[tor-relays] A call to arms for obfuscated bridges

2013-04-16 Thread George Kadianakis 
Greetings,

A year ago we asked you to run obfuscated bridges to help people in
Iran [0]. Many people answered our call and we ended up having a big
pool of obfuscated bridges to give to our users.

Unfortunately, today, most of those bridges are down, and fresh ones
are needed more than ever, since obfuscated bridges are the only way
for people to access Tor in some areas of the world (like China, Iran
and Syria).

On the bright side, Tor's anti-censorship infrastructure has improved,
and now you don't have to send the bridge addresses to us; if you run
an obfuscated bridge with Tor 0.2.4.x, Tor will send its own address
to BridgeDB [1] like normal bridges do.

Also, obfsproxy was rewritten in Python and it now supports a new
pluggable transport called 'obfs3' which works even in China [2]. We
have dropped support for the C-version of Obfsproxy, and the new
Pluggable Transport Bundles contain the Python version [3]. Finally,
future pluggable transports will be developed for the Python version.

Looking into BridgeDB, we have 200 obfs2 bridges, but only 40 obfs3
bridges: this means that we need more people running the new Python
obfsproxy! Upgrading obfsproxy should be easy now, since we prepared
new instructions and Debian/Ubuntu packages. If you run Debian or
Ubuntu check out these instructiosn:
https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en
otherwise use these:
https://www.torproject.org/projects/obfsproxy-instructions.html.en
(and make sure your pip is upgraded so that it uses HTTPS [4])

Furthermore, Tor's support assistants need some _unpublished_ bridges to
give to censored users who ask for help via email. To configure an
unpublished bridge you add
"PublishServerDescriptor 0"
to its torrc. After you do so, fire up Tor, and check its logs to find
the ports that 'obfs2' and 'obfs3' are using. Send your IP and ports
to tor-assista...@torproject.org. 

Finally, if in the future we need you to do something extra (for example to
upgrade obfsproxy to support a new pluggable transport) we will send
another mail to tor-relays.

Thanks for the help!

[0]: https://lists.torproject.org/pipermail/tor-talk/2012-February/023070.html
[1]: https://bridges.torproject.org
[2]: In China obfs2 is blocked using active probes: 
https://trac.torproject.org/projects/tor/ticket/8591
[3]: https://blog.torproject.org/blog/new-name-obfsproxy-tor-browser-bundles
[4]: 
https://groups.google.com/forum/#!msg/python-virtualenv/foXxh-NpdGg/uT0NPc9mFQ8J
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-16 Thread Sina Eetezadi 

I would love to help. My questions, does it make any sense to run a
bridge from a residential internet that changes its IP 2-3 times a day?
My server is running constantly, however my provider "likes" disconnects
and as a result my IP changes.


> Greetings,
> 
> A year ago we asked you to run obfuscated bridges to help people in
> Iran [0]. Many people answered our call and we ended up having a big
> pool of obfuscated bridges to give to our users.
> 
> Unfortunately, today, most of those bridges are down, and fresh ones
> are needed more than ever, since obfuscated bridges are the only way
> for people to access Tor in some areas of the world (like China, Iran
> and Syria).
> 
> On the bright side, Tor's anti-censorship infrastructure has improved,
> and now you don't have to send the bridge addresses to us; if you run
> an obfuscated bridge with Tor 0.2.4.x, Tor will send its own address
> to BridgeDB [1] like normal bridges do.
> 
> Also, obfsproxy was rewritten in Python and it now supports a new
> pluggable transport called 'obfs3' which works even in China [2]. We
> have dropped support for the C-version of Obfsproxy, and the new
> Pluggable Transport Bundles contain the Python version [3]. Finally,
> future pluggable transports will be developed for the Python version.
> 
> Looking into BridgeDB, we have 200 obfs2 bridges, but only 40 obfs3
> bridges: this means that we need more people running the new Python
> obfsproxy! Upgrading obfsproxy should be easy now, since we prepared
> new instructions and Debian/Ubuntu packages. If you run Debian or
> Ubuntu check out these instructiosn:
> https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en
> otherwise use these:
> https://www.torproject.org/projects/obfsproxy-instructions.html.en
> (and make sure your pip is upgraded so that it uses HTTPS [4])
> 
> Furthermore, Tor's support assistants need some _unpublished_ bridges to
> give to censored users who ask for help via email. To configure an
> unpublished bridge you add
> "PublishServerDescriptor 0"
> to its torrc. After you do so, fire up Tor, and check its logs to find
> the ports that 'obfs2' and 'obfs3' are using. Send your IP and ports
> to tor-assista...@torproject.org. 
> 
> Finally, if in the future we need you to do something extra (for example to
> upgrade obfsproxy to support a new pluggable transport) we will send
> another mail to tor-relays.
> 
> Thanks for the help!
> 
> [0]: https://lists.torproject.org/pipermail/tor-talk/2012-February/023070.html
> [1]: https://bridges.torproject.org
> [2]: In China obfs2 is blocked using active probes: 
> https://trac.torproject.org/projects/tor/ticket/8591
> [3]: https://blog.torproject.org/blog/new-name-obfsproxy-tor-browser-bundles
> [4]: 
> https://groups.google.com/forum/#!msg/python-virtualenv/foXxh-NpdGg/uT0NPc9mFQ8J
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-16 Thread Steve Snyder 
On Tuesday, April 16, 2013 12:52pm, "George Kadianakis"  
said:
[snip]
> Looking into BridgeDB, we have 200 obfs2 bridges, but only 40 obfs3
> bridges: this means that we need more people running the new Python
> obfsproxy! Upgrading obfsproxy should be easy now, since we prepared
> new instructions and Debian/Ubuntu packages.
[snip]

