[ I setup a Debian virtual machine over the weekend with the goal of creating an Electrum server. The instructions I found involve running bitcoind over tor, but they were full of minor typos and strange characters that broke things when I copied & pasted commands, so I decided to clone them here and fix them as much as possible. This article is the third of three, copied & edited from sky-ip.org]
Configure a Tor Electrum Server on Debian / Ubuntu
Note: This tutorial assumes that you first configured a full Bitcoin node on your server. The steps which you should have followed when doing that are not part of this tutorial, so please first read how to setup a full Bitcoin node on Debian / Ubuntu and come back here to enable Electrum Server.
What is Electrum? Electrum is a light-weight Bitcoin client which does not require the users to download the entire Bitcoin blockchain since it can be disk space, bandwidth and time expensive. It is very secure, it has neat features and it gets the stars on privacy, security and usability. Instead of downloading the blockchain, it relies on Electrum Servers.
Enabling an Electrum Server on your Bitcoin full node will just need little more hard disk space, since it indexes the addresses and maps coins in circulation to addresses. If disk space is not a problem for you, it is recommended to run an Electrum Server. Tails Linux users now have Electrum wallet and they rely on Tor hidden services Electrum Servers. Disk space requirements continue to grow as time goes by, since the purpose of the blockchain is to archive all transactions.
- Install Electrum Server dependencies – type as root:
sudo apt-get update sudo apt-get dist-upgrade -y sudo apt-get -y install python-setuptools python-openssl python-leveldb libleveldb-dev sudo easy_install jsonrpclib irc plyvel
- Make a folder to fetch the Electrum Server source code and build:
mkdir ~/electrumsrc && cd ~/electrumsrc
- Get the source code and build:
git clone https://github.com/spesmilo/electrum-server.git cd electrum-server sudo ./configure sudo python setup.py install
- Download latest Electrum Server database from foundry (it will take a long time to build if not downloaded) –type as root:
Go to http://foundry.electrum.org/leveldb-dump/?C=M;O=D and copy the link for the latest archive so you can fetch it. For example, electrum-fulltree-10000-latest.tar.gz (10000 or 100 is the number of transactions you are willing to display per each address. Recommended is 10000, but you can go with 100 too – in this case just fetch the latest database with 100 in the filename).
In the previous tutorial, How to setup a full Bitcoin node, you created a user to run bitcoind, for example ‘bitnode’. We will use the same unprivileged user to run Electrum Server daemon, for enhanced security. So, go to that user’s home folder:
cd /home/bitnode mkdir electrum-server && cd electrum-server wget http://foundry.electrum.org/leveldb-dump/electrum-fulltree-10000-latest.tar.gz
Verify integrity of the downloaded database file:
wget http://foundry.electrum.org/leveldb-dump/md5sums.txt md5sum <name of downloaded database file, example electrum-fulltree-10000-latest.tar.gz>
Copy the output of this command.
grep <copied data from previous command> md5sums.txt
If it doesn’t return to confirm the filename-md5sum with the filename-md5sum from md5sums.txt, it means that the database you downloaded is corrupted and you should download it again, until the md5sum matches.
If verification of integrity is OK, we proceed to extract the archive:
tar xfz <name of downloaded database file, example electrum-fulltree-10000-latest.tar.gz> -C /home/bitnode/electrum-server/
After extraction is finished, delete the archived file to save some disk space:
rm -rf <name of downloaded database file, example electrum-fulltree-10000-latest.tar.gz>
And finally change permissions:
chown -R bitnode:bitnode /home/bitnode/electrum-server
If your username is different, substitute bitnode with the username you created instead.
- Configure bitcoind with txindex and reindex the blockchain (will take some time, depending on your machine’s performance):
Edit your bitcoin.conf (if you followed our Bitcoin Node tutorial the path is /home/bitnode/.bitcoin/bitcoin.conf) and add the following line if it’s not already there:
– Save the changes to the configuration file.
We need to reindex the blockchain now:
sudo -u bitnode -i bitcoin-cli stop sudo -u bitnode -i bitcoind -reindex
#This will take some time, try not to reboot the machine until finished, or in case of reboot make sure you repeat the last 2 commands again.
*Again substitute bitnode with your bitcoind username if different.
- Optionally, we can create a self-signed SSL certificate for Electrum Server SSL port. In Tor hidden services the traffic is encrypted end-to-end, and also a self-signed SSL certificate does not provide strong security, so if your Electrum Server is a Tor hidden service, we recommend skipping this step:
Go to the electrum-server folder and create a folder named ssl:
Substitute path if different in your setup.
mkdir ssl && cd ssl openssl genrsa -aes256 -passout pass:x -out server.pass.key 2048 openssl rsa -passin pass:x -in server.pass.key -out electrum-privatekey.key rm -rf server.pass.key openssl req -new -key electrum-privatekey.key -out electrum-server.csr
Now provide some data for the certificate, Country Name, State or Province Name, etc.
