Configure Bitcoin Core
Configure Bitcoin Core before starting your node.
Configure Bitcoin Core
Base Configuration
Let's create the needed files:
cd ~mkdir ~/.bitcointouch ~/.bitcoin/bitcoin.confAdd the following configuration to the bitcoin.conf file we just created:
With the configuration below the node will be accessible only on localhost and on the Tor network. Refer to the configuration file on this page if you wish to also expose your node via IPv4/IPv6.
# Enable JSON-RPC API on port 8332
server=1
# Restrict JSON-RPC API to localhost only
rpcbind=127.0.0.1
rpcallowip=127.0.0.1
# Run Bitcoin Core as a background daemon
daemon=1
# Accept incoming P2P traffic (port 8333) to be a full participant in the network
# If set to 0, other nodes can't sync from us, but we can still sync from them
listen=1
# Keep full index of all transactions, not just those of the node's wallet.
# Uses more space but allows querying any transaction by its txid
# We need it if we want to run an Electrum Server or a blockchain explorer
txindex=1
# Cache size in MBs. Lower it to 500 after the first blockchain sync is complete.
dbcache=3000
# Run the node **only** on the Tor network
onlynet=onion
proxy=127.0.0.1:9050
bind=127.0.0.1
# Use native segwit addresses by default
addresstype=bech32
changetype=bech32
JSON-RPC API
Bitcoin provides a control interface via a JSON-RPC API on port 8332. We enabled with server=1 in the bitcoin.conf file.
Other locally running applications that need to interact with Bitcoin's JSON-RPC API will use the cookie located at ~/.bitcoin/.cookie.
If you ever want to connect remotely running applications to the JSON-RPC API, you can create a set of credentials with the command below:
Verify the output and append the mentioned line to the bottom of the bitcoin.conf file.
Save the plain text password securely because the line added to bitcoin.conf contains only the hash.
Configure Tor
Bitcoin Core and other applications you install will heavily rely on Tor to connect with peers and ensure our wallets remain accessible. Proper configuration is critical.
Tor-default Configuration
Edit the default tor configuration file:
Add the following lines:
SocksPort β SOCKS proxy, routes traffic through the Tor network
ControlPort β Allows other programs to interact with the Tor daemon
CookieAuthentication β Requires local cookie authentication to access the control port (
/run/tor/control.authcookie)CookieAuthFileGroupReadable β Only users in the
debian-torgroup can authenticate with the cookie
Now restart tor:
Tor-Instance Configuration
If you're using a different tor instance,the config above won't work because bitcoin won't be able to find the cookie auth file for the instance. So instead we will use password authentication to access the control port.
Choose a strong password, then generate a hash with tor:
This will output a hash for the password specified, example:
Now edit your tor instance config like /etc/tor/instances/tor4bitcoin/torrc to add the following:
Now enable and start the tor instance:
Next edit ~/.bitcoin/bitcoin.conf and edit this line with the right tor socks port:
Next add these lines. Make sure to add the right tor control port and the password you chose before.
Hidden Onion Service for the JSON-RPC API
Exposing the RPC API is not recommended unless you fully understand the risks. It is a prime target for brute-force attacks and zero-day exploits. If compromised, an attacker could steal your Bitcoin IF you enabled the node's wallet and had funds in it.
As configured, the JSON-RPC API is accessible only from localhost. To expose this port externally, you can create a Tor service for it.
Configure systemd service
Bitcoin Core's main program is bitcoind (short for Bitcoin Daemon). We will configure it as a systemd service to simplify management:
Add the following:
In User=, replace your_user with your own user
Do the same in the path of PIDFile=
Verify the path of ExecStart= by running the command
which bitcoind
Finally, reload systemd:
Last updated
Was this helpful?