Users running RHEL/CentOS need not apply.

obfs2 wouldn't build on RHEL5/CentOS5 due to the minimum autoconf version 
required to build it.  Fair enough, the 5.x series is pretty old in terms of 
package versions installed.

obfs3 won't build/run on RHEL6/CentOS6 due to the Python 2.7.x (plus many, many 
subpackages) requirement.  Replacing the installed Python v2.6.x will break 
your system.  Installing to an alternate location (download, ./configure, make 
altinstall) and editing /usr/bin/obfsproxy isn't enough as the subpackages are 
all still installed beneath /usr/lib/python2.6/.  

Oh, and the "pip" referred to in the build instructions 
(https://www.torproject.org/projects/obfsproxy-instructions.html.en) is named 
"pip-python" in CentOS6.


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-16 Thread Lunar 
Steve Snyder:
> obfs3 won't build/run on RHEL6/CentOS6 due to the Python 2.7.x (plus
> many, many subpackages) requirement.

That's a pity: obfsproxy can actually run with Python 2.6 as I've
happily discovered when doing packages for Debian Squeeze.

I hope George will be able to lower the requierements in the next
release.

-- 
Lunar 


signature.asc
Description: Digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-16 Thread Roman Mamedov 
On Tue, 16 Apr 2013 19:52:19 +0300
George Kadianakis  wrote:

> Also, obfsproxy was rewritten in Python and it now supports a new
> pluggable transport called 'obfs3' which works even in China [2]. We
> have dropped support for the C-version of Obfsproxy, and the new
> Pluggable Transport Bundles contain the Python version [3]. Finally,
> future pluggable transports will be developed for the Python version.

I wish this sort of functionality was integrated directly into tor.

I am not up for installing and configuring an extra piece of Python software
on my bridges, and it doesn't help that it isn't even present in Debian (only
version 0.1.4 is there, which I guess is not obfs "3" that you now promote).

-- 
With respect,
Roman


signature.asc
Description: PGP signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-16 Thread Moritz Bartl 
On 16.04.2013 22:27, Roman Mamedov wrote:
>> Also, obfsproxy was rewritten in Python and it now supports a new
>> pluggable transport called 'obfs3' which works even in China [2].
> I wish this sort of functionality was integrated directly into tor.
> I am not up for installing and configuring an extra piece of Python software
> on my bridges, and it doesn't help that it isn't even present in Debian (only
> version 0.1.4 is there, which I guess is not obfs "3" that you now promote).

If you have deb.torproject.org as apt repository source, which is also
the recommended way to get and keep Tor up to date, you can simply
apt-get it.

Don't confuse the version number of Obfsproxy with supported transport
protocols. Obfsproxy is a software that currently supports the "obfs2"
and "obfs3" protocols, and is at version 0.2.1-2. It is likely that in
the future support for more protocols will be added.