Attention at Common name: it has to match the FQDN where the electrum server will be reached, for example: onionaddress.onion or electrum.example.com in case it’s a clearnet Electrum server.
Do not provide a challenge password.
Self-sign the certificate with a big validity period:
openssl x509 -req -days 730 -in electrum-server.csr -signkey electrum-privatekey.key -out electrum-server.crt chown -R bitnode /home/bitnode/electrum-server/ssl
- Tweak the system for Electrum Server – type as root:
echo "bitnode hard nofile 65536" >> /etc/security/limits.conf echo "bitnode soft nofile 65536" >> /etc/security/limits.conf
Substitute bitnode with your bitcoind/electrum-server username in case it’s different.
- Configure the Tor hidden service for Electrum-Server:
Add these lines to your torrc: (/etc/tor/torrc):
HiddenServiceDir /var/lib/tor/electrum-server/ HiddenServicePort 50001 127.0.0.1:50001 HiddenServicePort 50002 127.0.0.1:50002
If you will not be enabling a SSL port, and only a plain text TCP, the last line enabling port 50002 is not required.
Reload your TOR service to enable the new settings
sudo service tor reload
Identify the .onion hostname which was generated for your hidden service:
Copy it and share it with the world so clients can use your Electrum server.
- Identify the RPC credentials for bitcoind and create your electrum.conf file:
First we need to get the credentials for RCP to our bitcoind instance. We have them in our bitcoin.conf, which in these tutorials is located at /home/bitnode/.bitcoin/bitcoin.conf:
Copy rpcuser= and rpcpassword=
Edit the electrum.conf file located in /etc/electrum.conf:
username = bitnode
*Substitute with your bitcoind/electrum username if different.
host = 127.0.0.1
If you want your electrum-server to listen on all interfaces, not just Tor hidden service, you can add host = 0.0.0.0 – this will bind to all interfaces, public/clearnet IPs also.
electrum_rpc_port = 8000 electrum_tcp_port = 50001 electrum_tcp_ssl_port = 50002
This is optional, in case you generated a SSL certificate as described above.
banner = “your hello message” ssl_certfile = /home/bitnode/electrum-server/ssl/electrum-server.crt ssl_keyfile = /home/bitnode/electrum-server/ssl/electrum-privatekey.key
*This is optional, in case you generated a SSL certificate and enabled tcp_ssl_port
logfile = /home/bitnode/electrum-server/electrum.log donation_address = <your bitcoin address goes here>
Configure the database. Go to [leveldb] and enter the Pruning limit (10000 or 100, depending which database file you’ve downloaded, we used 10000 here) and also the path for the database:
path = /home/bitnode/electrum-server/electrum-fulltree-10000-latest
Substitute with your path if different.
pruning_limit = 10000
Provide the bitcoind RPC user and password details. Go to [bitcoind] and enter:
bitcoind_host = localhost bitcoind_port = 8332 bitcoind_user = <username previously copied from bitcoin.conf> bitcoind_password = <password previously copied from bitcoin.conf>
– Save the changes to electrum.conf.
- Finally, start the server as the bitnode user and configure it to start at boot:
sudo -u bitnode electrum-server start nano /etc/rc.local
Add this line above exit 0 and below the bitcoind startup command.
sudo -u bitnode -i electrum-server start
It will take some time until Electrum is fully synced. It is fully synced when it’s at the latest block in the blockchain. To check this, see if it’s in sync with bitcoind:
sudo -u bitnode bitcoin-cli getinfo
<remember the blocks: value>
If the blocks: argument has the same value, it means your Electrum Server is fully synced. That’s it, clients can use it.
Note: The first sync will take some time, first bitcoind has to reindex the entire blockchain and after that Electrum has to catch up from the latest block in the downloaded database file until the last block in the Bitcoin network. This can take from a few hours to even few weeks, depending on your machine’s performance.
IT’S VERY IMPORTANT TO KEEP YOUR ELECTRUM SERVER UP TO DATE. FROM TIME TO TIME, YOU NEED TO UPDATE TO THE LATEST VERSION WHICH CONTAINS FIXES AND PERFORMANCE IMPROVEMENTS. FOR THIS, YOU NEED TO RUN THE FOLLOWING COMMANDS:
electrum-server stop cd ~/electrumsrc
(or the path where you fist cloned Electrum in Step 2 of this tutorial).
git pull https://github.com/spesmilo/electrum-server.git cd electrum-server sudo python setup.py install
Start the server again without modifying anything else.
sudo -u bitnode -i electrum-server start
Original article: https://www.sky-ip.org/configure-electrum-server-debian-ubuntu.html
Official HowTo: https://github.com/spesmilo/electrum-server/blob/master/HOWTO.md