Bitcoin Blog

If you prefer video and don’t need my help to install Fulcrum Server on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

• Go to https://github.com/cculianu/Fulcrum/releases
• Find the right download for you (likely the /Fulcrum-*.*.*-x86_64-linux.tar.gz version)
• Right click and copy that link
• Go to your downloads folder in terminal with the [cd downloads] command
• Now download that file using the command [wget <link to file>]
• You should see the file get downloaded in the terminal window
• In your home directory make a new folder. You can go to your home folder with the command [cd ~]
• Then type [mkdir fulcrum] to create that directory in your home directory
• Make another directory [mkdir fulcrum_db] also in your home directory
• You can type [ls] to confirm those directories are there
• Back to downloads directory [cd downloads]
• Unzip the fulcrum download using [tar xvf <fulcrum filename>] (you can copy the filename by typing [ls] in the downloads directory and copying the file name there.
• The terminal should show you new filepaths written
• Copy the file path
• Now move all of those files to the fulcrum files you already created with the command [mv Fulcrum-1.7.0-x86_64-linux/* /home/<your username>/fulcrum ] (replace with your version number. Replace <your username> with your username)
• Verify the move by [cd ~] to your home directory, then [cd fulcrum] to go to the fulcrum directory. Use command [ls] to check that the files are there
• Use this command to allow fulcrum to query the network in an encrypted way [openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem]
• You will be asked to answer some questions. No need to answer, leave blank hitting ‘enter’ for each.
• Type [ls] command to verify the key.pem file and the cert.pem are created
• Change the filename of the fulcrum-example-config.conf file to just fulcrum.conf with the command [mv fulcrum-example-config.conf fulcrum.conf]
• Edit that file with [sudo nano fulcrum.conf]
• Under basic options change datadir path to: /home/<username>/fulcrum_db
• Make rpcuser = <your bitcoin username> (you set this when you installed bitcoind)
• Make rpcpassword = <your bitcoin password> (you set this when you installed bitcoind)
• On the line that reads “#ssl = 0.0.0.0:50002” remove the #
•  Go to the line that reads “#cert = /path/to/server-cert.pem” remove the # and change the path to /home/<yourusername>/fulcrum/cert.pem
• Go the the line that has the key.pem file, remove the # and change the path to “key = /home/<YOURUSERNAME>/fulcrum/key.pem”
• Find line that reads #peering = true and remove the hashtag. Change true to false.
• Find  line that reads #fast-sync = 0 and remove the #. Change zero to 5000. This means you are letting fulcrum use 5 gigs of ram capacity to sync up. Adjust accordingly based on your scenario.
• Control x, y, enter to save the file and exit
• Create a service file in order for fulcrum to start up on boot. Do that by going to your home directory with [cd ~] and command [sudo nano /etc/systemd/system/fulcrum.service]
• Paste this into the fulcrum.service file:

[Unit]
Description=Fulcrum
After=network.target

[Service]
ExecStart=/home/<username>/fulcrum/Fulcrum /home/<yourusername>/fulcrum/fulcrum.conf
User=<username>
LimitNOFILE=8192
TimeoutStopSec=30min

[Install]
WantedBy=multi-user.target

• Hit control x, y, and enter to save and exit
• Now we enable the fulcrum service [sudo systemctl enable fulcrum.service]
• Start it [sudo systemctl start fulcrum.service]
• Check the status [sudo systemctl status fulcrum.service] to see if it worked
• Check the logs to see fulcrum downloading in a different terminal with [journalctl -fu fulcrum.service]

This will take hours to finish syncing, maybe half a day. When it is done you should be able to connect Sparrow Wallet to your fulcrum server if you are on the same network. Here are instructions for connecting (if you already have Sparrow Wallet on your computer, you can jump to timestamp 4:45 for connection instructions):

If you prefer video and don’t need my help to install Bitcoind on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand. Otherwise, the video should suffice.