-- 
Moritz Bartl
https://www.torservers.net/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-16 Thread Martin Weinelt 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 16.04.2013 22:37, Moritz Bartl wrote:
> On 16.04.2013 22:27, Roman Mamedov wrote:
>>> Also, obfsproxy was rewritten in Python and it now supports a
>>> new pluggable transport called 'obfs3' which works even in
>>> China [2].
>> I wish this sort of functionality was integrated directly into
>> tor. I am not up for installing and configuring an extra piece of
>> Python software on my bridges, and it doesn't help that it isn't
>> even present in Debian (only version 0.1.4 is there, which I
>> guess is not obfs "3" that you now promote).
> 
> If you have deb.torproject.org as apt repository source, which is
> also the recommended way to get and keep Tor up to date, you can
> simply apt-get it.
> 
> Don't confuse the version number of Obfsproxy with supported
> transport protocols. Obfsproxy is a software that currently
> supports the "obfs2" and "obfs3" protocols, and is at version
> 0.2.1-2. It is likely that in the future support for more protocols
> will be added.
> 

Does it make sense to launch an Obfsproxy on a IP already running a
relay node? If yes, can I run it in the same tor session? What options
do I need to activate?

I added the SoftwareTransportPlugins to my configuration and upon
rehashing it showed it listened to two more ports:
22:43:39 [NOTICE] Registered server transport 'obfs2' at '0.0.0.0:47533'
22:43:39 [NOTICE] Registered server transport 'obfs3' at '0.0.0.0:42580'

I however did not yet add "BridgeRelay 1" because I don't know how
that affects relay functionality.

Where do I go from here?


Martin Weinelt
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJRbblgAAoJEM1jnLOhksr37UgQAKsFO/X8BPcHpHNWAHqXwrpt
HQxBgqhIDBxVpDoOHGcOthMHOBBAP5mqHywgtmPLAsdHXiqh7hZbN9XVK66GDcf+
+qIxfng22+ydQGsS93SCMzT9eqBTuY98o7ldfr/N1QNfQ2ZMpNqgOxVrgjio+jzN
7C5Fg8eYcfNn8wqiOm5e4JDXXlIXCChvuJrm1pTjEgumRn+/R7IR2YXbgOVaOl+S
MIjoy4gSiwEsExM8o2jqOUvQkpSch77AGIYZ+5gZIAokWiN318jZNNzvNw5OBlqi
lr7b26yl9wYWVGXPLNOj4A+or1pLjtOBK4nZllssQUVgH3btX+yvV3Wl7DUoj32j
RFbwGL2bOd3O1jxwKG5vroJWxis8KNxCDwry5SsL/gHh6hD5K30IZ1EF+TDZ6kAL
t/cpMkxxLcBwyDIPG3K/TD0RFnOPi3Mc7QJtQuSJspH9UsyqSndxmUG0NhfyN/qF
kXn3k3kI5m+W2FdSnjn5HbpRJ29FKwprDoVPKmAYzPE8a0En8S0K7f0UFjM221QI
rOGiwm3PhTpQYdh2OqOObBOBSay3tHY8mpXotdEcB1A+qtATh5UkabBL1JHclf4o
DbkhQPO9DTP7xglm1Icef2XGpjQljZBK25O823yN9KFhuP806Ttwo4phaQ7n6A27
0mnrcYIbGm3V/zHEjItv
=yIcn
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-16 Thread Runa A. Sandvik 
On Tue, Apr 16, 2013 at 4:52 PM, George Kadianakis  wrote:
> Looking into BridgeDB, we have 200 obfs2 bridges, but only 40 obfs3
> bridges: this means that we need more people running the new Python
> obfsproxy! Upgrading obfsproxy should be easy now, since we prepared
> new instructions and Debian/Ubuntu packages. If you run Debian or
> Ubuntu check out these instructiosn:
> https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en
> otherwise use these:
> https://www.torproject.org/projects/obfsproxy-instructions.html.en
> (and make sure your pip is upgraded so that it uses HTTPS [4])

The easiest way to run an obfs3 bridge is to spin up an Amazon EC2
instance from https://cloud.torproject.org/. The instance will
automatically be a normal bridge, an obfs2 bridge, and an obfs3
bridge. The bridge will announce itself to the bridge database, so you
don't have to email us with the IP and port. The best part is that it
will cost you less than $30 per month!

-- 
Runa A. Sandvik
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-17 Thread Moritz Bartl 
On 16.04.2013 22:49, Martin Weinelt wrote:
> Does it make sense to launch an Obfsproxy on a IP already running a
> relay node? 

