Re: [tor-relays] running a bridge
On Sun, Jan 02, 2022 at 11:59:23AM +0100, carl box wrote: > Hi, > I am totaly non technical but have a fixed 24/7 ip and a computer only > running my camera system.\ > i think i can run a bridge but after reading all the blerb am non the wiser. > is this somthing i can set up on my security comuter and forget about? > Regards Carl Hello Carl, yes, this is pretty much a thing you can set up and forget about, if you want. See here for guides on how to set up obfs4 bridges on all kinds of operating systems: https://community.torproject.org/relay/setup/bridge/ If you need any help or have any questions, don't hesitate to ask. Jonathan -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Upgrading Linux Mint to Ulyana
On Wed, Jul 29, 2020 at 04:48:30PM +, Anonforpeace wrote: > I am running my bridge on Linux Mint and there is an upgrade to the latest > version, Linux Mint 20, Ulyana. I'd like to perform the upgrade, buy my > question is, is there a way to do it without having to reconfigure the > bridge entirely? You can always copy/move a TOr bridge configuration by copying the directories /etc/tor/ as well as /var/lib/tor entirely. -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] New relay on dynamic IP address
On Thu, Jan 23, 2020 at 03:19:52PM +0100, Mario Costa wrote: > Also, I’m wondering what will happen when the dynamic IP changes. Sooner or > later I’ll have a power outage or restart the modem. Last time my IP changed > it happened overnight for no evident reason. Will this relay lose its flags? > Is a really with a dynamic IP address useful at all? If your IP address doesn't change every day but only every now and then then yes, it's definitely a useful relay. Should the IP address change too often, your relay might loose its "guard" or even "stable" flag but I recommend you just see what will happen. I have a relay (6B185DEEB249E4BA6182ECA077530C45E98A6C5F) that's also just running at home with a dynamic IP address and it still has its "Stable" flag. -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Question
Hi! Can you try to run this command as root? # curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | apt-key add - Let's see if that works. -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Home Router limits question
On Fri, Jun 14, 2019 at 04:14:00PM +, to...@protonmail.com wrote: > Would tor show something in its log if I were hitting my router's limit? > Seeing nothing there or in my router's gui log interface, but not sure what > I should expect to see. If you don't restrict the capacity that Tor is supposed to use by setting options like "BandwidthRate" etc. in torrc, your relay will simply use all the bandwidth that is availible. So Tor will automatically push your router or your internet connection's capacity to their upper limits. That is, if you have less bandwidth availible than a single relay will even be assigned by the Tor network, of course. There are limits for that as well. -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] tor relay shutsdown
On Fri, Feb 01, 2019 at 11:29:25AM +0100, Neelix wrote: > The entire machine shuts down. Very strange. Then I'd doubt that it even has anything to do with Tor. Have a look at /var/log/syslog and see if there's anything there that might be helpful. -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] tor relay shutsdown
On Fri, Feb 01, 2019 at 11:13:43AM +0100, Neelix wrote: > Yes I have that line. There isn't anything special in the log files. I'm > running Debian 8 im using the distros Tor package. OK. By "shutdown", you mean that the Tor service terminated, right? Or do you mean that the entire machine actually shut down? -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] tor relay shutsdown
On Fri, Feb 01, 2019 at 07:11:51AM +0100, Neelix wrote: > I have setup a tor exit but it seems like that is shutsdown after x > hours. I can not find anything in the logs. Anyone knows how this might > happen? Have you even found Tor's log file (if there is any)? What OS/distro are you using? Are you using your distro's package management system's Tor package? In case you did find Tor's log file, can you find a line in it that looks like this?: [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor. -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] New exit relay help
On Thu, Dec 27, 2018 at 10:14:48PM +0100, niftybunny wrote: > Change your port from 9001 to 80 to make it work. 9001 is actually the (sorta) default port for the ORPort, not the DirPort. So that wouldn't have worked. -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Relay Bandwidth Question
On Mon, May 14, 2018 at 12:26:42PM -0700, Keifer Bly wrote: > So I have been away from the computer where my relay is running off of for a > few days. I have been wanting to check how much data my relay has been > receiving during this time. I check it at > http://torstatus.blutmagie.de/router_detail.php?FP=db1af6477bb276b6ea5e72132684096eee779d30, > > but that only shows how many “bytes” have been sent. I am wondering, is > there a way to show this in megabytes / gigabytes? Well, if dividing is too much work for you, have a look at your relay's logs. You should see something like this every now and then: May 14 19:31:50 vmd20267 Tor[486]: Heartbeat: Tor's uptime is 5 days 11:59 hours, with 9841 circuits open. I've sent 2466.00 GB and received 2441.27 GB. This is an example from one of my relays. If you want to get more in depth with monitoring your relays, check out Nyx: http://ebxqgaz3dwywcoxl.onion/ -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] what ip,port combinations do Tor clients need?