Installing Bitcoind on Ubuntu Server

• Login to your nodebox through SSH using instructions previously shared here
• Input [mkdir downloads] to make a directory for downloads
• Type [ls] to confirm your new directory
• Visit https://bitcoincore.org/en/download/ to find the link to download bitcoind
• Right click/copy link on the Linux (tgz) download
• In terminal, go to your downloads directory with [cd downloads]
• Input [wget] and paste in the link for the linux (tgz) file
• Hit enter. This should download bitcoin to your downloads folder
• When it’s done you can type [ls] into the command line and see the download in the directory
• Follow the instruction in the bitcoincore.org/en/downloads to verify the bitcoin software you downloaded
• After verifying the file is good, unzip the file using this command: [tar xzf bitcoin-**.0-x86_64-linux-gnu.tar.gz] YOU WILL NEED TO CHANGE THE VERSION NUMBER TO THE ONE YOU DOWNLOADED.
• Use the command to install in your root directory: [sudo install -m 0755 -o root -g root -t /usr/local/bin bitcoin-22.0/bin/*] (YOU WILL NEED TO CHANGE THE VERSION NUMBER TO THE ONE YOU DOWNLOADED.)
• You will be prompted to enter your password
• Enter the command [bitcoind -daemon] to run Bitcoin. Your nodebox should be downloading the bitcoin blockchain, you can confirm that by following instructions below.
• Use the command [cd ~] to go back to your home directory
• Enter the command [ll] to see that .bitcoin has been added to your home directory
• Go into the .bitcoin directory using the command [cd .bitcoin]
• Type [ls] to see a list of files there
• Open a new terminal window and enter the command [tail -f .bitcoin/debug.log] to see the blocks downloading in real time if you’d like
  • A few bitcoin -cli commands:
    • bitcoin -cli getblockchaininfo
    • bitcoin -cli getconectioncount
• Now we setup bitcoin.conf
  • If you aren’t in the .bitcoin directory go there. [cd .bitcoin]
  • You will create a file there called bitcoin.conf using the command [nano bitcoin.conf]
  • You should see a text editor open up named bitcoin.conf
  • Paste in the following:

server=1
txindex=1
daemon=1
rpcport=8332
rpcbind=0.0.0.0
rpcallowip=127.0.0.1
rpcallowip=10.0.0.0/8
rpcallowip=172.0.0.0/8
rpcallowip=192.0.0.0/8
zmqpubrawblock=tcp://0.0.0.0:28332
zmqpubrawtx=tcp://0.0.0.0:28333
zmqpubhashblock=tcp://0.0.0.0:28334
whitelist=127.0.0.1

• In a browser, go to https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py
• Keep the bitcoin.conf file open and open a new terminal
• Use the [cd downloads] command to go into your downloads directory
• Use the command [wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py] to download that file
• We need to make that file executable. The command for that is [chmod +x rpcauth.py]
• We need to set a password and username for bitcoind. The command for that is [./rpcauth.py bitcoin bitcoin] (in that line “bitcoin” is designated as the password and “bitcoin” is designated as the username. Change that as you’d like.)
• Hit enter and you will get a string of characters that starts with rpcauth. Starting from the rpcauth part all the way through the rest of the characters, paste that below the “whitelist” line in the bitcoin.conf file you are editing.
• Hold down the “control” key and the “x” key at the same time to exit. Hit “y” to save the file when prompted. Hit “enter” to exit.
• In the terminal window with the .bitcoin directory stop bitcoind with the command [bitcoin-cli stop]
• Start it up again with the command [bitcoind]
• Use the command [bitcoin-cli blockchaininfo] to see if the timechain has completely downloaded
• Next… wait until core downloads all of the blocks. Might take 18 hours or so.

