your personal IP & PORT for reverse connections. Any connection to 185.117.118.23 on Port 1234 is forwarded to your server on port 1234. You can listen for the connection like so:

    nc -vnlp 1234
    # If this is for a connect-back shell then you likely like to press
    # Ctrl-Z after connection and type 'stty raw -echo opost; fg'
    

    (The IP & PORT are an example. You need to read the log in message when you log in to find out your IP and PORT).

  16. How to SSH -L forward
    You should be using ssh -D1080 root@segfault.net but if you insist on ssh -L style then be aware that you need to specify your server’s ip (e.g 10.11.0.xxx) and not 127.0.0.1 to reach your server.

  17. How to SSH -R forward
    This example forwards a reverse port directly to your workstation. The reverse IP and PORT is shown during log-in. As an example we assume the reverse port is 53052 and set up a forward to your workstation (127.0.0.1) on port 31338:

    ssh -R31337:127.0.0.1:31338 root@segfault.net
    # After login execute:
    socat TCP4-LISTEN:53052 TCP4:172.22.0.22:31337
    

Contact

Twitter: https://twitter.com/hackerschoice
Mastodon: @thc@infosec.exchange
Telegram: https://t.me/thcorg
Web: https://www.thc.org
Medium: https://medium.com/@hackerschoice
E-Mail: members@thc.org