On Wed, May 09, 2018 at 10:18:10AM +0200, Martin Kepplinger wrote: > On 2018-05-08 16:59, Jonathan Marquardt wrote: > > On Tue, May 08, 2018 at 04:45:58PM +0200, Martin Kepplinger wrote: > > > How does a usable ipset (hash:ip,port) look like, so that it is a > > > whitelist > > > for > > > in/out tcp connections? *Everything* else from/to the outside world is > > > assumed > > > to be dropped. (DNS too). > > > > > > * dir auths from src/or/auth_dirs.inc > > > * fallback dirs from scripts/maint/fallback.whitelist > > > * current guard relays (parsed from a consensus file) > > > > > > anything else? > > > > There isn't really a standard port for the ORPort or the DirPort. All kinds > > of > > ports are used for this. For example, you could only allow port 443 and you > > would be good to go, just not for all relays. > > > > In theory, you could create a giant iptables ruleset for every relay out > > there, which you would have to update all the time, because it changes every > > day. > > That's not really a problem with ipset. My list above results in about 2800 > entries (ip,port combinations). I could easily update it hourly. Starting > tor-browser doesn't yet work though, and while I might simply still get > iptables rules wrong, I thought I'd ask if I miss addresses. > > Allowing local connections is necessary for the control port, and not an > issue. It's about remote tcp connections. Well, you really only need to allow TCP connections to all the guard nodes on their ORPorts and the connections to the fallback dir. That's it. Maybe check your firewall's logs? -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] what ip,port combinations do Tor clients need?
On Tue, May 08, 2018 at 04:45:58PM +0200, Martin Kepplinger wrote: > How does a usable ipset (hash:ip,port) look like, so that it is a whitelist > for > in/out tcp connections? *Everything* else from/to the outside world is > assumed > to be dropped. (DNS too). > > * dir auths from src/or/auth_dirs.inc > * fallback dirs from scripts/maint/fallback.whitelist > * current guard relays (parsed from a consensus file) > > anything else? There isn't really a standard port for the ORPort or the DirPort. All kinds of ports are used for this. For example, you could only allow port 443 and you would be good to go, just not for all relays. In theory, you could create a giant iptables ruleset for every relay out there, which you would have to update all the time, because it changes every day. I think that it is a more sensible approach if you configure a couple of bridges on your clients and only allow these IP:Port combinations. This would be a wiser approach if you aim for a minimum of allowed connection types. -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Guard node configuration?