That is a fine question. Some countries currently seem to block relays
by IP:Port combination, so the rest of the ports could be still
reachable. In theory, it should work to be a relay and run obfsproxy on
top of it, but i am not sure it works in practice.

> I added the SoftwareTransportPlugins to my configuration and upon
> rehashing it showed it listened to two more ports:
> 22:43:39 [NOTICE] Registered server transport 'obfs2' at '0.0.0.0:47533'
> 22:43:39 [NOTICE] Registered server transport 'obfs3' at '0.0.0.0:42580'
> 
> I however did not yet add "BridgeRelay 1" because I don't know how
> that affects relay functionality.
> 
> Where do I go from here?

Make sure the two ports are reachable from the outside. I don't know if
Tor publishes these ports to BridgeDB (the place where censored users
will learn about bridges) without being a bridge relay, and you cannot
enable "BridgeRelay 1" because one Tor process can either be a relay or
a bridge.

If you want to make sure it works, you have to spin up and manage a
second Tor process.

-- 
Moritz Bartl
https://www.torservers.net/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-18 Thread Drake Wilson 
Quoth Steve Snyder , on 2013-04-16 15:53:14 -0400:
> obfs3 won't build/run on RHEL6/CentOS6 due to the Python 2.7.x (plus
> many, many subpackages) requirement.  Replacing the installed Python
> v2.6.x will break your system.  Installing to an alternate location
> (download, ./configure, make altinstall) and editing
> /usr/bin/obfsproxy isn't enough as the subpackages are all still
> installed beneath /usr/lib/python2.6/.

Indeed.

I tend to run my server-y machines on CentOS 6 at the moment, and I
was going to try to spin up an obfs3 proxy on one of them, but the
Python 2.7 dependency steamrolls that plan.  Curiously, if it needed
Python 3, I would be more amenable to it, both since the major version
change means upstreams are likely to make sure parallel installation
works, and because I'm interested in increased Python 3 adoption
anyway.

I am not really inclined to do any of:

  - try to have both a distribution and an out-of-distribution Python
2 installed in parallel;

  - bypass declared installation requirements, use 2.6.6, and blindly
hope that it won't result in some awful subtle bug;

  - allocate additional money and tracking resources to fooling around
with Amazon (eating my free usage quota and then likely causing me
to drop the bridge after a year anyway, which is exactly what you
_didn't_ want) when I have perfectly good spare computing power
already;

  - try to figure out how to retrieve the "Tor Cloud" image and/or
convert it into something I can use outside of Amazon's service.

I also ran into the following:

  - I'd like to examine the obfsproxy source code out of curiosity to
see how it's likely to interact with my other network services.
The only thing that looks like a source link on [1] points me to
installation instructions of the form "now, here's how to vomit
all the files somewhere on your system using pip, which you
already have because you're about to install it on this very
machine, right?".  Where's the beef^Wtarball?  Hell if I know
without spending a lot of energy on it.

[1] https://www.torproject.org//projects/obfsproxy.html.en

  - What's the way to make this play nicely if all the "common"
encrypted-connection ports (particularly 443/tcp) are already
bound to their "usual" services on this IP address?  Does that
exist?  What requirements are there for what the service "looks
like" to the outside for the obfs3 usage to actually be effective?
I can't easily tell.

For me, this is "oh, well", but if you want more deployed obfuscated
bridges, there might be other people running into the same things.

   ---> Drake Wilson
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-19 Thread Lunar 
Drake Wilson:
>   - bypass declared installation requirements, use 2.6.6, and blindly
> hope that it won't result in some awful subtle bug;

obfsproxy works on Debian Squeeze which bears 2.6.6. I had to patch the
test suites but that was all:



>   - I'd like to examine the obfsproxy source code out of curiosity to
> see how it's likely to interact with my other network services.


or `git clone https://git.torproject.org/pluggable-transports/obfsproxy.git`
or  (tarball and gpg sig)

Hope that helps,
-- 
Lunar 


signature.asc
Description: Digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-19 Thread Andreas Krey 
On Fri, 19 Apr 2013 13:50:48 +, Lunar wrote:
> Drake Wilson:
> >   - bypass declared installation requirements, use 2.6.6, and blindly
> > hope that it won't result in some awful subtle bug;
> 
> obfsproxy works on Debian Squeeze which bears 2.6.6. I had to patch the

