MasTorDon @MasTorDon@social.privacytools.io

@jonah the main problem is ssl / https is so hard-coded into mastodon. Self assigned certs will give an error that to most non tech people will think they're being hacked. And digicert is not worth it unless theres a decent sized community willing to chip in for the cost. Other than that its documented here https://docs.joinmastodon.org/administration/optional-features/#hidden-services

And login (as most things) works if ssl is disabled on a mastodon file as follows https://gist.github.com/hcmiya/40f3810108c954b3a24017a78844e0b6#gistcomment-2679350.

SSL is not needed for hidden services

@blacklight447

I could and might have one as a alt but it wouldn't be human readable. I can only do 9 characters e.g. mastordon and the rest is all random. I used a tool called Scallion [https://github.com/lachesis/scallion] to randomly generate onion address thousands of times a second and record all results with the term mastordon. It took 2-3 days on my overclocked 1080ti to get mastordon43zyheh along with a lot of other mastordon******* that weren't as rememberable.

@debugninja

Not yet but i probably should with the amount of modifications this requires.
Would you happen to know what file i can edit to disable email confirmations.
Id still like other email services like password resets to work tho that's why i was going for the auto confirm method.
It also makes it so the email feild could just be used as a second password for those who don't want to provide a real email address.

@dammkewl @skiddi3@bitcoinhackers.org @mattodell

ive got it working. seems like all the ssl stuff needs to be de-hardcoded

https://gist.github.com/hcmiya/40f3810108c954b3a24017a78844e0b6#gistcomment-2679350

mastordon43zyheh.onion

A working mastodon instance over a tor hidden service.

#mastodon #tor #hiddenservice