On Sat, Apr 21, 2018 at 04:51:19PM -0400, Gabe D. wrote: > Hi guys. I've a relay running on Tor. It's an exit node now. And I noticed > it has an entry guard flag which is great. But probability of it being an > entry relay is 0%. How can I utilise this server to be an entry relay? How > does one configure this and how does it work? Exit relays are not used as guards because their bandwidth is more valuable if it is used as exit capacity, as there are many more non-exit than exit relays on the network. See: https://blog.torproject.org/lifecycle-new-relay "Phase three", third paragraph -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Best tor version
On Wed, Mar 14, 2018 at 07:40:30AM +, Даннил Николаев wrote: > What is best to run on relay? Version 0.2 or 0.3? Always the latest stable version, which is currently 0.3.2.10. Be sure to follow this guide for how to set up a relay: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Relay Setup
On Sat, Feb 24, 2018 at 12:23:34PM -0500, Gabe D. wrote: > Ive an issue... I wanted to aid the network and setup a tor exit node, > however its failing to do so, everything looks perfect config wise and it > says "publishing server descriptor" no errors but the node never shows up in > tor atlas, is there something i may be doing wrong? How long did you wait? It can take a few hours for your relay to show up in Atlas. If it still doesn't show up the next day, make sure that your ORPort and DirPort are reachable from the internet. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] bridge questions
On Tue, Feb 13, 2018 at 04:49:28PM -0800, Arisbe wrote: > I have several quick question: Can bridges use an IPv6 ORPort? Is there any > advantage to adding this to my bridges? Has anyone actually seen IPv6 > connections on a bridge? It is possible to enable IPv6 for your bridges ORPort. Like this for example: ORPort 443 ORPort [2a02:c207:3002:5060::1]:443 The first entry enables your IPv4 ORPort, the second does it for IPv6. You need to manually enter your server's reachable IPv6 address there. As you can see here, there a many bridges with an IPv6 ORPort: https://metrics.torproject.org/bridges-ipv6.html The advantage is that users can connect to your bridge using IPv6 obviously. The amount of users doing is around 1000, as you can see here: https://metrics.torproject.org/userstats-bridge-version.html?version=v6 It's always a good idea to have a look at some of the Tor Metrics. It can give you some valueable insights. -- OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 https://www.parckwart.de/pgp_key signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Install Error
On Thu, Aug 24, 2017 at 11:42:23AM -0700, Kurt Besig wrote: > While using apt-get to update my tor relay to a 'recommended' version I > keep encountering this error: > > W: An error occurred during the signature verification. The repository > is not updated and the previous index files will be used. GPG error: > http://deb.torproject.org trusty InRelease: The following signatures > couldn't be verified because the public key is not available: NO_PUBKEY > 74A941BA219EC810 > > W: Failed to fetch > http://deb.torproject.org/torproject.org/dists/trusty/InRelease > > I've read several approaches to remedying this error, however I'm > wondering what would be the 'most widely accepted as correct' method of > dealing with the error? Run the following commands: gpg --keyserver keys.gnupg.net --recv A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add - sudo apt-get update sudo apt-get install tor deb.torproject.org-keyring You can find the instructions for using the repository here: https://www.torproject.org/docs/debian.html.en#ubuntu -- 4096R/1224DBD299A4F5F3 47BC 7DE8 3D46 2E8B ED18 AA86 1224 DBD2 99A4 F5F3 signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] [tor-talk] TOR problems - seriously PLEASE HELP ME!
On Mon, Apr 24, 2017 at 12:16:23PM +0200, unpublished wrote: > 1. Many web pages display information that I do not support "TOR > connections"? Not sure, what you mean here. Perhaps THEY don't support (i.e. block) connections from Tor users, because they are afraid of spam or other stupid reasons. Nothing you can really do here. Websites blocking Tor is a huge problem. > 2. How to increase (amazon) the number of relay nodes? Because standard > only two redirect point? There are always three nodes. The amazon node should be your guard relay (where you enter the Tor network). Then there are two relays after that. There isn't really any way to change that. Three hops should be sufficient for decent anonymity, no real need to worry here. > 3. How to change the end node of the country (eg country from which I am > POLAND)? Here's a simple guide on how to do that: http://www.wikihow.com/Set-a-Specific-Country-in-a-Tor-Browser -- 4096R/1224DBD299A4F5F3 47BC 7DE8 3D46 2E8B ED18 AA86 1224 DBD2 99A4 F5F3 signature.asc Description: Digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