Mind to provide any more details? The 'pip install obfsproxy' runs into
all sorts of errors (first missing C compiler, then missing Python.h)
on my fresh debian box.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds 
Date: Fri, 22 Jan 2010 07:29:21 -0800
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-19 Thread Martin Weinelt 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 19.04.2013 19:48, Andreas Krey wrote:
> On Fri, 19 Apr 2013 13:50:48 +, Lunar wrote:
>> Drake Wilson:
>>> - bypass declared installation requirements, use 2.6.6, and
>>> blindly hope that it won't result in some awful subtle bug;
>> 
>> obfsproxy works on Debian Squeeze which bears 2.6.6. I had to
>> patch the
> 
> Mind to provide any more details? The 'pip install obfsproxy' runs
> into all sorts of errors (first missing C compiler, then missing
> Python.h) on my fresh debian box.
> 
> Andreas
> 

A missing Python.h is probably contained in your python2.6-dev
package. The rest could probably be debugged if you provided a log.


Martin Weinelt
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJRcYOYAAoJEM1jnLOhksr3ohAP/RRKI4kl1xGssKDwiY5Vjcje
gZdgo5nKa1P2cKC3KaBgdwLCw6SSD+82WdYJLIfv9/6YRQkO9aNCByVmLx2iyaRg
ozoS8sJrB59qmSh1mtnJ+EfGKU7Cttj+Yhy2I9nwrnmfMrRPIv+7MOueDtKEASAf
l2plixARVRINLvBHhVq8Bt9sldMTviW+dF7YrmrxytAILjsYXeIYlYz8k2DOviXy
pLRDVdujl5PcKgfU4fCHQB+VlukgloAtfyJjgv9W7e6gEwLvyKenkvIb7JMDQg9F
zUZRtMUEQ1eY9Om6KyKqg05NRK6zqoz8WfF1fy+CMHkqtQrDBX9jacnRaOz1JUzK
/xCjeA7U5AnNpEpQ2Aimit9CQ0PTH6i1frCCYyi0FFm4K3rVs6p4fD+PxS59couc
OPoqZtfvyG2OGvZ4/E7cBUpkzOwOneQoopL6iXIWo6odbZFO1tvrhOXYbF/OnBTK
Q2dyfd638DNvULaN2ZEORsePUGC7JDXchNrq7lx8UJEnLhyFU6v9XVIdAOOjwrVe
qsUKSwoy0+kj+DEKsf57qOCvGodeLtkuK3Xqez0ljgvRds6g+VJfNaiuDWoI68Hi
si051bTd0z1awEPSv4obKUG8PkeKhDeuw/z+bRK+YzV4z9K5RxOCIYFJXBvG3Xh7
FgyzRFPIClpbYN5Xnt60
=lZw4
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-19 Thread Andreas Krey 
On Fri, 19 Apr 2013 19:49:12 +, Martin Weinelt wrote:
...
> A missing Python.h is probably contained in your python2.6-dev
> package.

Ah, thanks. Now caching 'Python.h => python-dev' relation.

So, one more obfs3 bridge (apparently, no client at hand yet) up.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds 
Date: Fri, 22 Jan 2010 07:29:21 -0800
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-19 Thread Andreas Krey 
On Fri, 19 Apr 2013 20:07:43 +, Andreas Krey wrote:
...
> 
> So, one more obfs3 bridge (apparently, no client at hand yet) up.

And a long download later I learned that the obfsproxy bundle
doesn't work on this old XP (just the obfsproxy plugin, actually,
the browser itself does). :-( So, no function test, except for
the regular bridge.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds 
Date: Fri, 22 Jan 2010 07:29:21 -0800
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-19 Thread Lunar 
Andreas Krey:
> On Fri, 19 Apr 2013 13:50:48 +, Lunar wrote:
> > Drake Wilson:
> > >   - bypass declared installation requirements, use 2.6.6, and blindly
> > > hope that it won't result in some awful subtle bug;
> > 
> > obfsproxy works on Debian Squeeze which bears 2.6.6. I had to patch the
> 
> Mind to provide any more details? The 'pip install obfsproxy' runs into
> all sorts of errors (first missing C compiler, then missing Python.h)
> on my fresh debian box.

If you are on Squeeze, just use the packages available on
deb.torproject.org instead of `pip`.

