Thanks a lot Tim.
We've looked into Chutney, but we're looking at building out a whole
network for various research purposes (I'm just the grad grunt, whatever
research plans they have are above me!)
It looks like you're saying that we could use chutney to at least generate
all of the base configuration files, is that right?
We've been running into these issues with completely clean installs of
CentOS, no new/extraneous services running with single instances of the tor
service going at any one time.
Nicholas R. Parker
Rochester Institute of Technology
5thYear, BS/MS Computing Security
585-794-0029 / nrp7...@rit.edu <dmg9...@rit.edu>
On Fri, Apr 8, 2016 at 8:34 PM, Tim Wilson-Brown - teor <teor2...@gmail.com>
wrote:
>
> > On 9 Apr 2016, at 04:21, Nicholas R. Parker (RIT Student) <
> nrp7...@rit.edu> wrote:
> >
> > Hi all,
> >
> > I've got an issue that I'm seeking help with. I'm with a small group out
> of RIT that's trying to construct a private TOR network for research
> purposes, but we've hit a bit of a snag.
> >
> > I've worked with both liu fengyun's (
> http://liufengyun.chaos-lab.com/prog/2015/01/09/private-tor-network.html)
> and Ritter's write up (
> https://ritter.vg/blog-run_your_own_tor_network.html), but when trying to
> set up authority directories the whole thing really falls apart.
>
> Depending on your research needs, you might find chutney helpful:
> https://gitweb.torproject.org/chutney.git
>
> chutney configures and launches a tor network on the local machine.
> It's designed to quickly smoke-test tor's key functionality, so it has a
> lot of torrc options set that speed things up.
>
> You should be able to get it to run using:
> 1. git clone https://git.torproject.org/chutney.git
> 2. git clone https://git.torproject.org/tor.git
> 3. cd tor
> 4. make test-network-all
>
> You might find this useful to test your code changes, or to give you a set
> of starting configurations that you can then modify to your own needs
> (including putting various nodes on different IP addresses).
>
> > Trying to edit the torrc file gives errors where it doesn't attempt to
> bind to the correct ports and trying to set --dirserver or --datadirectory
> results in errors that there isn't permission to access /var/lib/tor
> regardless of the owner of the directory (we've tried leaving it as being
> owned by _tor, tried changing ownership to root, etc) so we can't get the
> authority directories off the ground.
>
> At the high level of detail your provided, these sound like typical
> network daemon configuration issues.
> Have you tried consulting a network daemon FAQ for your OS?
>
> Typically, ports under 1024 shouldn't be used, because they often require
> root permissions or OS-specific capabilities.
> Each tor authority has a configured IP and ports, and these need to be
> consistent in each authority, relay, and client's torrc.
> Multiple tor instances on the same machine should not use the same ports -
> this includes default ports like SOCKSPort. (Set to 0 to disable).
> Do you have any other services running on these machines?
> Do you have old tor processes still running?
>
> Typically, network daemons need to be run as the user that owns the
> directory (or, at the very least, the user needs permission to modify it).
> Have you tried using a user / permissions FAQ for your OS to help you
> configure the user and permissions correctly?
> Tor also has more specific requirements for security reasons, this
> protects the keys from other users on the system.
>
> It's hard to give more advice without more specific details.
> If this advice doesn't help, please copy and paste the configuration
> options you used, and the errors you got, and then tell us what you've
> tried to do to fix them.
>
> Tim
>
> Tim Wilson-Brown (teor)
>
> teor2345 at gmail dot com
> PGP 968F094B
> ricochet:ekmygaiu4rzgsk6n
>
>
>
>
> ___
> tor-dev mailing list
> tor-dev@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
>
___
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
