I tried both methods presented: editing the tor-hs config file, and setting it up from the command line.
There are some discrepancies in the instructions provided on that page, namely:
the name sshd is used in the config file instructions, but ssh is used in the command line instructions
option Enabled=false in the config file instructions, but option Enabled="1" (true) in the command instructions, and
list PublicLocalPort '2222;22'' in the config file instructions, but '22;22'` in the command line instructions.
I ended up trying them all, and got the same error when I restarted the tor-hs service:
tail_conf
Info. Updating tor configuration
uci: Invalid argument
Command failed: Not found
The directory /hidden_service/ssh gets added to /etc/tor, but there is no hostname file contained.
I then tried to follow these instructions by Informtic for a minimal tor hidden service on OpenWRT, but modify them so they are for SSH rather than accessing a storage drive (which I think is the intent of the instructions). To do so, I:
ignored the fstab portion
left out option home '/storage/tor in the suggested amendments to the uhttpd config
appended everything in the suggested torrc config modifications to the bottom of the existing torrc config, but changed the HiddenServicePort to that of the command line instructions on the OpenWRT page (22 127.0.0.1:22). Also tried 2222 127.0.0.2:22 (per the config file instructions on the OpenWRT page)
When I do this and restart uhttpd and tor... nothing happens. There is no hostname file in /etc/tor/hidden_service/hostname.
Any help would be greatly appreciate - even if just to get SSH remote access over tor working, but better yet, access to the GL or LUCI GUI! Thanks
It appears you are using firmware that is not from the official OpenWrt project.
When using forks/offshoots/vendor-specific builds that are "based on OpenWrt", there may be many differences compared to the official versions (hosted by OpenWrt.org). Some of these customizations may fundamentally change the way that OpenWrt works. You might need help from people with specific/specialized knowledge about the firmware you are using, so it is possible that advice you get here may not be useful.
Ask for help from the maintainer(s) or user community of the specific firmware that you are using.
Provide the source code for the firmware so that users on this forum can understand how your firmware works (OpenWrt forum users are volunteers, so somebody might look at the code if they have time and are interested in your issue).
If you believe that this specific issue is common to generic/official OpenWrt and/or the maintainers of your build have indicated as such, please feel free to clarify.
The whole concept doesn't sound to be very sensible in the first place though, what about a road-warrior style VPN (wireguard) instead?
Yes it makes sense that it could be due to the fact that I'm running an offshoot of OpenWRT. I've certainly thought about replacing it with official OpenWRT, and am feeling even more inclined to do so now.
I don't have a public IP, so a wireguard VPN is a bit more complicated for me. I have another server running StartOS that automatically generates an onion hidden service for the admin GUI upon installation, and also for every service that gets installed. Makes for a quick and easy way to reboot remotely.
I'd love to know if anyone has any thoughts about the discrepancies that I noted in the openwrt instructions?
It is between you and gl-inet, if you accidentally start using OpenWrt and something still does appear broken feel free to fill a bug report or complain in documentation section.