The source is also on deb.torproject.org or available through Git:


-- 
Lunar 


signature.asc
Description: Digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-19 Thread Nikolaus Rath 
George Kadianakis  writes:
> Looking into BridgeDB, we have 200 obfs2 bridges, but only 40 obfs3
> bridges: this means that we need more people running the new Python
> obfsproxy! Upgrading obfsproxy should be easy now, since we prepared
> new instructions and Debian/Ubuntu packages. If you run Debian or
> Ubuntu check out these instructiosn:
> https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en
> otherwise use these:
> https://www.torproject.org/projects/obfsproxy-instructions.html.en
> (and make sure your pip is upgraded so that it uses HTTPS [4])

I read about this on Arstechnica and wanted to help out. I think I got a
bridge running. But how do I check? The logs just say:

Apr 19 19:03:26.000 [notice] Registered server transport 'obfs3' at 
'0.0.0.0:0'
Apr 19 19:03:26.000 [notice] Registered server transport 'obfs2' at 
'0.0.0.0:'
Apr 19 19:03:27.000 [notice] Guessed our IP address as  (source: 
93.114.43.156).
Apr 19 19:03:27.000 [notice] Tor has successfully opened a circuit. Looks like 
client functionality is working.
Apr 19 19:03:27.000 [notice] Bootstrapped 100%: Done.
Apr 19 19:03:27.000 [notice] Now checking whether ORPort :443 is 
reachable... (this may take up to 20 minutes -- look for log messages 
indicating success)
Apr 19 19:06:30.000 [notice] Self-testing indicates your ORPort is reachable 
from the outside. Excellent. Publishing server descriptor.
Apr 19 19:11:35.000 [notice] Performing bandwidth self-test...done.

...no self-test for obfs?

Best,

   -Nikolaus

-- 
 »Time flies like an arrow, fruit flies like a Banana.«

  PGP fingerprint: 5B93 61F8 4EA2 E279 ABF6  02CF A9AD B7F8 AE4E 425C

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-21 Thread Moritz Bartl 
On 19.04.2013 20:59, Andreas Krey wrote:
> And a long download later I learned that the obfsproxy bundle
> doesn't work on this old XP (just the obfsproxy plugin, actually,
> the browser itself does). 

Oh? How come? Can you please file a ticket about it and provide details?

-- 
Moritz Bartl
https://www.torservers.net/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-21 Thread Andreas Krey 
On Sun, 21 Apr 2013 10:23:06 +, Moritz Bartl wrote:
> On 19.04.2013 20:59, Andreas Krey wrote:
> > And a long download later I learned that the obfsproxy bundle
> > doesn't work on this old XP (just the obfsproxy plugin, actually,
> > the browser itself does). 
> 
> Oh? How come? Can you please file a ticket about it and provide details?

The log says (literally):

Apr 21 11:44:35.318 [Warning] Failed to create child process flashproxy-client: 
Diese Anwendung konnte nicht gestartet werden, weil die Anwenungskonfiguration 
nicht korrekt ist. Zur Problembehebung sollten Sie die Anwendung neu 
installieren.
Apr 21 11:44:35.318 [Warning] Managed proxy at 'flashproxy-client' failed at 
launch.
Apr 21 11:44:35.318 [Warning] Failed to create child process pyobfsproxy: Diese 
Anwendung konnte nicht gestartet werden, weil die Anwenungskonfiguration nicht 
korrekt ist. Zur Problembehebung sollten Sie die Anwendung neu installieren.
Apr 21 11:44:35.318 [Warning] Managed proxy at 'pyobfsproxy' failed at launch.

Depends.exe says it's a missing msvcr90.dll. Which is interesting as there
is a copy in the portable firefox, so the bundle doesn't expect it to be
present in the system. Also says 'Error: The Side-by-Side configuration
information for "c:\dokumente und einstellungen\ak\eigene dateien\tor
browser\app\PYOBFSPROXY.EXE" contains errors. '

When I copy the msvcr90.dll into the directory containing the pyobfsproxy
the missing dill is fixed, but depend.exe still complains about the borken
side-by-side configuration, and it still doesn't come up.

Packing for windows is hard. :-( I will file a bug if you don't deem
this to be a problem with XP being to ancient (service pack-wise).

Andreas

PS: The typo in the german error message ('Anwenungskonfiguration') is real.