Setup the service file so that Bitcoin starts up automatically

• Go to https://raw.githubusercontent.com/bitcoin/bitcoin/master/contrib/init/bitcoind.service
• Enter command [cd /etc/systemd/system/] to move to that directory
• Enter command [ sudo wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/contrib/init/bitcoind.service] to download the service file template
• In the /etc/systemd/system directory enter command [sudo nano bitcoind.service]
• This will let you edit the service file to change the directories to be accurate
• Change lines:

[Service]
ExecStart=/usr/local/bin/bitcoind -daemon \
                            -pid=/run/bitcoind/bitcoind.pid \
                            -conf=/home/<YOURUSERNAME>/.bitcoin/bitcoin.conf \
                            -datadir=/home/<YOURUSERNAME>/.bitcoin

• Place a # in front of this line:

ExecStartPre=/bin/chgrp bitcoin /etc/bitcoin

• Should now read:

# ExecStartPre=/bin/chgrp bitcoin /etc/bitcoin

• Change the username to read the same username for your node login:

# Run as bitcoin:bitcoin
User=<YOURNODEUSERNAME>
Group=<YOURNODEUSERNAME>

• In the “Hardening Measures” part we will put a # in front of the line that reads “ProtectHome=true”

# Hardening measures
####################

# Provide a private /tmp and /var/tmp.
PrivateTmp=true

# Mount /usr, /boot/ and /etc read-only for the process.
ProtectSystem=full

# Deny access to /home, /root and /run/user
# ProtectHome=true

• Control X to save, type “y” to confirm, and enter to return to terminal
• Enable bitcoind with command [sudo systemctl enable bitcoind]
• Start bitcoind with command [sudo systemctl start bitcoind]

Enable TOR

• Install tor with [sudo apt install tor]
• Verify install using [sudo systemctl status tor]
• Edit a file in tor with the command [sudo nano /etc/tor/torrc]
• Add these lines to the bottom of that file:

ControlPort 9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1

• Hit control x, ‘y’ to save, enter to leave that file
• Make those changes effective by typing [sudo systemctl restart tor]
• Add your username by typing [sudo usermod -a -G debian-tor <username>]
• Add tor to bitcoin.conf file with the command [nano sudo .bitcoin/bitcoin.conf]
• Add the following lines to the bottom of the file.

proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
onlynet=onion

• Control x, ‘y’ to save, enter to exit
• Reboot machine using [sudo reboot]
• SSH back into your machine
• Now you need to check to see if bitcoind is connecting to peers with the move to tor vs. clearnet
• Using a second terminal, Type command [tail -f .bitcoin/debug.log] to see if new blocks are coming in
• Back in the other terminal window, enter command [bitcoin-cli getconnectioncount]
• If you are getting a ‘0’ for connection count you may need to manually find a connection
• Instructions for that are:
  • Visit this website: https://bitnodes.io/nodes/?q=Tor%20network%20(TOR)
  • Scroll down a bit and you will see a list of nodes online. Picking the first one should work just fine. Copy that onion address including the :8333 port in it.
  • Now you are going to add that address to your bitcoin.conf file using this command [sudo nano .bitcoin/bitcoin.conf]
  • Next, add that node to the bottom of the bictoin.conf file with the command [addnode=<url of that node>]
  • Control x, save, enter to finally exit
  • Restart bitcoind with command [sudo systemctl restart bitcoind]
  • Wait a minute or so and check the other terminal window to see if you are connecting to peers.
  • You can also type in a terminal [bitcoin-cli getconnectioncount] to see if you have any new peers.
  • Once you have 4 or five peers, you can go into the bitcoin.conf file and remove the node you added at the bottom. Command [sudo nano .bitcoin/bitcoin.conf] will get you back in. Scroll down and delete the text you added earlier, then control x, y, enter.
  • Restart bitcoind again with command [sudo systemctl restart bitcoind] to ensure that your node can now connect to peers on it’s own
  • After a minute or so use [bitcoin-cli getconnectioncount] to very connection to other nodes over tor
• To verify your traffic is going over tor you can use the command [bitcoin-cli getnetworkinfo]
• You should see an onion address at the bottom of the information that prints out in terminal. You should also see ipv4 reachable: false. Same for ipv6. Onion ‘reachable’ should say ‘true’
• Another useful command is bitcoin-cli gettxoutsetinfo to verify the supply of all satoshis