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds 
Date: Fri, 22 Jan 2010 07:29:21 -0800
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-21 Thread Lutz Horn 
Hi,

Am 16.04.2013 um 18:52 schrieb George Kadianakis:
> Ubuntu check out these instructiosn:
> https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en

I am trying to install obfsproxy on Ubuntu lucid. Sadly, using these apt lines

> deb http://deb.torproject.org/torproject.org lucid main
> deb http://deb.torproject.org/torproject.org experimental-lucid main

seems not to be enough:

> $ apt-cache search obfsproxy

finds nothing. Any ideas?

Lutz
-- 
This email is signed with a CAcert certificate. https://www.cacert.org/
https://duckduckgo.com/ | http://donttrack.us/
http://dontbubble.us/   | http://fixtracking.com/



smime.p7s
Description: S/MIME cryptographic signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-21 Thread Roman Mamedov 
On Sun, 21 Apr 2013 14:46:28 +0200
Lutz Horn  wrote:

> Hi,
> 
> Am 16.04.2013 um 18:52 schrieb George Kadianakis:
> > Ubuntu check out these instructiosn:
> > https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en
> 
> I am trying to install obfsproxy on Ubuntu lucid. Sadly, using these apt lines
> 
> > deb http://deb.torproject.org/torproject.org lucid main
> > deb http://deb.torproject.org/torproject.org experimental-lucid main
> 
> seems not to be enough:
> 
> > $ apt-cache search obfsproxy
> 
> finds nothing. Any ideas?

Did you do "apt-get update" before trying 'search'?


-- 
With respect,
Roman


signature.asc
Description: PGP signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-21 Thread Lutz Horn 
Hi,

Am 21.04.2013 um 14:54 schrieb Roman Mamedov:

> Did you do "apt-get update" before trying 'search'?


This is what I do:

$ sudo grep tor /etc/apt/sources.list
deb http://deb.torproject.org/torproject.org lucid main
deb http://deb.torproject.org/torproject.org experimental-lucid main
$ sudo apt-get update
…
Hit http://deb.torproject.org lucid Release.gpg
Hit http://deb.torproject.org experimental-lucid Release.gpg
Hit http://deb.torproject.org lucid Release
Hit http://deb.torproject.org experimental-lucid Release
Ign http://deb.torproject.org lucid/main Packages
Ign http://deb.torproject.org experimental-lucid/main Packages
Ign http://deb.torproject.org lucid/main Packages
Ign http://deb.torproject.org experimental-lucid/main Packages
Hit http://deb.torproject.org lucid/main Packages
Hit http://deb.torproject.org experimental-lucid/main Packages
Reading package lists... Done
$ apt-cache search obfsproxy
$

No obfsprox :(

Lutz
-- 
This email is signed with a CAcert certificate. https://www.cacert.org/
https://duckduckgo.com/ | http://donttrack.us/
http://dontbubble.us/   | http://fixtracking.com/



smime.p7s
Description: S/MIME cryptographic signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-21 Thread Lunar 
Lutz Horn:
> Am 16.04.2013 um 18:52 schrieb George Kadianakis:
> > Ubuntu check out these instructiosn:
> > https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en
> 
> I am trying to install obfsproxy on Ubuntu lucid. Sadly, using these apt lines
> 
> > deb http://deb.torproject.org/torproject.org lucid main
> > deb http://deb.torproject.org/torproject.org experimental-lucid main
> 
> seems not to be enough:
> 
> > $ apt-cache search obfsproxy
> 
> finds nothing. Any ideas?

Ubuntu Lucid can't be supported through Debian packages.
See  for details.

-- 
Lunar 


signature.asc
Description: Digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-04-30 Thread Jack Zielke 
Lunar  writes:

> 
> Ubuntu Lucid can't be supported through Debian packages.
> See  for details.
> 

Ticket 8714 has been updated with directions for lucid users.


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-05-02 Thread B L 
Please
which linux is long term tor supported?
Thank You


On Tue, Apr 30, 2013 at 10:31 AM, Jack Zielke wrote:

> Lunar  writes:
>
> >
> > Ubuntu Lucid can't be supported through Debian packages.
> > See  for details.
> >
>
> Ticket 8714 has been updated with directions for lucid users.
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A call to arms for obfuscated bridges

2013-05-06 Thread Lunar 
B L:
> which linux is long term tor supported?

Several members of the Tor project are also Debian developers. Debian
Wheezy has been released last week-end and should be supported for the
next 2-3 years.

I hope that answers your question.

-- 
Lunar 


signature.asc
Description: Digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays